Hello.
I want to setup a Nextcloud instance, and have some questions.
Please excuse me if these are obvious. #0 Can I have multiple drives pooled together? Say I have two Nextcloud nodes, each one with a 2tb drive. Can I pool these drives together to get a total of 4tb?
#1 Following above: Can I add a third node, with say one 4tb drive and have it sync Node1 and Node2 in its single 4tb drive? Does this even make sense to do?
#2 Any suggestions for doing LUKS and LVM?
I wanted to setup a drive with LUKS and LVM, then send it off to a friend’s house. Yet then I couldn’t boot the instance, as it would be asking for the password on boot up. Does using LUKS make sense? Or does NextCloud provide encryption “at rest”?
In response to #0 and #1, if you have two Nextcloud instances, one can mount the other as external storage. I’m not sure this is the best way to go about it however. If you can, it would be better to pool the drives in a single node with RAID or LVM.
#2 Nextcloud (with webserver properly configured) encrypts data in transit. There is an option to encrypt data on the server, but I haven’t tried it.
Encryption keys are stored only on the Nextcloud server, eliminating exposure of your data to third-party storage providers. The encryption app does not protect your data if your Nextcloud server is compromised, and it does not prevent Nextcloud administrators from reading user’s files. This would require client-side encryption, which this app does not provide. If your Nextcloud server is not connected to any external storage services then it is better to use other encryption tools, such as file-level or whole-disk encryption.
I’d consider just two setups that can be linked via federated sharing if needed. Pooling drives can be done on a single host (via LVM, btrfs, …) but over network it is a bit more complicated. There are special file systems but I don’t know if they are that easy to set up and maintain (https://en.wikipedia.org/wiki/Gluster#GlusterFS). And the performance over slow network connections could be quite a challenge.
You would need to sync the database over network as well.
Thank you all for your feedback.
Much appreciated.
The reason I asked about encryption is for the worst-case scenario of having the server compromised physically.
I’d like the data to be encrypted at-rest.
The drive space questions I think are more “easy” because I can stuff a 4TB hdd in there (I don’t have 2tb of data, truth be told).
Yet again, having a LUKS keys is a small problem… because if I send off the server to a friend’s house, I would have to share the key.
It would be awesome to be able to setup NextCloud in an un-encrypted partition, have it boot up and come online. Yet have a separate LUKS partition, which would come online only after having entered the encryption passphrase.
Well, here’s the problem with that. In order for Nextcloud to use encrypted data, it must also have the keys for that data. This is why, as the docs say, Nextcloud’s encryption doesn’t protect against breach of the server itself.
Solutions that provide physical security can’t have the keys available on the system, meaning the user must unlock it. You can’t have it both ways.
Maybe one of these days we’ll get a full disk encryption that unlocks with TOTP.
You should use your OS built in encryption features for your needs (if compromised physically means stolen, not somebody hooking up a screen an copying of data). So LUKS partitions would do the trick as you say.
For the remote part. It seems like you are trying to maintain an offside backup? I would say that you should use a proper backup solution in that case, Nextcloud is not ideal. There are solutions, like Borg backup, that let you store it on a remote server securely. You push the data from the server, and you can encrypt it before it is sent away. The remote server never see any plaintext data, so you do not need to encrypt the disk
Well the security with data at rest, just prevents your friend from quickly connecting the data-drive to his computer. If he has access to the system, during Nextcloud is running, all data is not at rest and he could gain access. So if you want to put files your friend must not see, use client side encryptions (or even put it in encrypted containers, this hides a bit more the type of files and size you are using) or if your friend is so untrustworthy don’t put the server at his place.