Issue with mein External storage, no file access

Pro_Laxo · August 27, 2025, 9:57am

I’m running Nextcloud AIO on my home server and I want to manage external storage in a way that each user only sees their own assigned folder. The goal is that users can upload and delete files as if it was their own space, not something “shared” by another user.

To achieve this, I mounted external SSDs on the server and configured them as external storage in Nextcloud. Each user has their own folder (e.g. /mnt/ssd1/username) which is added as an external storage entry and assigned only to that specific account.

In general this works — users can see their assigned folders. However, I’m facing two problems:

Folder permissions & access control

Even though I assign a folder as external storage to a single account, the permissions don’t always behave as expected.
I want each account to be able to read, upload, and delete in their assigned folder — but not access other users’ folders.

Deletion problems on Android clients

On Android (Nextcloud app), when I try to delete files inside these external storage folders, I often get an error saying the file is “in use by another user” or similar.
This happens even though the external storage is writable, shows green in the admin settings, and the filesystem permissions on the server are set correctly (www-data has ownership and write access).

chrissi55 · August 27, 2025, 12:21pm

Which of the several mechanism for external storage do you use?
SMB/CIF or Local or … ?

How did you offer the local ssds (shares) to the AIO docker container? by volumes in your compose yaml?

I am not using docker in my nextcloud config, so i am on a bare metal install.
Never the less i had a similar experience with “external storage” using “local mechanism”.

What i did, was to keep in mind the full path of each nextcloud folder that should later contain userdata.
In Nextcloud user files are located in the path ../data/$username/files///…
So if that is clear it was possible to mount a dedicated local storage via fstab (in linux) to a user destination. Owned by www-data:www-data (if that is your user who is the “king” of the webserver!)
So my local storage was mounted by linux fstab directly to the destinated nextcloud userfiles in “their target folder”.
That is working very well for years now and no “external storage” configuration was nescessary in nextcloud.
If this could fit your needs you may have a try with that.
For your special docker AIO NC installation you may have a look to the manuals how to point a local folder to a docker container by volumes via docker compose file.

Hope it is a way to solve your probs.
Cheers

Pro_Laxo · August 27, 2025, 12:35pm

I use SFTP. My Server ist on Ubuntu. I dont know really how i can change to local mechanism. Because it isnt listed.

chrissi55 · August 27, 2025, 12:46pm

with my method you don’t need any of the nextcloud methods to offer external storage.
I just need to mount a local storage (ssd1, ssd2, …) to destinated nextcloud user folders.

For the user it is no difference if it is a part of the “../data/$username/files/…” directory or if it is a “real” hardware mounted to a folder.

e.g.

local ssd is mounted in fstab like
UUID=xxxxxxxxxx /mnt/MYSSD (ext4,ntfs,…) defaults 0 0

alternative you can mount the ssd to nextcloud (in my case installed under ubuntu)
UUID=xxxxxxxxxx /mnt/data/MY-USER-A/files/MY-SSD-DESTINATION-FOLDER …

After reboot the whole ssd space is reachable by the designated user in his/her folder
files/MY-SSD-DESTINATION-FOLDER

Access rights (www-data:www-data)

For docker AIO NC you need a further step i think - you will have to path the local ssd space as “volume” to your nextcloud data → username → files folder by e.g. a compose file entry.

Pro_Laxo · August 27, 2025, 1:01pm

Kannst du mir das vielleicht auf deutsch erklären? Bin ein Neuling😅

chrissi55 · August 27, 2025, 1:23pm

have a look at this

How to allow the Nextcloud container to access directories on the host?

By default, the Nextcloud container is confined and cannot access directories on the host OS. You might want to change this when you are planning to use local external storage in Nextcloud to store some files outside the data directory and can do so by adding the environmental variable NEXTCLOUD_MOUNT to the docker run command of the mastercontainer (but before the last line ghcr.io/nextcloud-releases/all-in-one:latest! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). Allowed values for that variable are strings that start with / and are not equal to /.

