Using occ core commands This command description references to ownCloud core commands only. OwnCloud’s occ command (ownCloud console) is ownCloud’s command-line interface. You can perform many common server operations with occ, such as installing and upgrading ownCloud, managing users and groups, encryption, passwords, LDAP setting, and more. Occ is in the owncloud/ directory; for example /var/www/owncloud on Ubuntu Linux. Occ is a PHP script. You must run it as your HTTP user to ensure that the correct permissions are maintained on your ownCloud files and directories.

Run occ As Your HTTP User The HTTP user is different on the various Linux distributions. See to learn how to find your HTTP user. The HTTP user and group in Debian/Ubuntu is www-data.

The HTTP user and group in Fedora/CentOS is apache. The HTTP user and group in Arch Linux is http. The HTTP user in openSUSE is wwwrun, and the HTTP group is www. If your HTTP server is configured to use a different PHP version than the default (/usr/bin/php), occ should be run with the same version. For example, in CentOS 6.5 with SCL-PHP54 installed, the command looks like this.

Encryption encryption:change-key-storage-root Change key storage root encryption:decrypt-all Disable server-side encryption and decrypt all files encryption:disable Disable encryption encryption:enable Enable encryption encryption:encrypt-all Encrypt all files for all users encryption:list-modules List all available encryption modules encryption:migrate initial migration to encryption 2.0 encryption:recreate-master-key Replace existing master key with new one. Encrypt the file system with newly created master key encryption:select-encryption-type Select the encryption type. The encryption types available are: masterkey and user-keys. There is also no way to disable it again.

Encryption:set-default-module Set the encryption default module encryption:show-key-storage-root Show current key storage root encryption:status Lists the current status of encryption encryption:status shows whether you have active encryption, and your default encryption module. To enable encryption you must first enable the Encryption app, and then run encryption:enable. Sudo -u www-data php occ encryption:show-key-storage-root Current key storage root: default storage location (data/) encryption:list-modules displays your available encryption modules. You will see a list of modules only if you have enabled the Encryption app. Use encryption:set-default-module module name to set your desired module. Encryption:encrypt-all encrypts all data files for all users.

You must first put your ownCloud server into to prevent any user activity until encryption is completed. Encryption:decrypt-all decrypts all user data files, or optionally a single user.

Sudo -u www-data php occ encryption:decrypt freda Users must have enabled recovery keys on their Personal pages. You must first put your ownCloud server into to prevent any user activity until decryption is completed. Use encryption:disable to disable your encryption module. You must first put your ownCloud server into to prevent any user activity.

Encryption:migrate migrates encryption keys after a major ownCloud version upgrade. You may optionally specify individual users in a space-delimited list. See to learn more. Encryption:recreate-master-key decrypts the ownCloud file system, replaces the existing master key with a new one, and encrypts the entire ownCloud file system with the new master key. Given the size of your ownCloud filesystem, this may take some time to complete.

However, if your filesystem is quite small, then it will complete quite quickly. The -y switch can be supplied to automate acceptance of user input. The files:checksums:verify command ownCloud supports file integrity checking, by computing and matching checksums. Doing so ensures that transferred files arrive at their target in the exact state as they left their origin.

In some rare cases, wrong checksums are written to the database which leads to synchronization issues, such as with the Desktop Client. To mitigate such problems a new command is available: occ files:checksums:verify. Executing the command recalculates checksums, either for all files of a user or within a specified filesystem path on the designated storage. It then compares them with the values in the database. The command also offers an option to repair incorrect checksum values ( -r, -repair)./occ files:checksums:verify This operation might take very long. Mismatch for files/welcome.txt: Filecache: SHA1:eeb2c08011374d8ad4e483a4938e1aa1007c089d MD5:368e3a6cb123931d786e21 ADLER32:c5ad3a63 Actual: SHA1:da39a3ee5e6b4b0d3255bfef95601890afd80709 MD5:d41d8cd98f00b2ecf8427e ADLER1 Mismatch for thumbnails/9/2048-2048-max.png: Filecache: SHA1:2634fed078d192bf4ee0e4bd0c3c99 MD5:dd249372f7a68c551f7e6b2615d49463 ADLER32:821230d4 Actual: SHA1:da39a3ee5e6b4b0d3255bfef95601890afd80709 MD5:d41d8cd98f00b2ecf8427e ADLER1.

