I have some server experience, but am new to NextCloud. If this is a stupid question, I apologise in advance.
I have a FileServer using SMB/CIFS via FreeNAS, where I have a working set up of relevant permissions for different users so that they have private files, and then common access to (only) the files they should be able to see using setacl cmds as well as the usual owner/group permissions.
It is not a particularly large data size, but it is large volume - there are hundreds/thousands of subdirs, and 100,000+ files (probably ~15yrs of biz data.
I would like to use the NextCloud - but -
- Is there any advantage to the NextCloud method of sharing over this system
- I don’t know if or how I can use it on this dataset, or if it will ignore/overwrite the existing permissions structure.
** Would I simply scan the CIFS share as an external source?
- It would be logical to use the FreeNAS NextCloud jail system - has anyone done this successfully and able to offer tips/pointers or reference docs to look at?
**Specifically, the CIFS/SMB dataset is in its own jail, so permissions are a bit of a challenge already, and I don;t have the experience to know if this is a FreeNAS complexity, or a NextCloud complexity (I am happy to do the slog-work, but I just don;t know WHICH slog-work to do )
To address your points:
- There is a lot of effort put into sharing that is very useful. It’s easy to put users in multiple groups and put storage quotas on the user. There are a lot of ways you can allow or restrict sharing internally or externally, and what’s also nice is there is good activity monitoring and commenting on files. You can also do a lot of access control stuff that I haven’t had to delve into too much that’s worth exploring. Then you can also monitor by tagging files or folders either automatically or other users can set their own tags. There are also Group Folders so you as an admin can create a folder for a given group to work in.
- There is an external source feature to load an SMB share. To warn you though: SAMBA isn’t as full featured as Microsoft SMB and there are issues with SAMBA and Nextcloud where it won’t get the memo about a file being changed in SAMBA and not in Nextcloud. I’ve had this end badly in the past. There is an experimental feature (at least as of early last year) that will make Nextcloud check for external changes, and I had it work, but I personally didn’t get enough time to test it to ensure how reliable it is. I can’t really comment on samba permissions, but I can only guess Nextcloud can’t overrule those. But I’d say try for yourself with a test or hope someone else can comment on that with experience.
- I am using Nextloud in a jail on FreeBSD, not FreeNAS. But This should be close enough to count as FreeNAS isn’t too far off from FreeBSD. I use iocage though, which handles jails differently than warden I assume. I have had great success here and love it. I use ZAP to do regular automated snapshots and replication of my data and it has been GREAT. It’s provided a great fallback for recovering data from old snapshots if necessary and super easy management of Nextcloud. Another lovely thing is take a snapshot before any NC update and if poop hits the ceiling (never actually happened before), a simple rollback takes a couples seconds and it’s as if nothing happened. Having run NC directly on a host and in Jails and LXD containers, jails just makes sense and I’ve had no stability issues. No need for VNET either. One drawback though: Nextcloud has no way of reading memory info for the Admin panel, but I think that’s just because FreeBSD doesn’t use /proc, and jails certainly have no way of accessing /proc. But no skin off my nose. I can’t comment on jail to jail communication between samba and NC, but it should work just like any other box you’d have on the network. My samba skills also aren’t up to business level IMO, getting samba to work right with NC may be on the harder side, but the hardest part is always the users lol
One last note: I am not a fan of FreeNAS’ pre-canned jails. I recommend creating a Nextcloud jail from scratch.
This is semi-dated (well, maybe the iocage part), but it’s a good resource for setting up Nextcloud
Thank you @stratacast - I will try these out on a VM and see if/how they work.