nextcloud, nextcloudpi, raspberrypi

NextClouPi gets a Web Interface

The latest release of NextCloudPi is out, and managing your private cloud is now easier than ever!

This release features features a shiny new Web UI.

This web panel makes use of the extras provided by our familiar nextcloudpi-config, and serves for the exact same purpose. From our browser, we can set up Let’s Encrypt certificates, move our datafolder to an external USB drive, forward our external ports and all the rest, with the benefit that we don’t need to understand SSH or even connect your keyboard to the Raspberry Pi for the initial configuration.

This will allow NextCloudPi to reach even more people and lower the barrier of adoption for Nextcloud.

Also, it will provide the NextCloudPi docker image with a nice and convenient configuration interface without the need for SSH daemons or using docker exec (soon).

This feature is quite basic for this first release. It wil be gradually improved through the remote update system.

NextCloudPi improves everyday thanks to your feedback. Please report any problems, or ask technical questions here. Also, you can discuss anything in the forums.

Last but not least, please download through bitorrent and share it for a while to help keep hosting costs down.

Installation

The new UI is included by default in the new image, and will be installed through remote updates. Unfortunately, the configuration of the virtual host for Apache will need to be done individually for users that are using old images.

Those users have two options

  • Backup through nc-backup, install the new image and restore through nc-restore. Remember to also backup your data directory separatedly in case you moved it with nc-datadir.
  • Manually make the changes in your existing image. Still, it is recommended to backup first. You can then copy and paste this code

I recommend the first option if you don’t know what you are doing.

Usage

The web panel is equivalent to nextcloudpi-config, so it is used exactly in the same way. You can check theΒ specific posts for detailed instructions.

It is accessible only inside your local network through the HTTPS protocol on port 4443. Just type in your browser

If you haven’t configured Let’s Encrypt yet, the SSL certificate will be self-signed, which means that communications will be encrypted, but there is no third party verifying the authenticity of the connection (more here). Because it is a local IP that we are using, we can be reasonably confident that the other end is the NextCloudPi, but still the browser will warn us of this fact.

For this reason, we have to manually tell our browser that we trust this website. Include a permanent exception like so

There is nothing incorrect here, just the browser being cautious as it should.

Features to come

As stated before, I just released the minimal working version of the web UI. In the following weeks, I plan to add

  • Password verification using PAM credentials
  • Live updates of the progress using websockets, server side events, or some similar push technology.
  • Same site cookie support.
  • Update modsecurity rules so that the web UI works and works more safely.
  • NextCloudPi update web notifications
  • Polish of the UI

Security and implementation details

I tried to make this minimal, lean and fast. For this reason, I chose to use minified.js over jQuery. gzipped minified.js only weights 8 KB, which is several times smaller.

Also, I wanted to play around a bit with the new advantages that come with HTTP2, so I included server-side HTTP2 push for the web content. This way, we can send all assets at once and save precious time. Pushed assets show in gray in the Firefox network tab.

Everything is pushed together! You can tell the difference on this slow QEMU instance of NCP

The backend includes protection for some common attacks

  • Single use tokens for preventing CSRF attacks.
  • Strict CSP rules to prevent XSS attacks
  • httponly cookies.
  • secure cookies (only sent through encrypted connections).

It also comes with our familiar bunch of security headers.

In any case, security is a thorny topic, so I will feel better as more eyes look at this. If you spot some vulnerability, please let me know in private so it can get fixed as soon as possible.

References

https://www.smashingmagazine.com/2017/04/guide-http2-server-push/
https://blog.cloudflare.com/using-http-2-server-push-with-php/
http://www.stevesouders.com/blog/2013/11/07/prebrowsing/
http://blog.ircmaxell.com/2013/02/preventing-csrf-attacks.html

 

Author: nachoparker

Humbly sharing things that I find useful [ github dockerhub ]

26 Comments on “NextClouPi gets a Web Interface

  1. Awesome stuff!!!

    I made some notes with a current install. The web interface seems to be working well.
    Great work so far, definitely making progress in the right direction.

    Let me know if you want me to post these notes somewhere else.

    Automount USB drives by plugging them in
    No confirmation. A box appears but no acknowledgement. Would be nice if it would indicate the disk(partition) label (if any)

    nc-format-USB
    It works easy enough, did have some unrecognizable text upon completion. I removed the drive and confirmed with G-parted.

    Change Data directory-
    Maintenance mode enabled
    moving data dir to /media/USBdrive/ncdata…
    System config value datadirectory set to string /media/USBdrive/ncdata
    Maintenance mode disabled

    Move database
    Maintenance mode enabledd fi
    moving database to /media/USBdrive/ncdatabase…
    Maintenance mode disabled

    Both moves seemed to work. This is where some of my ext4 linux mount point ignorance comes in.
    I named the drive NCDrive_1 so in the future when I copy the drive I can label the new drive NCDrive_2 etc etc. However I dont get any visual confirmation the move was to NCDrive_1.
    Currently I only have 1 drive plugged in, but in the future if there are multiple drive plugged in it would be nice to see or select which drive by the instance name. If that makes sense.?.?
    I realize the default is /media/USBdrive/

    I didnt see the option to resize the SDCard partitions like when using the local nccloud-config.

    Backup this NC instance to a file
    I guess this is the Sdcard image? What is the BASEDIR

    Where can I change the default password for the database?

    Will there be an option in the next iterations to make a copy image to a 2nd usb drive (NCDrive_2)?

    My no-ip domain expired so I am deciding what I want to do with that. I see there is no way to update the config file with domain for access from external network. I alway forget where it is located and the text editor is not so friendly for me.

    It would help if we could view the directory and files of the USB drive withing the web interface. Just to ensure the moves and things we create are going to the correct drive. I can use SSH etc but nice if we could do it right from within the nice web interface.

    Again, great work so far. I am looking forward to testing new iterations and finally getting my ownyourbits powered NextCloud server up and running!!

    1. Hi again John!

      Nice feedback! thanks!

      It would be great if you could start little feature requests with your ideas, so we can discuss them separatedly.

      Regarding nc-backup, you don’t have to change BASEDIR. It is the folder where nextcloud lives.

      The password for the database… I am planning to randomize it, but for now it is a good idea to change it manually. Maybe it could be a new entry in nextcloudpi-config? (another feature request ?) πŸ˜‰

      WRT mirroring hard drive… there’s already a feature request for that.

      I don’t understand very well the noip issue, please also open a question on github for this (read first if it has been asked before)

      Again, awesome testing and ideas πŸ˜‰

      1. Hello NachoParker

        I made a new comment in github, titled it config.php. Hope you can add editing of config.php in the new web interface. πŸ™‚

        Also posted a reply in the USB backup thread to try and better understand the drive/file structure.

        Possibly you made it simple and I am over complicating it. Either way I am trying to understand.

        Sorry for the confusion with No-IP. that was my goof, I let my domain expire, now no-ip has it in a holding cell. Using a temp one for testing.

  2. Hi, can you please give me some help. I had my NextCloudPi up and running for months. I decided to upgrade to this new version so I decided to start fresh with the new image. My data is already backed up to another hard drive so I downloaded the newest image from your website. I write the image to microSD card and enable ssh. I first go into raspi-config and change the default password then I expand the file system. I reboot the pi then I go into nextcloudpi-config and go to set up no-ip. It tells me I input the wrong username or password. That is not the case; but just to make sure I changed my no-ip password temporarily to 123456 so to rule out any typos and I still get incorrect user or password and this long error:

    An unhandled exception has been thrown:
    Doctrine\DBAL\DBALException: Failed to connect to the database: An exception occured in driver: SQLSTATE[HY000] [2002] No such file or directory in /var/www/nextcloud/lib/private/DB/Connection.php:61

    I have reflashed the image many, many times and can never get no-ip set up. It seems like it’s some sort of database error but this is a brand new installation with nothing changed but the default login password. I am fairly new to this, but I managed to get it set up previously so for the life of me I can’t figure out what has changed now. Any help would be greatly appreciated.

    1. Hi, please use github to ask technical questions, because they might already be answered there. See this for your case.

      For the database thing, you can open a new issue on github as well, so it can be treated separatedly.

      1. Is there a place to download a previous version? I’m sure I’m doing something wrong but I can’t get this new version to work. I had no problem setting up the older versions. Thanks

        1. Thanks anyways. This is above my expertise. I will have to go back to using Google Drive and maybe try again in a few months with a new image.

  3. Mr Lizard πŸ˜‰
    I’ve got a minor issue, when I change the file size through the nextcloud administration interface, there is an Error
    Warning files Can’t write upload limit to /var/www/nextcloud/.htaccess. Please check the file permissions

  4. i just upgraded manually to nc-web. and am stunned in awe.
    WHOOOOHOOO!
    great. super. duper. yappa-dabba-doo ;o)
    thanks. and keep the good work up

  5. Hi Nacho,

    thanks for all your work !

    I use your docker container on my PI2 (since 4-5 days) and I am unsure if the webinterface is integrated if I pull the container again or not? on hub.docker.com it says Last pushed: 2 months ago

    greats
    doll

    1. Hi,

      The ARM docker image has already been built, but I still have not tested it. One main reason for me to rush the web interface was for the docker image.

      From now on, I will focus more on the docker image, it needs some polishing in order to properly save NCP configuration.

      Even though is already usable, it is not as usable as the SD card image yet.

  6. Hi,

    What is the proper way to resize the card after flashing your image? I am using a 200GB card, after I flash I go to the local IP in the browser and I can connect and everything works. I then SSH in and go to raspi-config and when I go to advanced options and resize the card it no longer works after I reboot. When I try to connect via the local IP it tells me connection refused. I can only SSH in. I have tried multiple times and reflashed and every time I expand the filesystem to make the rest of the 200 GBs available it breaks the NextCloud installation. Thanks

  7. I dont know why but I am not able to login with your provided login details (admin and ownyourbits) it is giving me an error, Login incorrect. Do you know why?

  8. Hi Nacho,
    Up to now I have always used ssh to turn off my NextCloudPi server during night time.
    Would it be possible to include a “shutdown” or “standby” function in the web interface, or is this too complicated to do?
    Very happy otherwise with NextCloudPi πŸ™‚

    1. lol, you read my mind.

      That is on my list, and also enabling SSH from the web interface.

      Just so you know, you can also open a feature request.

      If you feel like posting the FR over there, it would be an official FR for NCP πŸ˜‰

      Otherwise, I’ll do it anyway πŸ˜‰

  9. I know that NextcloudPi is meant to work with Raspberry Pi3. However, if I’m able to save the image into an oDroid-C2 board would it still work?

    1. Hi,

      See this info on contacting the rest of the community (or you can use the nextcloud forums, appliaces section)

      — COPYPASTE —
      Hi, please ask technical questions or report issues on github. That way other people with the same issue can benefit from the answer.

      Check first that it has not been asked before
      — COPYPASTE END —

Leave a Reply

Your email address will not be published. Required fields are marked *