nextcloud, nextcloudpi, raspberrypi

NextCloudPi updated to NC13, brings UFW, security improvements, auto-snapshots and more

The latest release of NextCloudPi is out!

This release updates to the latest stable version, Nextcloud 13.

Also, there has been a special focus on enhancing security, and on providing tooling to assess the security of our instances.

In addition to the big changes, there is a small but important change: from now on, images will default to user ncp and password ownyourbits for all services, including not only the admin user of Nextcloud, but also SAMBA, ncp-web and elsewhere. As those features appeared organically each one with a different password, it became an unnecessary complication for people wanting to try out NextCloudPi for the first time.

Another small change: for consistency, you can now use

as a synonym of

As usual, there have been many fixes and enhancements. I would like to thank everyone that was involved.

NextCloudPi improves everyday thanks to your feedback. Please report any problems here. Also, you can discuss anything in the forums.

Last but not least, please download through bitorrent and share it for a while to help keep hosting costs down.

Nextcloud 13

The latest Nextcloud brings both new stuff and improvements.

My personal highlights for the new stuff are end-to-end encryption, and Nextcloud Talk. Nextcloud keeps working towards security and giving us the ability to self host more and more services.

There are also performance improvements, most notably for the web UI and LDAP.

UI speed improvements

Very welcome speed improvements for us using slow boards or Tor connections.

Back in Nextcloud 10, the developers had to stop using asset pipelining, which made the interface much heavier and slow.

The good news is that for this release, work has been done to improve this situation. Just compare this test that I reported with the following results

Loading time, no browser cache

 

Loading time, with browser cache

Night and day!

You can check the full announcement

Support for big files in 32 bit systems

Many low end systems such as the Raspberry Pi use 32 bit operating systems. This is true even for Raspberry Pi 3, which has a 64 bit CPU when we are running Raspbian because they just don’t produce 64 bit images.

When we combine this with a stupid php limitation for this architectures we were left with the situation where we had a hard limit of 2GB files for Nextcloud uploads.

This has been worked around in code, so we can finally upload bigger files. It was about time!

The solution involves chunking the data and a quick test shows that it indeed works: the temporary data dir now contains 10 MiB files that come and go during the transfer, and the traffic becomes more “spicky”. Some testing will be needed to measure the performance impact of this workaround.

PHP 7.2 support

This was an issue, because many users were holding back their PHP packages in order not to break Nextcloud.

Uncomplicated Firewall (UFW)

UFW is a simple to use firewall, developed by Canonical. It is just another Netfilter wrapper, with simplicity in mind. This makes it a good fit for this project, because overly complicated technical stuff might not be actually usable by everyone.

Even easier to use for NextCloudPi, just activate it!

Audit your instance with nc-audit

NextCloudPi comes now bundled with a few security auditing tools, mainly

  • Lynis, which was already covered here
  • Debsecan

The extra nc-audit will run those with the right parameters, so we can detect misconfigurations, potential vulnerabilities and known bugs

By using this tools, the configuration of NextCloudPi has been further enhanced for security.

Automatic creation of BTRFS snapshots

BTRFS snapshots are amazing! NextCloudPi is now able to schedule BTRFS backups in a space efficient way.

If we activate this option, snapshots will be produced automatically every hour, every day, every week and every month in the USBdrive that holds your datadir. Only 24 hourly backups, 7 daily backups, 4 weekly backups and 12 monthly backups will be produced, with the older ones over these limits being deleted.

 

Author: nachoparker

Humbly sharing things that I find useful [ github dockerhub ]

13 Comments on “NextCloudPi updated to NC13, brings UFW, security improvements, auto-snapshots and more

  1. Fantastic stuff!! Thanks so much for all of you and your team’s hard work!!
    I updated my pi to 13.0.0 and its been working great so far.
    I was excited to use talk but it seems that the pi is a little bit slow to run it.
    Oh well, it is amazing what that little machine can do regardless.
    Thanks again!

  2. Thank you for this, Nacho! I’m unclear on how to upgrade from 12.0.5 to 13. The admin panel (web interface) shows that I have NextCloudPi 12.0.5 installed, and that the version is up to date. There is no mention of the availability of version 13. How does one do a version upgrade?

  3. Nacho, I’ve found the answer to my question. It’s not a NextCloudPi issue. It’s just that NextCloud has not yet made version 13 available to me. As explained on their website (https://nextcloud.com/release-channels/): “Nextcloud makes new versions incrementally available to user installations in the stable and production channels. When a major new version comes out, we wait about one week and only when no problems are found we start the roll out in steps of about 20% of our user base per week. In practice this means a new release is typically only available in the stable channel after the first minor release. Users can always upgrade sooner by choosing the beta channel, which typically tracks stable releases immediately after publishing.”

  4. The option to update to Nextcloud 13.0.0 now appears in my instance, but when trying to apply the update, the following error message appears:

    Check for expected files
    The following extra files have been found:

    .well-known

    The .well-know file seems to be associated with Let’s Encrypt, and it prevents the update from proceeding.

  5. Hey nachoparker, thanks for all the great work. I use ncp for a few days now and enjoy its comfort. Really great. I was wondering if you prefer a nextcloud update via your ncp web interface over the internal nextcloud updater app? What exactly is the difference between them (in case there is one)? If you are out of ideas what to blog about, I would really love a post about your personal nextcloud update strategy incl. a step by step description. Thanks up front! 🙂

  6. Very cool, Nacho! Been using ncp since almost the beginning and thanks to you it’s been effortless. You make it all so easy! Thanks mate.

  7. Hello,
    i think i need a little bit help. I start the Bashscript for install its goes all well to Downloading Nextcloud 13.0.0. I wait 30 minutes but nothing happens it says it downloads, bit i have 100 mbit at home so it must be done i think. I used a fresh updated Raspian. Please anyone help

Leave a Reply

Your email address will not be published. Required fields are marked *