Sudo -u www-data php occ files:scan -help Usage: files:scan options -. Arguments: userid Will rescan all files of the given user(s) Options: -output=OUTPUT Output format (plain, json or jsonpretty, default is plain) default: 'plain' -p, -path=PATH Limit rescan to this path, eg.path='/alice/files/Music', the userid is determined by the path and the userid parameter and -all are ignored -g, -groups=GROUPS Scan user(s) under the group(s). The -repair Option As noted above, repairs can be performed for individual users, groups of users, and for all users in an ownCloud installation. What’s more, repair scans can be run even if no files are known to need repairing and if one or more files are known to be in need of repair. Two examples of when files need repairing are:.

If folders have the same entry twice in the web UI (known as a “ ghost folder”), this can also lead to strange error messages in the desktop client. If entering a folder doesn’t seem to lead into that folder.

The repair command needs to be run in single user mode. The following commands show how to enable single user mode, run a repair file scan, and then disable single user mode. Sudo -u www-data php occ files:transfer-ownership -path='folder/to/move' When using this command, please keep in mind:. The directory provided to the -path switch must exist inside data//files. The directory (and its contents) won’t be moved as is between the users. It’ll be moved inside the destination user’s files directory, and placed in a directory which follows the format: transferred from on.

Using the example above, it will be stored under: data//files/transferred from on 20110/. Currently file versions can’t be transferred. Only the latest version of moved files will appear in the destination user’s account.

Authentication Details Authentication method Identifier, name, configuration Log-in credentials, save in session password::sessioncredentials Log-in credentials, save in database password::logincredentials User entered, store in database password::userprovided (.) Global Credentials password::global None null::null Builtin builtin::builtin Username and password password::password OAuth1 oauth1::oauth1 (.) OAuth2 oauth2::oauth2 (.) RSA public key publickey::rsa (.) OpenStack openstack::openstack (.) Rackspace openstack::rackspace (.) Access key (Amazon S3) amazons3::accesskey (.). Filesexternal:list -show-password -full -a -all - Arguments: userid User ID to list the personal mounts for, if no user is provided admin mounts will be listed. Options: -show-password User to add the mount configurations for, if not set the mount will be added as system mount.full Don’t save the imported mounts, only list the new mounts.a, -all Show both system wide mounts and all personal mounts.output The output format to use (plain, json or jsonpretty, default is plain). Maintenance maintenance:data-fingerprint Update the systems data-fingerprint after a backup is restored maintenance:mimetype:update-db Update database mimetypes and update filecache maintenance:mimetype:update-js Update mimetypelist.js maintenance:mode Set maintenance mode maintenance:repair Repair this installation maintenance:singleuser Set single user mode maintenance:update:htaccess Updates the.htaccess file maintenance:mode locks the sessions of all logged-in users, including administrators, and displays a status screen warning that the server is in maintenance mode. Users who are not already logged in cannot log in until maintenance mode is turned off. When you take the server out of maintenance mode logged-in users must refresh their Web browsers to continue working.

Sudo -u www-data php occ maintenance:singleuser -off Single user mode disabled Run maintenance:data-fingerprint to tell desktop and mobile clients that a server backup has been restored. Users will be prompted to resolve any conflicts between newer and older file versions.

Run maintenance:data-fingerprint to tell desktop and mobile clients that a server backup has been restored. This command changes the ETag for all files in the communication with sync clients, informing them that one or more files were modified. After the command completes, users will be prompted to resolve any conflicts between newer and older file versions.

