8.0 KiB
Tag | Date | DocType | Hierarchy | TimeStamp | Product | CollapseMetaTable | banner | banner_icon | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
2021-08-10 | Product | NonRoot |
|
yes | ! | ☁️ |
Parent:: Storage and Syncing, Server Cloud
^Top
name Edit Product parameters
type command
action MetaEdit: Run MetaEdit
id EditMetaData
^button-NextcloudMDEdit
name Save
type command
action Save current file
id Save
^button-NextCloudSave
NextCloud
title: Summary
collapse: open
Overview of NextCloud, secure and private Cloud & devices-synchronisation service
style: number
Characteristics
Criteria | Rating | Observation |
---|---|---|
Security | strong | App/Service-specific PWs, No known attack or vulnerability; long-standing service |
Privacy | strong | E2EE, 0-k |
Service Integration | strong | WebDAV + native Apps |
User Exp | average | Easy-to-use service but syncing can be buggy |
Pricing | average | Within market rate |
Structure and usage
NextCloud is a Cloud Management solution with integrated Apps that aims at managing and syncing a vast array of data between connected devices. This section gives an overview of the structure of the service.
Host
NextCloud needs to be hosted on a server with two options available:
- Rent space with a service provider
- Selfhosting (Server, Raspberry Pi, NAS)
I selected to Selfhosting . All parameters can be found below including the VPN provider and server parametrisation.
Services
NextCloud offers various services in what they called Apps, similar to Phone Apps:
- Calendar
- Contact Management
- Photo
- Music
- Notes
- Password Management
As well as a wide array of other apps available here
In addition, NextCloud support End-2-End Encryption.
Setup
As of today, the services I have set up are described below.
Contacts (CardDAV)
App-specific password (per device)
Activated
CardDAV Account:
server.address/remote.php/dav/principals/users/USERNAME/
Pictures
From within the NextCloud iOS App: 'auto-upload Pictures from Camera Roll'.
Music (WebDAV)
App-specific password (per device): Activated
WebDAV Account:
https://server.address/remote.php/dav/files/username/
Selfhosting guide
title: Installation
[Tutorial](https://www.techrepublic.com/article/how-to-install-nextcloud-22-on-ubuntu-server-20-04/)
[Tutorial2](https://nextcloud.com/athome/)
[Tutorial3](https://blog.ssdnodes.com/blog/installing-nextcloud-docker/)
Installed dependencies
Apache2
Webserver for Nextcloud. Apache2 has notorious issues with over-clogging memory usage (topping 100% of memory usage). In order to minimise memory usage, #APCu has been installed as a cache manager. In addition, Appache has been paired with:
- php-fpm for php7.4, enabling faster interaction between apache and backend.
- the 'event' multi-processing module (MPM) enabling decluttering of processing between ports & Apache
All relevant dependencies have been installed and the set-up tested. A comprehensive tutorial on the MPM switch can be found here or here.
php.ini files can be found at:
/etc/php/7.4/fpm/php.ini
/etc/php/7.4/apache2/php.ini
/etc/php/7.4/cli/php.ini
Certbot
#^Top Provides SSL certification from Let's Encrypt. Installation dependencies are different from Nginx and explained here
MySQL
Nothing particular to note on MySQL apart from initial set-up and user management.
Configuration file is under:
/etc/mysql/mysql.conf.d/mysqld.cnf
title: Optimise memory usage of mysql
~~~yaml
[mysqld]
% Disable performance schema to hugely reduce RAM usage
performance_schema = OFF
~~~
In order to restart mysql, the command is:
~~~bash
sudo service mysql restart
~~~
APCu
#^Top Memory caching addon for Nextcloud. Memory caching management is provided by Nextcloud and needs to be set up as a system cron job. After installing APCu, the webserver needs to be restarted and the cron job defined:
- Define the cronjob
~~~bash
sudo crontab -u www-data -e
~~~
- Add cronjob
~~~bash
*/5 * * * * php -f /var/www/html/nextcloud/cron.php --define apc.enable_cli=1
~~~
- Verify that the cron job is added
~~~bash
sudo crontab -u www-data -l
~~~
SVG support
#^Top SVG support is installed in the form of a package.
~~~bash
sudo apt-get update -y
sudo apt-get install -y libmagickcore-6.q16-6-extra
~~~
Service management
#^Top Nextcloud offers two alternatives for managing the service:
- An admin webpanel
- A command line tool
Admin webpanel
Accessed through login into the service with admin credentials. Settings offer an admin section.
Nextcloud command line tool
#^Top From the server's command line, Nextcloud offers the ability to perform some tasks like user management.
Introduction to the command
Nextcloud offers a command-line tool which permission needs to be set to "executable". It is located here:
/var/www/html/nextcloud/occ
The tool needs to be invoked by the "www-data" user and compiled with PHP:
~~~bash
sudo -u www-data php /var/www/html/nextcloud/occ
~~~
Generic commands
Nextcloud offers a simple description of all commands here
Nextcloud server hardening
title: Nextcloud tutorial
[Here](https://docs.nextcloud.com/server/latest/admin_manual/installation/harden_server.html)
Data transfer
#^Top After each data transfer, run the following command to refresh Nextcloud's webapp:
~~~bash
sudo -u www-data php /var/www/html/nextcloud/occ files:scan --all
~~~
More info can be found here
Upload from local
[Curl](https://cylab.be/blog/33/how-to-upload-your-files-to-nextcloud-file-drop-using-curl)
[Nextcloud help](https://help.nextcloud.com/t/how-to-upload-and-share-file-automatically/19202)
Directories
- Local file structure
/var/www/html/nextcloud/data/USERNAME/files
- Webdav file structure
/remote.php/dav/files/USERNAME
Pricing
NextCloud/tab.digital pricing page
Storage space | price p.m. |
---|---|
8G | Free |
32G | €1.95 |
128G | €4.95 |
Further steps
- Selfhosting server instance
- Explore native NextCloud Apps
- Nextcloud: Transfer NetNewsWire to NC ✅ 2021-09-15