Dear nextcloud community,
luckily I’m not in above situation and of course I’ve a file-system backup of the nextcloud data directory.
But if e.g. all files get encrypted by ransomware, wouldn’t it be ideal to have a occ command to restore a previous version by user and/or by timeframe and/or version-count (last, second last, etc).
By that only encrypted(lost) files could be restored without affecting other users or downtime.
So far with occ I can only delete old versions (by user) but not restore old versions.
Also, 90% of our files are shared, so they are owned by one generic user and shared to multiple (real) users. So it would not be possible to single out the infected files by user on the file system.
Right now in case of above disaster, I think I would stop nextcloud, restore back to the data directory on the server, start nextcloud again and hope that the database is capable of picking up the restored files on the drive … (I have a 4hourly backup …)
Otherwise, is there (via webdav / api) a way to script something like this?