The maintenance:repair command runs automatically during upgrades to clean up the database, so while you can run it manually there usually isn’t a need to. Sharing This is an occ command to cleanup orphaned remote storages.

To explain why this is necessary, a little background is required. While shares are able to be deleted as a normal matter of course, remote storages with “shared::” are not included in this process. This might not, normally, be a problem.

However, if a user has re-shared a remote share which has been deleted it will. This is because when the original share is deleted, the remote re-share reference is not. Internally, the fileid will remain in the file cache and storage for that file will not be deleted. As a result, any user(s) who the share was re-shared with will now get an error when trying to access that file or folder. That’s why the command is available. So, to cleanup all orphaned remote storages, run it as follows.

Sudo -u www-data php user:expire-password To expire a user’s password at a specific date and time, use the user:expire-password command. The command accepts two arguments, the user’s uid and an expiry date. The expiry date can be provided using any of. If an expiry date is not supplied, the password will expire with immediate effect. This is because the password will be set as being expired 24 hours before the command was run.

For example, if the command was run at “2018-07- 12 13:15:28 UTC”, then the password’s expiry date will be set to “2018-07- 11 13:15:28 UTC”. After the command completes, console output, similar to that below, confirms when the user’s password is set to expire. # The password for user 'frank' will be set as being expired 24 hours before the command was run. Sudo -u www-data php occ user:expire-password frank # Expire the user 'frank's password in 2 days time.

Sudo -u www-data php occ user:expire-password frank '+2 days' # Expire the user 'frank's password on the 15th of August 2005, at 15:52:01 in the local timezone. Sudo -u www-data php occ user:expire-password frank '2005-08-15T15:52:01+00:00' # Expire the user 'frank's password on the 15th of August 2005, at 15:52:01 UTC. Sudo -u www-data php occ user:expire-password frank '15-Aug-05 15:52:01 UTC'. Caveats Please be aware of the following implications of enabling or changing the password policy’s “ days until user password expires” option. Administrators need to run the occ user:expire-password command to initiate expiry for new users. Passwords will never expire for users who have not changed their initial password, because they do not have a password history.

Auto Occ Install For Macbook Pro

To force password expiration use the occ user:expire-password command. A password expiration date will be set after users change their password for the first time.

To force password expiration use the occ user:expire-password command. Passwords changed for the first time, will expire based on the active password policy.

If the policy is later changed, it will not update the password’s expiry date to reflect the new setting. Password expiration dates of users where the administrator has run the occ user:expire-password command won’t automatically update to reflect the policy change. In these cases, Administrators need to run the occ user:expire-password command again and supply a new expiry date. Sudo -u www-data php occ user:setting -help If you’re new to the user:setting command, the descriptions for the app and key arguments may not be completely transparent. So, here’s a lengthier description of both.

Argument Description app When an value is supplied, user:setting limits the settings displayed, to those for that, specific, application — assuming that the application is installed, and that there are settings available for it. Some example applications are “core”, “filestrashbin”, and “userldap”. A complete list, unfortunately, cannot be supplied, as it is impossible to know the entire list of applications which a user could, potentially, install. Key This value specifies the setting key to be manipulated (set, retrieved, or deleted) by the user:setting command.

IMPORTANT: The contents of this blog post are a detailed explanation of NextCloudPi. However, the main landing page of the project is now and that is the place where information will be kept up to date.

I would like to introduce NextCloudPi, ready to use Raspbian 9 image with the latest Nextcloud 13. NextCloudPi is now also available as an ARM or x86 docker container ( ) NextCloudPi can now also be installed on any Debian 9 system ( ) NextCloudPi can also be built for, like the ( ). NextCloudPi is an NextCloud community project as of. # curl -sSL bash Usage NEW: you can follow the installation and setup steps in the Connectivity and basic setup Upon first boot, you should do the usual, such as change the default Raspbian password, maybe configure the network connection, enlarge the partition with raspi-config, and enable SSH if you so desire. If you are going to connect though a network cable, make sure it is plugged in before turning the Raspberry Pi on.

