I have started to enhance the work that I did last weekend with Nextcloud on FreeNAS™. I promised to share the innards of my work but first I have to set the right expectations for the readers. This blog is just a documentation of the early work I have been doing to get Nextcloud on FreeNAS™ off the ground quickly. Also there are far better blogs than mine on the Nextcloud topic.
Note:
- This is tested on FreeNAS™ 11.2U5 on Virtualbox. This is an EOLed version. The Nextcloud version on this FreeNAS is version 17, not the latest version. I am testing this version for a friend.
- These are quick and dirty instructions set to install and configure Nextcloud. It is not for production and it is not secure. Future blogs will discuss about HTTPS, SSL certificate and Reverse Proxy.
- I ride on the shoulders of giants. Many have done great work to create instruction video with Nextcloud on FreeNAS™. I thank you to these folks for their great and selfless Youtube videos contributions.
Nextcloud 17 (latest version is version 21)
Install Nextcloud plugin
Nextcloud is one of the many plugins in FreeNAS™ and TrueNAS® CORE. On the left navigation column of the FreeNAS™ web GUI, Plugins > Available > Nextcloud. Right-click to install as shown.
Nextcloud Plugin Install
Configure the network. In my example, I unchecked the DHCP box as shown below and I have a fixed IP 192.168.1.188/24 for the network interface em1.
Configure fixed IP for Nextcloud
A pop-up message appears and it will go through a series of messages updates as shown. This process can take a long time. On a slow system, this can take over an hour because it has to download the FreeBSD® 11.2 (or whichever version the FreeNAS™/TrueNAS® CORE defaults to) OS image into FreeNAS™ and setup the jail. Nextcloud plugin is, behind the iocage cloak, an application installed and configured in the FreeBSD® iocage jails, an abstracted partition within the OS itself, conceptually similar to Linux containers. FreeBSD® jails predates Linux containers.
Nextcloud plugin installation messages
Once the installation has completed, a pop post-install message will appear. Unlike newer versions of FreeNAS™ (11.3 and higher), the Post Install note only appears once, unless you get into iocage console and find out the PLUGIN_INFO. Remember to copy and paste the notes to a Notepad because it will be used to login into the Nextcloud admin portal.
Nextcloud post install notes
The information I highlighted – database name, database user, database password – above are important because they are used to configure the mysql database when doing the admin login for the first time. If you are adept with mysql, you can also change these in the Nextcloud jails command prompt. Here I use the default because I am not that good (yet) and I am still learning.
Nextcloud datastore(s)
ZFS datasets in FreeNAS™ are the storage repositories for Nextcloud. To make the connection, a mount point has to be created to link a ZFS dataset in FreeNAS™ to a folder in Nextcloud. Here is how it is done.
The Nextcloud plugin must be stopped before a mount point can be added. To stop the plugin, Jails > Nextcloud > (right click) Stop. Select the (…) vertical three dots to “Add Mount Point” as shown below.
Add mount point to link ZFS dataset to Nextcloud folder
Select the ZFS dataset as the Source which is the data storage repository for Nextcloud. The Destination path is the full path of the Nextcloud root in jails with a new directory name. In my example, it is /mnt/pool0/iocage/jails/nextcloud/root/wau, where wau must be a new directory name that does not exist. This will create a new folder from the Nextcloud root called /wau. Save to complete.
Connecting the ZFS dataset to the Nextcloud director via the Mount Point
Restart the Nextcloud jails.
Nextcloud login and initial configuration
To access the Nextcloud portal, Plugins > Installed > Nextcloud > (right click) Management. This opens a new tab in the browser connecting to http://192.168.1.188 address which was previously configured as the IP address of Nextcloud.
Nextcloud plugin portal access
Nextcloud admin and dbadmin login and initial configuration
The login portal is shown below. To login for the first time, and also to install the mysql database, use Login ncadmin and a New Password. Further down the portal page, the database admin is dbadmin, and the database name is nextcloud. The password is the password produced from the post install script in the Nextcloud plugin installation in the previous section. (Remember the copy and paste action earlier?)
Once the initial is completed, you will be presented in the main page of the Nextcloud administrator, which is ncadmin.
Nextcloud admin page
Nextcloud groups and users
One very important thing to note, especially if there no LDAP or Active Directory, the groups and the users in Nextcloud are different from the local groups and users in FreeNAS™. This distinction is very important, and therefore both user databases must be maintained separately. To create groups and users in Nextcloud, go to the top right corner as shown and select “Users”.
Nextcloud Add Group and New Users
Add group and New User. Provide details to create the user and password. Click on the check button on the left to add the user.
Nextcloud add User and assign Group
External Storages for Nextcloud
By default, the folder that was configured to connect to the ZFS dataset earlier does not appear in Nextcloud. This has to be enabled via the App in the Nextcloud portal. At the top right corner, select “App” as shown.
Select App in Nextcloud
Then type “external” on the Search box on the top right corner of the following page. The “External Storage Support” option appears. Click “Enable” to enable the ability to support External Storages. These actions are shown below.
Enable External Storage Support
Setup the External Storages to Nextcloud Folder
The last step is to setup the External Storage to the Nextcloud folder. At the top right corner, select “Settings”. Then on the bottom left corner of the navigation column, select “External Storages”. Both actions are shown below:
Nextcloud Setting (top right corner) and External Storages configuration (bottom left corner)
Next provide a Folder Name, and set the “External Storage” to local. Provide a path to the configuration column. We have chosen /wau earlier as the directory in the Nextcloud jails. Select the group created earlier under the “Available for” column. Click on the check to save.
Nextcloud External Storage to Folder configuration
A valid green check button (shown below) appears on the right of the folder configuration to confirm that the action was successful.
Nextcloud Folder Validation
Testing with a regular Nextcloud user
The pièce de résistance is of course, making it all work together wonderfully. Login as a non-admin user. At the top left corner, the white folder will show “External Storages” available and on the main page of the user, there is the wau folder we have just configured.
The external storage folder of a non-admin Nextcloud user
And if we can to create the Work from Home concept where we link the NAS Y: shared drive in the LAN to the Nextcloud private file share over the public Internet, Files and folders can be synchronized easily between both sides of the divide.
Y: Network Drive
Nextcloud external storages folder
Improving security on the Nextcloud on FreeNAS™
This blog culminates this weekend’s project. I have made it clear that the instruction sets in this blog is a quick-and-dirty method to get things up and running. There are many security gaps that have not been addressed such as installing the SSL certification to enable HTTPS, and also setup reverse proxy to protect the Nextcloud server on the FreeNAS™ system. There are also some thoughts about using Port Forwarding and Dynamic DNS since it is probably easier to setup than a reverse proxy.
Many things are going through my mind this weekend and this is by no means the end of setting up Nextcloud on FreeNAS™. There will be more, as long as I have the time to work on it and not get distracted. Till my next blog, Happy Weekend!
[ Update ] This is the link to Part 2.
