NextCloud 11 ready Raspbian image with extras

Hello,

https://ownyourbits.com/wp-content/uploads/2017/02/nextcloudpi-logo.png

I would like to share my NextCloudPi images for Raspberry Pi based on Raspbian.

NextCloud is really awesome but it needs to run on some server system. There is only so much the developers can do about this.

Setting this up is a barrier for adoption for non-technical users and setup can be tedious and complex.

I wanted to help by sharing ready to use images with the typical tools that one needs to run NC at home.

https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/

Hopefully you will find it interesting. Any feedback is appreciated.

Features:

  • Raspbian 8 Jessie
    
  • Nextcloud 11.0.2
    
  • Apache 2.4.25, with HTTP2 enabled
    
  • PHP 7.0 (double the speed of PHP5!)
    
  • MariaDB 10
    
  • 4.9.13 Linux Kernel ( NEW 03-13-2017 )
    
  • nextcloudpi-config for easy setup
    
  • Automatic redirection to HTTPS
    
  • ACPU PHP cache
    
  • PHP Zend OPcache enabled with file cache
    
  • HSTS
    
  • Cron jobs for Nextcloud
    
  • Sane configuration defaults
    

Extras:

  • Automatic security updates, activated by default. ( NEW 03-21-2017 )
    
  • Let’s Ecrypt for trusted HTTPS certificates.(  NEW 03-16-2017 )
    
  • Fail2Ban protection against brute force attacks. ( NEW 02-24-2017 )
    
  • Dynamic DNS support for no-ip.org ( NEW 03-05-2017 )
    
  • dnsmasq DNS server with DNS cache ( NEW 03-09-2017 )
    
  • ModSecurity Web Application Firewall ( NEW 03-23-2017 )
    

Easy configuration through simple ncurses interface

https://ownyourbits.com/wp-content/uploads/2017/02/ncp-1-700x388.jpg

7 Likes

Thanks for sharing this @nachoparker,

If you take a look at my last few posts on the forum you will see that I am a ‘non technical user’ or as I like to call it ‘new to Linux’.

I have been trying to harden my NextCloud security for the last couple of days, but what you have posted here seems like it is exactly what I need.

Unfortunately for me I am that ‘new’ that I don’t understand how to use the classic instructions to copy the image to an SD card.

Is there a way I can burn the image to SD card using an application such as Etcher or Win32 Disk Imager?

Hope you can reply to this message, thanks for your time and help :slight_smile:

Hello,

In case you are using windows, you can definitely use etcher or win32 disk imager

These are Raspbian based images, so anything you can find online will apply.

A quick search gives

You can download my image and copy it to an SD card using etcher following the steps from that post.

Nice, two things about it:

  • How did you install Linux kernel 4.9? Even with rpi-update I just get 4.4, which is also on the current official raspbian release.
  • You could add Redis for file locking.

Yeah nice for beginners to start fast with nextcloud. But indeed I found it helpful to do all the server installation steps by myself. With help and online research of course, but doing every step by yourself brings you to the position where you already started to learn about basic Linux and network behaviour and commands and you know what exactly did and change and add to your system, because you choose the things by yourself for some reason. If you use a ready image, you will more likely need help with basic things later, if some error occurs or some upgrade needs adjustments.

So I recommend every beginner with own server to do all the steps by oneself, because one will most likely need the knowledge and experience that comes with it.

But of course everybody can decide and it is nice to have people like you that provide ready images for the ones that choose the at first fast and easy way :slight_smile:.

1 Like

Well,

Not everybody will want to / have the time / have the skills to set up something like this.

In my opinion this drives many people away to propietary solutions such as Google Drive or Dropbox. I am trying to help remedy that situation.

Also most people just won’t be able to configure it properly. I want to stress out that it is awesome if somebody wants to learn and sets up a content website for example, but we are talking about hosting your own privacy so it has to be done well. Otherwise we can potentially face bad publicity for the solution that would also drive people away. I just would not recommend it as a “learning experience”.

Furthermore, this also applies to upgrading your installation. If you have to spend a week setting it up you are likely going to postpone it with the security implications this has. I talk a little about these things in this post.

https://ownyourbits.com/2017/03/25/nextcloud-a-security-analysis/

If someone wants to learn that’s awesome. There is already tons of tutorials out there.

In any case, the installation scripts are public so anyone can study them, change them or even contribute!

Thanks for the feedback :slight_smile:

4 Likes

Yeah, you are also right, it has to be taken care, that people don’t use nextcloud opened to the web too easygoing, potentially opening their data and even worse system control and perhaps moving nextcloud into bad light because of bad system setup.

I just wanted to give a hint, that there are also benefits, setting up everything by yourself. Of course you need to take care, following the admin manual or other guides from here, pay attention about warnings on admin panel, and also scan.nextcloud.com is a good new way to test your server security, besides the well known ssllab etc. etc. Perhaps the scanner could be integrated into nextcloud, allowing scanning and showing results on admin panel. But that’s another topic ;).

