Skip to content

docs: document NEXTCLOUD_CONFIG_DIR environment variable #14940

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
skjnldsv merged 1 commit into from
May 20, 2026
+58 −0
Merged

docs: document NEXTCLOUD_CONFIG_DIR environment variable #14940

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 24 additions & 0 deletions admin_manual/configuration_server/config_sample_php_parameters.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,30 @@ whatever parameters you specify in it will be merged with your ``config/config.p
named ``(ANYTHING).config.php``, it will be loaded as part of your live configuration and override
your ``config/config.php`` values!

Environment Variables
---------------------

The ``NEXTCLOUD_CONFIG_DIR`` environment variable overrides the default config directory path.
When set, Nextcloud loads ``config.php`` (and any ``*.config.php`` files) from that path instead
of the ``config/`` directory inside the webroot.

.. code-block:: bash

NEXTCLOUD_CONFIG_DIR=/etc/nextcloud php /var/www/nextcloud/cron.php

This is useful for:

- Moving ``config.php`` outside the webroot as a hardening measure — credentials are not
accessible via HTTP even if directory listing is enabled or misconfigured.
- Running multiple Nextcloud instances that share a single codebase but require separate
config directories.

.. note:: ``NEXTCLOUD_CONFIG_DIR`` must be set for **both** the web server process and any CLI
invocations (``occ``, cron jobs). Set it in your web server virtual host configuration and
in the shell environment used for CLI work.

.. seealso:: :ref:`harden_config_dir` in the hardening guide for a deployment recommendation.

Examples
--------

Expand Down
34 changes: 34 additions & 0 deletions admin_manual/installation/harden_server.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,40 @@ installation.
.. You may also move your data directory on an existing
.. installation; see :doc:``

.. _harden_config_dir:

Place config directory outside of the web root
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

You can move the ``config/`` directory outside the web root using the ``NEXTCLOUD_CONFIG_DIR``
environment variable. This ensures ``config.php`` — which contains database credentials,
secret keys, and other sensitive values — is not accessible via HTTP even in the event of a
web server misconfiguration.

Set the variable in your web server virtual host configuration:

.. code-block:: apache

# Apache
SetEnv NEXTCLOUD_CONFIG_DIR /etc/nextcloud

.. code-block:: nginx

# nginx — set via fastcgi_param or the PHP-FPM pool's env[] setting
fastcgi_param NEXTCLOUD_CONFIG_DIR /etc/nextcloud;

Also set it for CLI work (``occ``, cron):

.. code-block:: bash

export NEXTCLOUD_CONFIG_DIR=/etc/nextcloud

.. note:: The variable must be set for **both** the web server process and CLI invocations.
Verify with ``occ config:list system`` after changing it.

.. seealso:: :doc:`../configuration_server/config_sample_php_parameters` for full details on
``NEXTCLOUD_CONFIG_DIR`` and other configuration loading behaviour.

Disable preview image generation
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Expand Down
Loading