Linux experts Seravo background Linux Debian SUSE
Linux-natives blog: Linux and open source – technology and strategy

Hosting my own cloud platform with Nextcloud

Nextcloud is a quality opensource alternative for commercial and “free” file-sharing and cloud platforms. It is originally based on ownCloud (initially released in 2010) and was forked to Nextcloud by the original developer Frank Karlitschek. The software is developed with security in mind, and the basic idea is to keep all the data under the users’ own control. Nextcloud is developed and managed by Nextcloud GmbH and the opensource community. The company also offers Software as a Service hosting for commercial customers.

My use cases

I personally prefer local storages and servers over commercial or “free” systems like Google Photos, Dropbox etc. Previously, I had multiple PHP galleries and simple web directories (with digest password authentication), but they are complex to maintain in the long run, and complex to use if users need to handle a ton of user accounts. Especially when used with smart devices, the user needs to have a specific URL and copy / paste the credentials (or use weak passwords, which are easy to remember and type).

I use Nextcloud primarily to share photos and other files with my family and relatives.

Features

Nextcloud can be built to be a fully collaborative software for enterprises, but basically it offers a number of useful features, including:

  • File server / sharing
  • Web UI features, like:
    • File manager
    • Internal document viewer
    • Internal text editor
    • Photo gallery
  • WebDAV (which integrates with file managers in Linux, Windows and OS X)
  • Calendar with CalDAV (which integrates with e.g. Mozilla Thunderbird)
  • Contacts with CardDAV
  • Small utilities, like:
    • Weather forecast
    • Maps viewer
    • RSS feed reader
  • Hundreds of extensions

Built-in security

Nextcloud has built-in security features that can be enabled after installation.

  • Two-Factor Authentication
  • Server side file encryption
  • Password policies to enforce use of strong passwords
  • IP whitelists for restricting access only from certain networks or IP addresses

My server environment

I have a small and low-cost VPS instance for Nextcloud with LAMP installed. I use Debian 10 (stable version while writing this), Apache web server, MariaDB database and PHP 7.3. SSL is enabled using free Let’s Encrypt certificate, installed with CertBot software, which is provided with the Debian package.

The installation procedure was easy and straightforward.

  1. Register domain (if not already done) and create an appropriate DNS configuration. In my case, I used a subdomain for Nextcloud.
  2. Create and enable VirtualHost in the webserver configuration.
  3. Install Let’s Encrypt certificate for the domain. In most cases, CertBot can do this automatically for previously created VirtualHost by just executing: sudo certbot --apache -d nextcloud.example.com
  4. Download and extract the latest version of NextCloud:
    1. /var/www$ wget https://download.nextcloud.com/server/releases/nextcloud-20.0.1.tar.bz2
    2. /var/www$ tar xf nextcloud-20.0.1.tar.bz2
    3. /var/www$ chown -R www-data:www-data nextcloud/
  5. Create MySQL / MariaDB database and appropriate user (remember to create it with GRANT options, otherwise the install will fail, throwing up an error message for incorrect database credentials).
  6. Finish installation in web browser
Dashboard view after installation

Connecting to fileshares

File shares can be used with web browsers, but also with mobile apps and DAV integrations. When using WebDAV, no DAV modules are needed as Nextcloud has integrated SabreDAV software.

The file manager in a browser is very familiar and easy to use:

All files view
Directory listing
File manager in Android

File sharing in Android works like within every Android app these days: Just tap ‘Share’ and choose Nextcloud and the folder into which you want to upload the file.

WebDAV works out-of-the-box within Linux file managers, like Dolphin (default in KDE desktop), Caja (MATE desktop) and Nautilus (Gnome). WebDAV works also without external software or plug-ins in Windows and OS X.

Dolphin file manager with WebDAV URL opened

Of course, the more native way in Linux is to mount DAV share to the filesystem mount point. This can be done with davfs2 file system driver, which is easy to install from Debian / Ubuntu repositories.

  1. Install the driver first from the repository and add your user into davfs2 group:
    1. sudo apt install davfs2
    2. usermod -aG davfs2 simo
  2. Create mount point, eg. /mnt/webdav
  3. Create a secrets file using package template:
    1. mkdir ~/.davfs2
    2. sudo cp /etc/davfs2/secrets ~/.davfs2/secrets
    3. sudo chown simo:simo ~/.davfs2/secrets
  4. Ensure that the secret file has the correct 600 (rw——-) permissions
  5. Add your credentials to the secret file: https://[SERVER]/share.php/remote.php/dav/files/[USER] [USER] [PASS]
  6. Add the mount information to /etc/fstab: https://[SERVER]/remote.php/dav/files/[USER]/ [MOUNT POINT] davfs user,rw,noauto 0 0
  7. Mount the share: mount /mnt/webdav
Directory listing in terminal after mounting the file system

Conclusion

I found Nextcloud very useful for my purposes. Here’s a short list of pros and cons from my point of view:

  • Pros
    • Data is always in own control
    • Easy to install
    • Easy to roll out to users’ smart phones etc.
    • Easy to use file shares directly from Linux desktop
    • Scalable. As it is self-hosted, there are no contract-based limits, just own-resource limits (disk space, bandwidth, transfer limits)
  • Cons
    • Consumes a lot of disk space with basic install (approximately 560MB before adding data)
    • Self-hosted services need maintenance, upgrades, monitoring, etc.

Written by

Linux-natives – a blog by Linux experts from Finland – is brought to you by Seravo, a Finnish company focused on open source software and services.

Our team provides premium hosting and upkeep for your WordPress website - with open source software.

Leave a Reply

Your email address will not be published.