Restore passwords app backup

Following the guidance here (at least I’m trying to) - Backups · Wiki · nextcloud / passwords · GitLab

I’m struggling with getting a backup of the passwords app back into the system.

aredman@cloud:[~]: ls -la /mnt/data/appdata_ocehzt5f8kqb/passwords/autoBackups/ total 8672
drwxrwxrwx 2 www-data www-data 4096 May 15 22:16 .
drwxrwxrwx 8 www-data www-data 4096 May 15 13:43 ..
-rwxrwxrwx 1 www-data www-data 286506 Apr 18 18:07 2025-04-18_18-07-31.json.gz
-rwxrwxrwx 1 www-data www-data 289997 Apr 19 18:12 2025-04-19_18-12-27.json.gz
-rwxrwxrwx 1 www-data www-data 293480 Apr 20 18:12 2025-04-20_18-12-28.json.gz
-rwxrwxrwx 1 www-data www-data 293480 Apr 21 18:12 2025-04-21_18-12-33.json.gz
-rwxrwxrwx 1 www-data www-data 293480 Apr 22 18:17 2025-04-22_18-17-29.json.gz
-rwxrwxrwx 1 www-data www-data 293480 Apr 23 18:17 2025-04-23_18-17-35.json.gz
-rwxrwxrwx 1 www-data www-data 300631 Apr 24 16:18 2025-04-24_16-18-31.json.gz
-rwxrwxrwx 1 www-data www-data 300823 Apr 25 16:22 2025-04-25_16-22-32.json.gz
-rwxrwxrwx 1 www-data www-data 302544 Apr 26 16:27 2025-04-26_16-27-28.json.gz
-rwxrwxrwx 1 www-data www-data 302544 Apr 27 16:27 2025-04-27_16-27-33.json.gz
-rwxrwxrwx 1 www-data www-data 302544 Apr 28 16:32 2025-04-28_16-32-29.json.gz
-rwxrwxrwx 1 www-data www-data 337154 Apr 29 16:32 2025-04-29_16-32-34.json.gz
-rwxrwxrwx 1 www-data www-data 337154 Apr 30 16:32 2025-04-30_16-32-35.json.gz
-rwxrwxrwx 1 www-data www-data 337154 May 1 16:37 2025-05-01_16-37-31.json.gz
-rwxrwxrwx 1 www-data www-data 342528 May 2 16:39 2025-05-02_16-39-40.json.gz
-rwxrwxrwx 1 www-data www-data 355727 May 3 16:39 2025-05-03_16-39-45.json.gz
-rwxrwxrwx 1 www-data www-data 355727 May 4 16:39 2025-05-04_16-39-46.json.gz
-rwxrwxrwx 1 www-data www-data 355727 May 5 16:44 2025-05-05_16-44-42.json.gz
-rwxrwxrwx 1 www-data www-data 361390 May 6 16:44 2025-05-06_16-44-48.json.gz
-rwxrwxrwx 1 www-data www-data 361390 May 7 16:44 2025-05-07_16-44-51.json.gz
-rwxrwxrwx 1 www-data www-data 361390 May 8 16:49 2025-05-08_16-49-51.json.gz
-rwxrwxrwx 1 www-data www-data 366318 May 9 16:49 2025-05-09_16-49-52.json.gz
-rwxrwxrwx 1 www-data www-data 650304 May 10 16:49 2025-05-10_16-49-53.json
-rwxrwxrwx 1 www-data www-data 366318 May 11 16:54 2025-05-11_16-54-53.json.gz
-rwxrwxrwx 1 www-data www-data 203826 May 12 12:39 2025-05-12_12-39-54.json.gz
-rwxrwxrwx 1 www-data www-data 366288 May 13 12:44 2025-05-13_12-44-54.json.gz
-rwxrwxrwx 1 www-data www-data 1152 May 14 22:15 2025-05-14_22-15-31.json.gz
-rwxrwxrwx 1 www-data www-data 1152 May 15 22:16 2025-05-15_22-16-24.json.gz

Trying this command:
aredman@cloud:[~]: sudo docker exec -u www-data -it nextcloud-aio-nextcloud php occ passwords:backup:restore 2025-05-13_12-44-54.json.gz

In BackupRestoreCommand.php line 101:

Could not find backup ‘2025-05-13_12-44-54.json.gz’

Trying this command:
aredman@cloud:[~]: sudo docker exec -u www-data -it nextcloud-aio-nextcloud php occ passwords:backup:restore – /mnt/data/appdata_ocehzt5f8kqb/passwords/autoBackups/2025-05-10_16-49-53.json

In BackupRestoreCommand.php line 101:

Could not find backup ‘/mnt/data/appdata_ocehzt5f8kqb/passwords/autoBackups/2025-05-10_16-49-53.json’

Sorry … I’m confused. If I use .json or .json.gz of the file name, the command still doesn’t find the backup, but it’s there.

Thoughts?

Thanks so much,

Andy

I was able to restore the passwords app backup using the following command:

aredman@cloud:[~]: sudo docker exec -u www-data -it nextcloud-aio-nextcloud php occ passwords:backup:restore 2025-05-13_12-44-54
This backup file will be used: 2025-05-13_12-44-54

The following will be restored:

  • The Nextcloud server secret
  • Server and user encryption keys
  • User passwords, folder, tags and shares
  • Application settings
  • User settings
  • Third party client settings

Restoring user data means that the current user data will be wiped.
:red_exclamation_mark::red_exclamation_mark::red_exclamation_mark: The backup “2025-05-13_12-44-54” will now be restored :red_exclamation_mark::red_exclamation_mark::red_exclamation_mark:
Type “yes” to confirm this: yes

Restoring backup … done

Problem is now that I can’t log into the system, as I get the following error:

Internal Server Error

The server was unable to complete your request.

If this happens again, please send the technical details below to the server administrator.

More details can be found in the server log.

For more details see the documentation :up_right_arrow:.

Technical details

  • Remote Address: 192.168.2.126
  • Request ID: b6SPlIyCIbERRxbUX1Wp

I’m assuming this has to do with the secret and passwordsalt.

Thoughts, please.

Thanks,

Andy

This is really frustrating. I’ve had to rebuild the entire AIO installed because of a failed upgrade on the old AIO instance. So, I rebuild AIO on a new VM and have all the data in there with users, group folders, etc. … life is grand at this point. All is working apart from passwords app not having data.

Hence, I ‘restore’ from the ‘autoBackups’ and low and behold, secret and passwordsalt changes in the new instance and bingo, I’m now locked out.

The restore command literally told you so and asked you to confirm it. The backup contains the encrypted user data which means that the original server secret must be present to decrypt it. Also it only restores the server secret as the passwordsalt isn’t used by the app and not in the backup.

Thanks for the response. I think that it’s clear I didn’t understand what actually was happening with the restore. So, I have some decisions to make:

  1. Is there a way to recover without rebuilding?
  2. If there isn’t a way to recover without rebuilding AIO, how can I leverage the backup file from the autoBackup directory to restore the passwords? Is there a way or am I simply out of luck?

Thanks much.

Restoring a backup on another server is seen as a server migration and handled by this guide. The recommended way is to first restore the passwords app before anything else.

Usually, replacing the secret has no huge impact on the rest of NC except maybe having to replace tokens and having to clear your cookies.

I’ll add a feature to the next update that will restore the secret from the backup in another config value. Then the app will check if that is there and use it instead of the server secret.

So you can restore your previous secret from the config.php or another backup and then restore the passwords app after an update to 2025.6.20.

Thanks again for the reply. The core issue I’m having is that the nextcloud-aio-nextcloud container continues to restart when the nextcloud-aio-database container is running:

Package aio-nextcloud · GitHub “/start.sh /usr/bin/…” 4 days ago Restarting (1) 1 second ago

Hence, I can’t actually follow the migration path considering a db action won’t work with calling an migrate or export action. I only presently have the autoBackups.

OK I have resolved the issue.

  1. I created a new fqdn and associated test AIO deployment behind the reverse proxy. By the way, I’m using this proxy - https://kemptechnologies.com/
  2. Only admin user existing with new AIO.
  3. Harvested the autoBackup from old NAS folders and imported into the test AIO instance.
  4. Created users.
  5. Exported passwords via db format from test AIO.
  6. Imported passwords per user created to production AIO.
  7. Bingo. It works now.

Thanks much for the assistance,

Andy

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.