Nextcloud for Business
Nextcloud for ClearOS provides an enterprise-grade file sync and share solution that is an easy to use consumer-grade product that is integrated right into ClearOS. ClearOS and Nextcloud allow you to deliver file sharing services that conform to your data security and compliance policies. Your employees will love Nextcloud’s clean, professional user interfaces; you’ll enjoy peace of mind, knowing that your data is under IT control at all times.
This document provides instructions for the ClearOS integration, further more detailed Nextcloud documentation including users and administrators manuals can be found here.
If you would like to use Nextcloud without contributing/paying for this app, the nextcloud RPM is available for free and can be installed via the CLI by enabling the clearos-contribs repository. Eg:
yum –enablerepo=clearos-contribs install nextcloud
You will also need to install PHP-Engines. Eg:
yum install app-php-engines
Then you will need to enable apache and enable 7.1 on boot
Nextcloud is not easily compatible with the Active Directory Connector app, so is best deployed on systems using OpenLDAP for the Directory Server.
If your system does not have this app available, you can install it via the Marketplace.
You can find this feature in the menu system at the following location:
Server > File > Nextcloud for Business
A limited number of Nextcloud configuration parameters can be configured via Webconfig - just enough to handle the bootstrap/auto-configuration and allow you to login and get started.
The screenshot below shows a typical 'first visit' to Nextcloud's Webconfig page after installation.
This is an auto-generated, reserved account to manage Nextcloud. The username will always be 'admin' unless you decide to get 'under the hood' and change this using SQL updates or Nextcloud' occ utility.
Admin Default Password
To improve default security, the admin's default password is randomly created when you first install Nextcloud. Use this password to login.
to find the admin password you can get it using the following CLI command:
grep adminpass /etc/clearos/nextcloud_business.conf
If you have uninstalled and reinstalled Nextcloud, the original password may not be in the file listed above, but in a backup file - /etc/clearos/nextcloud_business.rpmsave
Auto Configure Trusted Domains
Nextcloud enhanced security by requiring you to set which domains or IP's you can access Nextcloud. For convenience, set this field to allow Nextcloud access from any hostname or IP you use. It will automatically update with any network or Web Server (eg. alias) change you make.
Your list of trusted domains that users can log into. Specifying trusted domains prevents host header poisoning.
The Nextcloud app interface is provided by the webserver running on ClearOS, and can be accessed directly via the link found on the app page. Once you have installed the app, the LDAP configuration and backend is tied in with the webconfig user interface. To get yourself up and running create or edit an existing user
Go to System > Accounts > Users, create or edit an existing user and enable 'Nextcloud' access from the dropdown menu.
Access is granted on a per user basis and permits the configuration of per-user quotas
You can then navigate with your browser to https://yourdomain.com/nextcloud and login with your users credentials. These credentials can also be used for your mobile apps, desktop etc to obtain access to your private cloud! The web interface allows you to share files to specific local users on the ClearOS system, to local groups defined within the webconfig, or to external users with email addresses. These shares can be limited to specific time periods, with or without passwords!
The web interface provides your user with various links to the mobile or desktop apps that are available for Apple, Android, Windows etc. For external access to your cloud please make sure your webserver can be reached remotely and you have opened TCP ports 80(HTTP) or 443(HTTPS)
For those that like to get to grips with the configuration files, you can find the Nextcloud configuration at /usr/share/nextcloud/config/config.php. It is possible to restrict the domain access to one or a list of specific domains - this may be useful if your webserver hosts several virtual domains. This can be achieved by editing 'trusted_domains'
Nextcloud is integrated into the ClearOS LDAP system and so primarily user configuration should be carried out through the ClearOS webconfig interface. There is also a special 'administrator' user setup on install who is able to extend or otherwise configure Nextcloud through the Nextcloud interface. This special user exists on within Nextcloud and is setup with the username “admin” on first install. Please make sure you change the default password.
Nextcloud comes with built in support for file sync, WebDAV access, external mount points, contacts, calendar, file revisions, deleted files, PDF viewer, photo and video viewer and basic document editing. Additional 3rd party apps are available and can be installed by using the Nextcloud admin interface. Login with the 'admin' user, select 'admin' menu on the top right hand side, then select the '+Apps' button at the bottom left hand side.
Apps include:- bookmarks, encryption, external sites, tasks, news, notes and many more available from http://apps.nextcloud.com
The initial storage location is within the standard ClearOS data structure located at /var/clearos/nextcloud/data, but could easily be moved elsewhere to a drive or mount point with more storage space for example.
If the default location is not suitable you can directly modify the path at /usr/share/nextcloud/config/config.php - but first, remember to copy the directory structure including the hidden '.ocdata' file to your new location. It is also possible to use the Storage Manager app to 'mound –bind' your data to a central storage position. In a future version of the app, this will hopefully be automated through the webconfig.
The storage location is deliberately separate from the main Nextcloud folder so that the app can be completely removed and reinstalled without losing any data. The storage location can be easily migrated from one location to another or between server if required (assuming they both authenticate to the same LDAP server, e.g. in a master/slave scenario).
It is also possible to add additional data your users mount points by mounting 'external' data storages. This could be a local NAS server, Samba share, Flexshare, FTP
server or even another Dropbox or Google Drive account. This can be configured through the Nextcloud interface admin. Please note that the 'apache' web server user must be given read access to the folder to access the files.
Please note that the ClearOS LDAP configuration is used by Nextcloud to authenticate, but Nextcloud does not modify the LDAP database in any way. Therefore the Quota settings whilst visible in the Nextcloud interface cannot be administered here for LDAP users.
If you have an existing Nextcloud custom installation, please consider backing it up and removing it prior to installing this app. The Nextcloud RPM is specifically built to be compatible with ClearOS and the app will install and auto configure Nextcloud to use the data in the standard ClearOS places, and will also create a database within ClearOS System MySQL. This will likely trample over any existing setup and, therefore, it is recommended you remove it prior to installing. The cloud data can then be migrated afterward to /var/clearos/nextcloud/data