What I have describing is running right now and has been for a month or so, I was having some teething issues which was the reason I posted. Iâve really not seen a lot of issues that youâve described.
Total changes to the core total less than 12kb, with the majority of that being the helper written for the encrypted partitions.
The partitions exist on a network-based filesystem which gets backed up either full or incremental cycles. Full encrypted disk images (especially per user) would be very cpu-expensive as the actual raw reads/writes need to be intercepted; rather than the file-based modifications.
Youâve just described database modifications (mysql) which can be performed without the partitions being mounted. Additionally, nothing is modifying the partition contents while mounted besides nextcloud itself.
Edit: the only other small issue encountered was a user leaving a stale session open somewhere, and logging off elsewhere, then reusing the initial stale session. This was resolved with the autologoff/timeout parameter, and a timeout on the partition umount itself.
Very Iinteresting. I take it you arenât using the desktop integration apps.
That is a good point about disk image files.
Regarding stale sessions on the web app, definitely. I do the same on mine. I donât know what mitigations are in to stop session token attacks, but best not to take any chances.
Nope, all clients just use the web portal⊠literally due to it being âanotherâ codebase fork to maintain, aside from some minor UI glitches on Apple devices (whats new)⊠has been trouble-free.
That makes sense, and the need to mount the data at login should stop the desktop app from attempting to be used. Ok.
You understand that wouldnât be the normal usecase for the average nextcloud user right?
Itâs always a balance between accessibility and security. If I wanted to be totally secure I would just keep everything on an in house network file server and only allow VPN connections in. Many places do that.
Sure, but the architecture to even enable this sort of functionality (esp given Nextcloudâs claims of scale), simply isnt present.
I actually feel like this is taking a dig (what iâm about to say) but itâs purely from a technical point of view.
Say I want to scale my Nextcloud deployment, as weâve passed x users and the server load is beginning to increase. Lets say that the sql portion is moved to a separate machine, which both instances have access to. Adding a load-balancer to create a persistent round-robin dns style of setup; how do the servers share the pooled user data between them?
Through shared storage and LDAP? Though Iâm not sure about the rest of the user data. Itâs not a problem Iâve needed to solve
[EDIT[
There are plenty of articles on how to cluster nextcloud.