---
Tag: ["Admin", "Computer", "Privacy", "Cloud"]
Date: 2021-08-10
DocType: "Product"
Hierarchy: "NonRoot"
TimeStamp:
Product:
Type: "IT"
Link: "https://nextcloud.com"
Value: "Average"
---
Parent:: [[Storage and Syncing]], [[Server Cloud]]
---
^Top
```button
name Edit Product parameters
type command
action MetaEdit: Run MetaEdit
id EditMetaData
```
^button-NextcloudMDEdit
```button
name Save
type command
action Save current file
id Save
```
^button-NextCloudSave
# NextCloud
```ad-abstract
title: Summary
collapse: open
Overview of NextCloud, secure and private Cloud & devices-synchronisation service
```
```toc
style: number
```
---
### Characteristics
Criteria | Rating | Observation
---------|-------- | -----------
_**Security**_ | strong | App/Service-specific PWs, No known attack or vulnerability; long-standing service
_**Privacy**_ | strong | E2EE, 0-k
_**Service Integration**_ | strong | WebDAV + native Apps
_**User Exp**_ | average | Easy-to-use service but syncing can be buggy
_**Pricing**_ | average | Within market rate
---
### Structure and usage
NextCloud is a Cloud Management solution with integrated Apps that aims at managing and syncing a vast array of data between connected devices. This section gives an overview of the structure of the service.
#### Host
NextCloud needs to be hosted on a server with two options available:
1. Rent space with a service provider
2. [[Selfhosting|Self-host]] (Server, Raspberry Pi, NAS)
I selected to [[Selfhosting|self-host]] . All parameters can be found below including the VPN provider and server parametrisation.
#### Services
NextCloud offers various services in what they called Apps, similar to Phone Apps:
1. Mail
2. Calendar
3. Contact Management
4. Photo
5. Music
6. Notes
7. Password Management
As well as a wide array of other apps available [here](https://apps.nextcloud.com/)
In addition, NextCloud support End-2-End Encryption.
---
### Setup
As of today, the services I have set up are described below.
#### Contacts (CardDAV)
_App-specific password (per device)_
Activated
_CardDAV Account_:
`server.address/remote.php/dav/principals/users/USERNAME/`
#### Pictures
From within the NextCloud iOS App: 'auto-upload Pictures from Camera Roll'.
#### Music (WebDAV)
_App-specific password (per device)_:
Activated
_WebDAV Account_:
`https://server.address/remote.php/dav/files/username/`
---
### Selfhosting guide
```ad-info
title: Installation
[Tutorial](https://www.techrepublic.com/article/how-to-install-nextcloud-22-on-ubuntu-server-20-04/)
[Tutorial2](https://nextcloud.com/athome/)
[Tutorial3](https://blog.ssdnodes.com/blog/installing-nextcloud-docker/)
```
#### Installed dependencies
[[#^Top|TOP]]
##### Apache2
Webserver for [[Nextcloud]].
Apache2 has notorious issues with over-clogging memory usage (topping 100% of memory usage).
In order to minimise memory usage, [[#APCu]] has been installed as a cache manager. In addition, Appache has been paired with:
- **[php-fpm](https://www.php.net/manual/en/install.fpm.php)** for php7.4, enabling faster interaction between apache and backend.
- the '**event**' multi-processing module ([MPM](https://tecadmin.net/apache-mpm-prefork-and-worker-and-event/)) enabling decluttering of processing between ports & Apache
All relevant dependencies have been installed and the set-up tested.
A comprehensive tutorial on the MPM switch can be found [here](https://www.digitalocean.com/community/tutorials/how-to-configure-apache-http-with-mpm-event-and-php-fpm-on-ubuntu-18-04) or [here](https://askubuntu.com/questions/1319861/how-to-configure-apache-http-to-php-fpm-on-ubuntu-20-10).
