Question: How to separate private and work data?

#1

Hi all! I’m new to Nextcloud and what I’ve learned until now is just great!!!
I’m thinking of using Nextcloud for private stuff (me, my family and my friends) but also for my business both self hosted.

I’d like to keep private and work data separate. And first I thought I’d get two separate physical servers, one at home and one in my work place. There the data really would be kept separate.
The other possibility I see is to have only one server with two instances of Nextcloud.

What is the best way of doing this? Are there other ways?

Thanks
Freddy

#2

Hello,

two instances sounds overkill, unless you have a really big company - or a really big family!

You could try using groups for this - separate the shared files with groupfolders, and setup permissions so each group can only access their own group folders.

The personal folders are isolated by default.

The files won’t be separated in the filesystem though (they’re under the same root), but you can mount an external storage path for the company, and try to keep most of the company files there.

I think you can use group access rules to isolate the users in the other apps as well, so they don’t see each others in the contact or talk app fex.

#3

with docker you can do this “easy”. if you know how to setup nc with docker.

#4

I would also use one instance only (and I really do :wink: ).

You can either keep the files in seperate folders, create different groups and allow sharing within every user’s own groups.
You can create group folders as ztein already suggested and you create an extra user account for work if you totally want to split it.

I mean, a secure server is a secure server and what’s secure for your work files, is secure for your family. So why maintain two servers with all the necessary effort to keep them up to date and enhance security over time (with new technologies and new threats arise all the time)? :slight_smile:

#5

You people are great! Thanks for your replies!
And you are right, two servers might be an overkill and a secure server is a secure server… :smiley:

I tried the group folder way which is a breeze and works perfectly. I also tried to create an other (non-human) user like described in the documentation for persistent folders.

Are you aware of any drawbacks of the group folders way vs. the persistent folder way that I should be aware of?

@Reiner_Nippes: I’m still a bit timid of getting my hands dirty with docker… so when there is an other way… :woozy_face:

#6

both playbooks are not yet ready to install two instances of nextcloud on the same server. (sorry for that.)

run the first one on a server gives you a ready to run nextcloud. if you want to have a second instance you have to copy the /var/www/nextcloud folder and the /etc/nginx/conf.d/nextcloud.conf file. create a new database with another prefix than oc_. and modify the nginx nextcloud.conf and the nextcloud/config/config.php files. more or less it should work like this.
or you rename /var/www/nextcloud and /etc/nginx/conf.d/nextcloud.conf and run the playbook again with ansible-playbook nextcloud.yml -e nc_db_prefix='nc_' (not tested. might not work. you have to try.) and of course you need a second fqdn.

i’m currently working on a newer version of the docker playbook to create multiple instances. stay tuned. or try to set it up with portainer. :wink:

#7

and don’t forget to change the nc_datadir variable in the inventory file before you run the first playbook second time. or add -e nc_datadir='/var/nc-work'

1 Like
#8

@frehu01

with this playbook you can deploy multiple nextcloud instances to one host.
you may give it a try: