Federation - global addressbook sharing

ℹ️ Support
, , , ,
1

Hi all,

I am running some Nextclouds for tests with federation as an installation via the Ansible collection [1] on Debian 12 [2] on Proxmox.

My Nextclouds with Federation works so far.
I tested rudimetary federated sharing functions, and that works fine.

But I only got it to run with several additional installations (mainly for cron) and configs (mainly for cron and global scale), please see below.

I set a few users and groups, and filled the entries in the users profiles.

I activated all in /settings/admin/sharing/ “Federated Cloud Sharing”.

Also I add the other Test-Nextclouds to “Trusted Servers” and they are marked with a green circle.

Maybe you can give me a tip, because of some issues:

  • But I can not persistantliy turn on the Slider for “Allow users to publish their data to global and public addressbook”
  • Autocompletion for clients on trusted servers doesn’t work so far I see.
  • The term GlobalScale irritates me somehow, I actually want to show how e.g. a few clubs and friends can share data with each other via federation.

Below is my excerpt, can you say whether this is generally necessary or am I turning the wrong knobs?

1: ansible_collections/nextcloud.admin-2.1.0
2: https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-amd64.qcow2

root@XXX:~ # apt list | grep -w 'cron\|postfix\|swaks\|bsd-mailx' | grep installed

bsd-mailx/stable,now 8.1.2-0.20220412cvs-1 amd64 [installed]
cron-daemon-common/stable,now 3.0pl1-162 all [installed,automatic]
cron/stable,now 3.0pl1-162 amd64 [installed]
postfix/stable,now 3.7.10-0+deb12u1 amd64 [installed]
swaks/stable,now 20201014.0-2 all [installed]

root@XXX:~ # grep -i 'gs\|mainten' /opt/nextcloud/config/config.php
  'maintenance_window_start' => '1',
  'gs.enabled' => 'true',
  'gs.federation' => 'global',

root@XXX:~ # occ support:report
## Server configuration detail

**Operating system:** Linux 6.1.0-18-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) x86_64

**Webserver:** Unknown (cli)

**Database:** mysql 10.11.6

**PHP version:** 8.3.3-1+0~20240216.17+debian12~1.gbp87e37b

Modules loaded: Core, date, libxml, openssl, pcre, zlib, filter, hash, json, pcntl, random, Reflection, SPL, session, standard, sodium, mysqlnd, PDO, xml, apcu, bcmath, bz2, calendar, ctype, curl, dom, mbstring, FFI, fileinfo, ftp, gd, gettext, gmp, iconv, igbinary, imagick, imap, intl, ldap, exif, mysqli, pdo_mysql, Phar, posix, readline, redis, shmop, SimpleXML, sockets, sysvmsg, sysvsem, sysvshm, tokenizer, xmlreader, xmlwriter, xsl, zip, Zend OPcache

**Nextcloud version:** 28.0.2 - 28.0.2.5

**Updated from an older Nextcloud/ownCloud or fresh install:**

**Where did you install Nextcloud from:** unknown

<details><summary>Signing status</summary>

[]
</details>

<details><summary>List of activated apps</summary>

Enabled:
 - activity: 2.20.0
 - admin_audit: 1.18.0
 - circles: 28.0.0-dev
 - cloud_federation_api: 1.11.0
 - comments: 1.18.0
 - contactsinteraction: 1.9.0
 - dav: 1.29.1
 - federatedfilesharing: 1.18.0
 - federation: 1.18.0
 - files: 2.0.0
 - files_pdfviewer: 2.9.0
 - files_reminders: 1.1.0
 - files_sharing: 1.20.0
 - files_trashbin: 1.18.0
 - files_versions: 1.21.0
 - firstrunwizard: 2.17.0
 - group_default_quota: 0.1.8
 - impersonate: 1.15.0
 - logreader: 2.13.0
 - lookup_server_connector: 1.16.0
 - nextcloud_announcements: 1.17.0
 - notifications: 2.16.0
 - oauth2: 1.16.3
 - password_policy: 1.18.0
 - photos: 2.4.0
 - privacy: 1.12.0
 - provisioning_api: 1.18.0
 - recommendations: 2.0.0
 - related_resources: 1.3.0
 - serverinfo: 1.18.0
 - settings: 1.10.1
 - sharebymail: 1.18.0
 - support: 1.11.0
 - survey_client: 1.16.0
 - systemtags: 1.18.0
 - text: 3.9.1
 - theming: 2.3.0
 - twofactor_backupcodes: 1.17.0
 - updatenotification: 1.18.0
 - user_status: 1.8.1
 - viewer: 2.2.0
 - weather_status: 1.8.0
 - workflowengine: 2.10.0
Disabled:
 - bruteforcesettings
 - dashboard: 7.8.0
 - encryption
 - files_external
 - suspicious_login
 - twofactor_totp
 - user_ldap


</details>

<details><summary>Configuration (config/config.php)</summary>


{
    "passwordsalt": "***REMOVED SENSITIVE VALUE***",
    "secret": "***REMOVED SENSITIVE VALUE***",
    "trusted_domains": [
        "XXX.XXX.XX",
        "XXX.XXX.XXX.XXX"
    ],
    "datadirectory": "***REMOVED SENSITIVE VALUE***",
    "dbtype": "mysql",
    "version": "28.0.2.5",
    "overwrite.cli.url": "https:\/\/XXX.XXX.XX",
    "dbname": "***REMOVED SENSITIVE VALUE***",
    "dbhost": "***REMOVED SENSITIVE VALUE***",
    "dbport": "",
    "dbtableprefix": "oc_",
    "mysql.utf8mb4": true,
    "dbuser": "***REMOVED SENSITIVE VALUE***",
    "dbpassword": "***REMOVED SENSITIVE VALUE***",
    "installed": true,
    "instanceid": "***REMOVED SENSITIVE VALUE***",
    "default_phone_region": "DE",
    "memcache.local": "\\OC\\Memcache\\APCu",
    "open_basedir": "\/dev\/urandom",
    "updater.release.channel": "production",
    "redis": {
        "host": "***REMOVED SENSITIVE VALUE***",
        "port": "0"
    },
    "memcache.locking": "\\OC\\Memcache\\Redis",
    "maintenance_window_start": "1",
    "gs.enabled": "true",
    "gs.federation": "global"
}

</details>

**Cron Configuration:** Array
(
    [backgroundjobs_mode] => cron
    [lastcron] => 1709214303
)


**External storages:** files_external is disabled

**Encryption:** no

**User-backends:**
 * OC\User\Database


**Browser:** unknown

root@XXX:~ # mysql
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 3424
Server version: 10.11.6-MariaDB-0+deb12u1 Debian 12

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> use nextcloud;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
MariaDB [nextcloud]> select * from oc_trusted_servers;
+----+-----------------------------+------------------------------------------+------------------+----------------------------------+--------+----------------------------+
| id | url                         | url_hash                                 | token            | shared_secret                    | status | sync_token                 |
+----+-----------------------------+------------------------------------------+------------------+----------------------------------+--------+----------------------------+
|  2 | https://XXX.XXX.XX          | XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX | XXXXXXXXXXXXXXXX | XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX |      1 | http://sabre.io/ns/sync/XX |
+----+-----------------------------+------------------------------------------+------------------+----------------------------------+--------+----------------------------+

also in other db tables I can see entries about the federation or shares with the trusted_servers eg. here:
oc_share_external
oc_activityoc_properties
oc_addressbooks
oc_circles_share_lock
oc_shares