NextCloud 11 ready Raspbian image with extras

Thanks so much! This is incredible.

One last question and this may be the wrong place for it but anything I should look out for if I plan on using a 64GB WB Labs Flash + a Raspberry Pi 3?

not that I know of. In the past I have typically looked in this page if an SD card is recommended for RPi

http://elinux.org/RPi_SD_cards

I do recommend using a USB hard drive. Get a SSD one if you really want speed.

Doing

sudo nextcloudpi-config

you can easily change the data directory (and soon also the database) to the external drive to avoid SD card corruption and for performance

New release is out!

NextCloudPi gets remote updates, logs to RAM, easy WiFi and more

https://ownyourbits.com/2017/03/31/nextcloudpi-gets-remote-updates-logs-to-ram-easy-wifi-and-more/

thereā€™s a number of people requesting this. Will look into it

The short answer is code wonā€™t run on arm

Spreed.ME could be achieved by partly implementing this script by SyS0p3r and these steps to autorun the spreed server.

How can I remove or change the huge nextcloudpi welcome message?

sudo rm /etc/update-motd.d/10logo

you have a little guide to customize welcome message here if you want to do other changes

https://ownyourbits.com/2017/04/05/customize-your-motd-login-message-in-debian-and-ubuntu/

Finally got around to purchasing my RPi3 and will install when my external drive arrives! Will this package configure disk encryption for external drives? Or do I have to do that myself with LUKS/DM-Crypt?

awesome!

actually that is a good idea to add to NextCloudPi. I will do that for sure!

I have had a draft article for ecryptfs for my blog for a while, but I did not think about using it on the ncp

have fun with your new toy :slight_smile:

Thanks! Any good resources on how I can go about enabling whole disk encryption before you integrate it? I worry how much it would affect performance on the Pi3.

well, that is something that I have to test for myself before talking much about it

One thing you could do is to you encrypt the folder with ecryptfs (tutorial soon in ownyourbits.com) and keep it in a NFS storage, then mount it in your host PC.

https://ownyourbits.com/2017/04/13/share-your-files-in-your-lan-with-nfs/

That way, the decryption will be performed in your host PC and will not consume CPU for the raspberry pi. The problemā€¦ wonā€™t be able to access it through the NC interface unless you also mount it on the RPi

I do not know how much CPU it would useā€¦ thatā€™s something to be tested :slight_smile:

hope that makes sense xD

Thanks for your hard work, @nachoparker!

Iā€™m new to just about all of this, and have been researching for a few weeks now prepping to setup Nextcloud on my new pi3 and this is a very attractive option!

I am currently torn between using your nextcloudpi solution or taking a swing at setting it all up myself. But your ease of setup, extras, and included hardening are what really have me struggling to decide, so I have a few quick questions for you, if you donā€™t mind.

  • Would it be possible to use nextcloudpi, uninstall apache and switch to nginx?
  • Would you recommend it or against it?
  • I ask because I keep seeing it as a suggestion over apache (along with mariadb, php7, and letā€™s encrypt, the three of which your solution already includes!)
  • Or is there a reason to stay with apache over nginx in your opinion?

I welcome answer from anyone, I really appreciate the work and documentation up to this point!

well, if you want to learn you can do it yourself and compare it with NextCloudPi. I encourage you to study the code to do that. It is on my github.

Apache is really solid and secure. It was the biggest bounty for hackes in pwn2own 2017 and the only one that did not fall (if I remember correctly).

They are both really good, where nginx shines is on servers with a huge number of concurrent connections due to its architecture.

Apache on the other hand, has many many many modules, such as modsecurity which is included in NextCloudPi.

But really the difference is not going to be noticeable on a small personal cloud.

If you want to practise/learn/do things your way it is a fun exercise. You can surely uninstall apache2 and go ahead with nginx installation.

You will have to study some of the code for the extras (such as letsencrypt) that asume apache and tweak it, but 90% of the code is browser agnostic. modsecurity is originally an Apache mod, but I think it has expanded, so you might be able to use it on nginx nowadays. I have not looked into that.

One good thing NCP has is remote updates, which should make the maintenance and getting fixes/improvements easier

also, if you already have your piā€¦ you can just try it. Copy the image and that is it, working in < 5 minutes.

setting up something like this takes a looong time and maintenance.

