My NC is running on a NAS with 3x 12TB drives in RAID5 and 2x SSDs. One SSD runs the OS, the other SSD (WD Red) is used for NC data and config files.
The RAID5 drives contain home video, and are linked to NC as external storage.
If I set NC to use encryption, would NC also attempt to encrypt the files located on external storage? I would prefer to avoid this due to the extra data overhead created.
This is a bad setup. You have no fault tolerance for the OS or Nextcloud data. Consider setting the SSDs up as RAID-1.
To answer your question, I believe it does encrypt external storage.
Thanks for the tip - that’s not really practicable with the drives I have currently due to the significant discrepancies in capacity, but will be kept in mine for future builds.
Also interesting that the documentation describes “[not] having to also encrypt your home storage on your Nextcloud server”. I was actually hoping to do that, so that I can offer friends some cloud storage without me having access to their data.
Well… having cloud storage where the sysadmin can’t access your data is a bit of a pipe dream. You might say services like Dropbox claim to do it, but then you have to remember they once rolled out a bug in their login flow that caused it to accept any password, and this went on for something like four hours… So tell me, if they can’t access your data, how can their system mistakenly let the whole internet access it?
In my opinion, you should assume the administrator of any system that holds data has access to that data.
The encryption has to be handled client-side for what you want to be possible. If the server does it, then the server has the keys. I think Nextcloud has an app that does it, but I understand results have been a little hit-or-miss. Also understand that it comes with some feature limitations.