**php.ini** files can be found at:
```ad-path
/etc/php/7.4/fpm/php.ini
/etc/php/7.4/apache2/php.ini
/etc/php/7.4/cli/php.ini
```
##### Certbot
[[#^Top|TOP]]
Provides SSL certification from **Let's Encrypt**. Installation dependencies are different from Nginx and explained [here](https://linuxhint.com/secure-apache-lets-encrypt-ubuntu/)
##### MySQL
Nothing particular to note on MySQL apart from initial set-up and user management.
Configuration file is under:
```ad-path
/etc/mysql/mysql.conf.d/mysqld.cnf
```
```ad-code
title: Optimise memory usage of mysql
~~~yaml
[mysqld]
% Disable performance schema to hugely reduce RAM usage
performance_schema = OFF
~~~
```
In order to restart mysql, the command is:
```ad-command
~~~bash
sudo service mysql restart
~~~
```
##### APCu
[[#^Top|TOP]]
Memory caching addon for Nextcloud. Memory caching management is provided by Nextcloud and needs to be set up as a system cron job. After installing APCu, the webserver needs to be **restarted** and the cron job defined:
1. **Define the cronjob**
```ad-command
~~~bash
sudo crontab -u www-data -e
~~~
```
2. **Add cronjob**
```ad-code
~~~bash
*/5 * * * * php -f /var/www/html/nextcloud/cron.php --define apc.enable_cli=1
~~~
```
3. **Verify that the cron job is added**
```ad-command
~~~bash
sudo crontab -u www-data -l
~~~
```
##### SVG support
[[#^Top|TOP]]
SVG support is installed in the form of a package.
```ad-command
~~~bash
sudo apt-get update -y
sudo apt-get install -y libmagickcore-6.q16-6-extra
~~~
```
---
#### Service management
[[#^Top|TOP]]
Nextcloud offers two alternatives for managing the service:
1. An admin webpanel
2. A command line tool
##### Admin webpanel
Accessed through login into the service with admin credentials. Settings offer an admin section.
##### Nextcloud command line tool
[[#^Top|TOP]]
From the server's command line, Nextcloud offers the ability to perform some tasks like user management.
###### Introduction to the command
[[Nextcloud]] offers a command-line tool which permission needs to be set to "executable". It is located here:
```ad-path
/var/www/html/nextcloud/occ
```
The tool needs to be invoked by the "www-data" user and compiled with PHP:
```ad-command
~~~bash
sudo -u www-data php /var/www/html/nextcloud/occ
~~~
```
###### Generic commands
[[Nextcloud]] offers a simple description of all commands [here](https://docs.nextcloud.com/server/22/admin_manual/configuration_server/occ_command.html)
---
#### Nextcloud server hardening
[[#^Top|TOP]]
```ad-bug
title: Nextcloud tutorial
[Here](https://docs.nextcloud.com/server/latest/admin_manual/installation/harden_server.html)
```
---
#### Data transfer
[[#^Top|TOP]]
After each data transfer, run the following command to refresh [[Nextcloud]]'s webapp:
```ad-command
~~~bash
sudo -u www-data php /var/www/html/nextcloud/occ files:scan --all
~~~
```
More info can be found [here](https://docs.nextcloud.com/server/22/admin_manual/configuration_server/occ_command.html)
##### Upload from local
```ad-bug
[Curl](https://cylab.be/blog/33/how-to-upload-your-files-to-nextcloud-file-drop-using-curl)
[Nextcloud help](https://help.nextcloud.com/t/how-to-upload-and-share-file-automatically/19202)
```
##### Directories
[[#^Top|TOP]]
1. **Local file structure**
```ad-path
/var/www/html/nextcloud/data/USERNAME/files
```
2. **Webdav file structure**
```ad-path
/remote.php/dav/files/USERNAME
```
---
### Pricing
[NextCloud/tab.digital pricing page](https://cloud.tab.digital/pricing)
Storage space | price p.m.
:---------------:|:----------------:
_**8G**_ | Free
_**32G**_ | €1.95
_**128G**_ | €4.95
---
### Further steps
- [x] [[Selfhosting|Self-host]] server instance
- [x] Explore native NextCloud Apps
- [x] [[Nextcloud]]: Transfer NetNewsWire to NC ✅ 2021-09-15