What about the other points? I just checked: kernel 4.4.50 I am now on, was doing rpi-update just some days ago. Is there another way to get a newer one for raspbian?
And yeah, could be worth considering to add redis file locking, if it’s not yet inside the image: https://docs.nextcloud.com/server/11/admin_manual/configuration_server/caching_configuration.html#id3

€: Ah, just did rpi-update again, now it is installing 4.9.y :smiley:. Nice version jump!

Hi again @nachoparker,

Just a quick follow up question, I have burnt your image to a disk and popped it in my Raspberry Pi,

I connected a screen to I could see what is happening.

Everything seemed to boot up and I was asked for a username and password. I put in ‘pi’ and ‘raspberry’ (Not sure if that is what should be put in there?)

Now I just have the terminal at ‘raspberrypi: $’

What should I do next to get everything set up?

P.S The pi isn’t plugged in via ethernet or connected to my wifi. I guess I need to do that next.

Some pointers on what to do next would be gratefully received.

Thanks again for your awesome build :slight_smile:

On the given link in ot you will find further instructions and configuration informations. Just go through this step by step to find out about everything.

Of course it is a headless image, so no graphical desktop available.

I agree, learning is fun. Just don’t learn playing around with your privacy, that would be my advice :wink:

NextCloud is fully functional out of the box.

Just connect an ethernet cable, then boot up.

On the screen you will see the IP address (My IP address is xxxxx)

From your desktop PC type the address in your browser to access your cloud.

If you want to connect wirelessly that is a bit more complicated but you can look up step to step instructions in Raspbian on Google.

edit: https://www.raspberrypi.org/documentation/configuration/wireless/wireless-cli.md

exactly. I recommend that your read the instructions carefully. Normally the place to start is the command

sudo raspi-config

you can look up online any guide about getting started with Raspbian for the details.

But again…

  1. connect ethernet
  2. write down IP address
  3. access from your laptop/phone/android app/tablet/desktop to your cloud using that IP

There is nothing really that you have to do, it is already working.

User is admin, password is ownyourbits

I recommend you change that and also the PI user password in raspi-config

Wow this is exactly what I’m looking for as well!

I have a few questions though:

  1. Is this compatible with the Nextcloud Box // a USB hard drive?
  2. Does the free tier of no-ip require a manual renewal every x days? Does this installation automate that? Otherwise, I already have a personal domain with Namecheap so I’ll have to try figuring out how to create a dynamic A record from the Pi.
  3. Will this conflict with future Nextcloud updates by any chance?
  4. Is this compatible on Raspberry Pi 3? I know that the Nextcloud Box isn’t compatible with it yet :frowning:

I have not tried it in a Nextcloud Box, but as far as I know it is a RPi2 with a HDD, so it should work, no problem. Just replace the SD card

Yes, you have to click a link every month that arrives to your email with no-ip. If you already have a domain you will have to transfer it to your private IP. If your private IP changes then you need dynamic DNS, such as no-ip.org, duckDNS or freemyip

Updates work using the regular NC updater app. This has been tested from 11.0.1 to 11.0.2

absolutely! it has been tested on RPi2 and RPi3. I personally have it running on a RPi3. Even a commenter in the blog used it successfully on a RPi Zero!

Hi @nachoparker,

I really appreciate you guiding me through this! Everything you tell me I am going to write down, perhaps we could work together to then release the information as a guide which will hopefully help other people.

I have another follow up question for you,

I have burnt my image with etcher, it boots up fine. But when I type my IP address in my browser FireFox is warning me that the connection is not secure. (See image below)

What do I need to do next to proceed?

Is this an error should I be worried about not being secure?

I guess it is because of an self made certificate. Try to use letsencrypt by starting the configuration “sudo nextcloudpi-config” and go “letsencrypt”. As far as I understand every step to install, register and activate it should be gone through there :slight_smile:.

1 Like

He is right.

https://ownyourbits.com/2017/03/17/lets-encrypt-installer-for-apache/

In any case, you can safely click “advanced > add an exception”, but in order to access from the internet I recommend you get a Dynamic DNS and use let’s encrypt. It is all in the blog.

Most of the information you need is already in the blog. I would recommend you read the posts carefully.

From the main NextCloudPi post

Again, type sudo nextcloudpi-config to get everything set up. Follow the dedicated posts on this blog for details on each entry.

Which links you to

https://ownyourbits.com/category/nextcloud/

Thanks so much! This is incredible.

One last question and this may be the wrong place for it but anything I should look out for if I plan on using a 64GB WB Labs Flash + a Raspberry Pi 3?

not that I know of. In the past I have typically looked in this page if an SD card is recommended for RPi

http://elinux.org/RPi_SD_cards

I do recommend using a USB hard drive. Get a SSD one if you really want speed.

Doing

sudo nextcloudpi-config

you can easily change the data directory (and soon also the database) to the external drive to avoid SD card corruption and for performance

New release is out!

NextCloudPi gets remote updates, logs to RAM, easy WiFi and more

https://ownyourbits.com/2017/03/31/nextcloudpi-gets-remote-updates-logs-to-ram-easy-wifi-and-more/

there’s a number of people requesting this. Will look into it

The short answer is code won’t run on arm