The latest release of NextCloudPi is out!

This release updates to the latest stable version, Nextcloud 13.

Also, there has been a special focus on enhancing security, and on providing tooling to assess the security of our instances.

In addition to the big changes, there is a small but important change: from now on, images will default to user ncp and password ownyourbits for all services, including not only the admin user of Nextcloud, but also SAMBA, ncp-web and elsewhere. As those features appeared organically each one with a different password, it became an unnecessary complication for people wanting to try out NextCloudPi for the first time.

Another small change: for consistency, you can now use

ncp-config

as a synonym of

nextcloudpi-config

As usual, there have been many fixes and enhancements. I would like to thank everyone that was involved.

NextCloudPi improves everyday thanks to your feedback. Please report any problems here. Also, you can discuss anything in the forums.

Last but not least, please download through bitorrent and share it for a while to help keep hosting costs down.

Nextcloud 13

The latest Nextcloud brings both new stuff and improvements.

My personal highlights for the new stuff are end-to-end encryption, and Nextcloud Talk. Nextcloud keeps working towards security and giving us the ability to self host more and more services.

There are also performance improvements, most notably for the web UI and LDAP.

UI speed improvements

Very welcome speed improvements for us using slow boards or Tor connections.

Back in Nextcloud 10, the developers had to stop using asset pipelining, which made the interface much heavier and slow.

The good news is that for this release, work has been done to improve this situation. Just compare this test that I reported with the following results

Night and day!

You can check the full announcement

Support for big files in 32 bit systems

Many low end systems such as the Raspberry Pi use 32 bit operating systems. This is true even for Raspberry Pi 3, which has a 64 bit CPU when we are running Raspbian because they just don’t produce 64 bit images.

When we combine this with a stupid php limitation for this architectures we were left with the situation where we had a hard limit of 2GB files for Nextcloud uploads.

This has been worked around in code, so we can finally upload bigger files. It was about time!

The solution involves chunking the data and a quick test shows that it indeed works: the temporary data dir now contains 10 MiB files that come and go during the transfer, and the traffic becomes more “spicky”. Some testing will be needed to measure the performance impact of this workaround.

PHP 7.2 support

This was an issue, because many users were holding back their PHP packages in order not to break Nextcloud.

Uncomplicated Firewall (UFW)

UFW is a simple to use firewall, developed by Canonical. It is just another Netfilter wrapper, with simplicity in mind. This makes it a good fit for this project, because overly complicated technical stuff might not be actually usable by everyone.

Even easier to use for NextCloudPi, just activate it!

Audit your instance with nc-audit

NextCloudPi comes now bundled with a few security auditing tools, mainly

Lynis, which was already covered here

Debsecan

The extra nc-audit will run those with the right parameters, so we can detect misconfigurations, potential vulnerabilities and known bugs

By using this tools, the configuration of NextCloudPi has been further enhanced for security.

Automatic creation of BTRFS snapshots

BTRFS snapshots are amazing! NextCloudPi is now able to schedule BTRFS backups in a space efficient way.

If we activate this option, snapshots will be produced automatically every hour, every day, every week and every month in the USBdrive that holds your datadir. Only 24 hourly backups, 7 daily backups, 4 weekly backups and 12 monthly backups will be produced, with the older ones over these limits being deleted.

$ ls -1 /media/myCloudDrive/ncp-snapshots/ daily_2018-01-30_211703 daily_2018-01-31_221703 daily_2018-02-01_231702 daily_2018-02-02_231703 daily_2018-02-03_231702 daily_2018-02-04_231702 daily_2018-02-05_231702 hourly_2018-02-05_221701 hourly_2018-02-05_231701 hourly_2018-02-06_001701 hourly_2018-02-06_011701 hourly_2018-02-06_021701 hourly_2018-02-06_031701 hourly_2018-02-06_041701 hourly_2018-02-06_051701 hourly_2018-02-06_061701 hourly_2018-02-06_071701 hourly_2018-02-06_081701 hourly_2018-02-06_091701 hourly_2018-02-06_101702 hourly_2018-02-06_111701 hourly_2018-02-06_121701 hourly_2018-02-06_131701 hourly_2018-02-06_141701 hourly_2018-02-06_151701 hourly_2018-02-06_161701 hourly_2018-02-06_171701 hourly_2018-02-06_181702 hourly_2018-02-06_201701 hourly_2018-02-06_211701 hourly_2018-02-06_221701 manual_2017-12-28_113633 monthly_2017-12-28_101702 monthly_2018-01-27_101703 weekly_2018-01-11_111701 weekly_2018-01-18_111702 weekly_2018-01-25_111702 weekly_2018-02-01_111702