Two examples for Linux are --env NEXTCLOUD_MOUNT="/mnt/" and --env NEXTCLOUD_MOUNT="/media/".

On macOS it might be --env NEXTCLOUD_MOUNT="/Volumes/your_drive/"

For Synology it may be --env NEXTCLOUD_MOUNT="/volume1/".

On Windows it might be --env NEXTCLOUD_MOUNT="/run/desktop/mnt/host/d/your-folder/". (This path is equivalent to D:\your-folder on your Windows host so you need to translate the path accordingly. Hint: the path that you enter needs to start with /run/desktop/mnt/host/. Append to that the exact location on your windows host, e.g. d/your-folder/ which is equivalent to D:\your-folder.) Please note: This does not work with external drives like USB or network drives and only with internal drives like SATA or NVME drives.

…
“local shares” are available for admins only!

The mountpoint is a environment variable in compose.yaml

github.com/nextcloud/all-in-one

compose.yaml

main

services:
  nextcloud-aio-mastercontainer:
    image: ghcr.io/nextcloud-releases/all-in-one:latest
    init: true
    restart: always
    container_name: nextcloud-aio-mastercontainer # This line is not allowed to be changed as otherwise AIO will not work correctly
    volumes:
      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config # This line is not allowed to be changed as otherwise the built-in backup solution will not work
      - /var/run/docker.sock:/var/run/docker.sock:ro # May be changed on macOS, Windows or docker rootless. See the applicable documentation. If adjusting, don't forget to also set 'WATCHTOWER_DOCKER_SOCKET_PATH'!
    network_mode: bridge # add to the same network as docker run would do
    ports:
      - 80:80 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
      - 8080:8080
      - 8443:8443 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
    # environment: # Is needed when using any of the options below
      # AIO_DISABLE_BACKUP_SECTION: false # Setting this to true allows to hide the backup section in the AIO interface. See https://github.com/nextcloud/all-in-one#how-to-disable-the-backup-section
      # APACHE_PORT: 11000 # Is needed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
      # APACHE_IP_BINDING: 127.0.0.1 # Should be set when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) that is running on the same host. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
      # APACHE_ADDITIONAL_NETWORK: frontend_net # (Optional) Connect the apache container to an additional docker network. Needed when behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) running in a different docker network on same server. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
      # BORG_RETENTION_POLICY: --keep-within=7d --keep-weekly=4 --keep-monthly=6 # Allows to adjust borgs retention policy. See https://github.com/nextcloud/all-in-one#how-to-adjust-borgs-retention-policy

Diese Datei wurde abgeschnitten. Original zeigen

Beispiel:
Die SSD ist unter Linux, wo auch docker läuft und die AIO installiert ist, ist gemounted als
fstab Eintrag (Zeile in /etc/fstab)
UUID=xxxxxxxxxxxxx /mnt/SSD ext4 defaults 0 0

Für die AIO wird lt. Anleitung eine compose.yaml Datei vorgefertigt mitgeliefert.
In dieser compose.yaml sind auch Umgebungsvriablen. (–env NEXTCLOUD …)
Eine Variable heißt
NEXTCLOUD_MOUNT: /mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host

hier müsste dann die Zeile frei geschaltet werden (# Symbol vor NEXTCLOUD und vor environment entfernen)
Jetzt muss der Eintrag angepasst werden - für unser Beispiel auf
environment: # Is needed when using any of the options below NEXTCLOUD_MOUNT: /mnt/SSD

(ganz ohne die App external storage geht es dann leider doch nicht)

Nachdem die Nutzerrechte und Dateirechte für den “external storage” angepasst wurden!!
Folgt dann die Einbindung als “lokaler Speicher” in der App external storage.
Dies kann nur ein Nextcloud Administrator! Kein normaler Benutzer!
Der Admin legt dann auch je Ordner fest, Wer, Wann, Worauf zugreifen darf oder soll.

system · November 25, 2025, 1:23pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.