But of course, itā€™s fun to learn

Thanks for the info and clarification b/w nginx and apache. Even after looking into it, I had wondered if it was going to make a big difference for a single-user cloud.

Iā€™m simply looking to migrate from Dropbox/Google Drive so I can have more control and space, so no huge servers here. :smile:

With your response in mind, and my level of expertise, I think I will stick with your image as-is, and perhaps try to install by following the code as practice if I feel bold enough after checking out your github.

I do already have my pi, so Iā€™m going to give it a whirl when I get home. Thanks again for your response and work on the image!

1 Like

Hi and first of all, thanks a lot for putting together all those pieces together! :slight_smile:

Iā€™m trying to make it work but until now without success.
Steps:

  • From a GNU/Linux laptop I used Etcher to prepare the sd card.
  • Before unplugging it, I create an empty file named ssh into /boot to enable ssh at the boot.
  • I then plugin the sd card into my raspberrypi 2, connected with a wire to my router.
  • I can ssh to it and see the raspberry logo, from my laptop.

As far as I understood, already at this point Nextcloud, well, Apache and mySQL should be up and running and they are but f I open with my laptop browser http://192.168.178.47 Iā€™m redirected to https and I get the warning because of the self-signed certificate. I accept and:

Service Unavailable
The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
Apache/2.4.25 (Raspbian) Server at 192.168.178.47 Port 443

/var/log/apache2/error.log

[Sun Jun 04 10:42:43.004260 2017] [mpm_event:notice] [pid 1740:tid 3069383184] AH00491: caught SIGTERM, shutting down
[Sun Jun 04 10:43:05.007701 2017] [mpm_event:notice] [pid 1916:tid 3069354512] AH00489: Apache/2.4.25 (Raspbian) OpenSSL/1.0.2k configured -- resuming normal operations
[Sun Jun 04 10:43:05.010909 2017] [core:notice] [pid 1916:tid 3069354512] AH00094: Command line: '/usr/sbin/apache2'

other_vhosts_access.log

raspberrypi.fritz.box:80 192.168.178.49 - - [04/Jun/2017:10:38:16 +0000] "GET / HTTP/1.1" 302 612 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:53.0) Gecko/20100101 Firefox/53.0"

access.log is empty

Game over, it seems.

I then tried to update the system with sudo apt-get update & sudo apt-get upgrade, only the following libraries were upgraded.

libtasn1-6 libtiff5 libwbclient0 raspberrypi-sys-mods sudo

Any way I sudo reboot and nothing changed. Still getting the 503 message on browser.

Even running on the raspi itself the http call, it replies with a 503.

$ curl -k https://localhost
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>503 Service Unavailable</title>
</head><body>
<h1>Service Unavailable</h1>
<p>The server is temporarily unable to service your
request due to maintenance downtime or capacity
problems. Please try again later.</p>
<hr>
<address>Apache/2.4.25 (Raspbian) Server at localhost Port 443</address>
</body></html>

Any idea, anyone?


Last thing
at login it says:

NextCloudPi v0.12.8 is up to date

but then:

sudo ncp-update
Downloading updates
Performing updates
NextCloudPi updated to version v0.12.15

So it was not updated.

Hello,

I have tested this endless times and it just works out of the box. There is no need to upgrade anything, and automatic security updates are enabled by default.

Did you make any other configuration changes, such as transfering the database dir to an external USB drive?

Are apache2, mysql and php-fpm processes up and running? check the status of mysqld ?

If you want we can troubleshoot this together at https://github.com/nextcloud/nextcloudpi/issues

Hi,
thanks a lot for your offer.
At the moment I canā€™t experiment but I might come back at a later time.
In the meantime I installed everything manually and itā€™s working.
Again, thank you. :slight_smile:

Hi

Thanks for the NextCloudPi images. This is indeed great work.

Iā€™ve installed it both on a Pi2 and a Pi3 though and it is very slow - beyond being usable. Could someone please help me solve this?

So far I couldnā€™t do some other things, too: canā€™t enable HTTPS and canā€™t access from outside my LAN.

I donā€™t know much about networks, so Iā€™m kind of in the dark as to what other info would be relevant for you to help me solve this. Sorry about that, but just ask and Iā€™ll give you whichever info you need about this.

Thanks in advance