I was able to restore the passwords app backup using the following command:
aredman@cloud:[~]: sudo docker exec -u www-data -it nextcloud-aio-nextcloud php occ passwords:backup:restore 2025-05-13_12-44-54
This backup file will be used: 2025-05-13_12-44-54
The following will be restored:
The Nextcloud server secret
Server and user encryption keys
User passwords, folder, tags and shares
Application settings
User settings
Third party client settings
Restoring user data means that the current user data will be wiped. The backup “2025-05-13_12-44-54” will now be restored
Type “yes” to confirm this: yes
Restoring backup … done
Problem is now that I can’t log into the system, as I get the following error:
Internal Server Error
The server was unable to complete your request.
If this happens again, please send the technical details below to the server administrator.
This is really frustrating. I’ve had to rebuild the entire AIO installed because of a failed upgrade on the old AIO instance. So, I rebuild AIO on a new VM and have all the data in there with users, group folders, etc. … life is grand at this point. All is working apart from passwords app not having data.
Hence, I ‘restore’ from the ‘autoBackups’ and low and behold, secret and passwordsalt changes in the new instance and bingo, I’m now locked out.
The restore command literally told you so and asked you to confirm it. The backup contains the encrypted user data which means that the original server secret must be present to decrypt it. Also it only restores the server secret as the passwordsalt isn’t used by the app and not in the backup.
Thanks for the response. I think that it’s clear I didn’t understand what actually was happening with the restore. So, I have some decisions to make:
Is there a way to recover without rebuilding?
If there isn’t a way to recover without rebuilding AIO, how can I leverage the backup file from the autoBackup directory to restore the passwords? Is there a way or am I simply out of luck?
Restoring a backup on another server is seen as a server migration and handled by this guide. The recommended way is to first restore the passwords app before anything else.
Usually, replacing the secret has no huge impact on the rest of NC except maybe having to replace tokens and having to clear your cookies.
I’ll add a feature to the next update that will restore the secret from the backup in another config value. Then the app will check if that is there and use it instead of the server secret.
So you can restore your previous secret from the config.php or another backup and then restore the passwords app after an update to 2025.6.20.
Thanks again for the reply. The core issue I’m having is that the nextcloud-aio-nextcloud container continues to restart when the nextcloud-aio-database container is running:
Hence, I can’t actually follow the migration path considering a db action won’t work with calling an migrate or export action. I only presently have the autoBackups.