If you are doing manual configuration of the network, such as setting up a static IP, reboot when you are done so that NextCloudPi can detect it. In many cases you can just access by typing nextcloudpi.local in your browser. Otherwise, you need to discover what is your Raspberry Pi IP address. For this, you can use a network scanner such as nmap.

The first run, the easiest is to run the configuration wizard. This is the whole process USB external drive By default, your data will be kept in your SD card. You will probably want to connect an external USB drive to your Raspberry Pi in order to host your files. First, you can format your external drive with the nc-format-USB feature. FAT32 or NTFS filesystems are not supported. Then, you can enable the nc-automount feature.

This will result in your drives being auto-mounted to /media Finally, set your Nextcloud data folder in the drive using nc-datadir. Access from outside In order to access your private cloud from the internet, you should setup a Dynamic DNS, so you can use a domain name that doesn’t change with your public IP. I use free plan for my DDNS. The no-ip service is in NextCloudPi. Also, you need to setup port forwarding in your router so your router sends connections to your Raspberry Pi. For this, you can use the nc-forward-ports feature ( ).

You can explore some alternative ways of accessing your files in. Get a trusted certificate If you want to avoid the “Untrusted Certificate” warning and make everyone’s life easier, get a signed certificate for your DNS domain through nextcloudpi-config or the. More extras You can activate and configure the system and any extras from the. You can also do so from the command line with.

Sudo./qemu-pi.sh NextCloudPi03-13-17.img Details Nextcloud is awesome. It allows us to own and control our information without relying on external companies. These companies could change things outside of our control or even shut down the service and we realize only too late that we do not own the software that we use. Nextcloud is certainly a huge tool to protect our privacy and our data. The big issue though is that it is a web service, so it needs to run on top of an operating system. Setting that up implies long hours of installation, dealing with package versions, configuration and troubleshooting. Many people are not willing or do not have the knowledge to accomplish this task, and I think it is a big reason why it is not that popular outside of the geek niche.

I thought it would help to facilitate already configured images to the public with Nextcloud included, so I automated the process. Let’s go for it! In the we learned how to use qemu-pi.sh to launch Raspbian on a QEMU virtual machine.

We will use this to automatically generate a Raspbian image with Nextcloud 12 installed. I recommend to setup qemu-pi.sh to use a static MAC address so you can always get the same IP through DHCP after each reboot. This is important to automate the process, and for that reason it comes as the default configuration. Write down the IP that your Raspbian gets from DHCP, and launch./batch.sh 192.168.0.145 # change to your QEMU raspbian IP This will get the code from, and. latest Raspbian image.

Resize the partition. Update the system. Install Apache with HTTP2, PHP7, Mariadb and all that is needed to run Nextcloud. Install Nextcloud. Configure the system.

You can use your own image by setting DOWNLOAD=0 at the top of the script. You can also choose between Raspbian or Raspbian Lite by setting the IMG variable. See the code for details. At the end of the process you end up with an image that you can write on an SD card and use on your Raspberry Pi. The good thing about this method is that it is an automated process, so we can easily produce newer versions as Raspbian, Apache and Nextcloud receive updates. Also note that you can change the following parameters at the top of install-nextcloud.sh.

MAXFILESIZE=1G This was tested on Raspberry Pi 2 and Raspberry Pi 3. Screenshots The basic configuration and optimizations are already in place, so there are no warnings on the Admin section.

We can see that we are using the recommended cron method. Nextcloud main settings Also, you can see the default maximum upload size to a sane value of 1G by default. PHP operations time out at one hour. This is important to allow for long uploads and downloads for big files or slow connections. Other settings In order to test that you are using HTTP2, look for X-Firefox-Spdy: h2 in the network tab. HTTP2 test PHP configuration PHP Zend OPCache Settings PHP ACPU settings If you have ever manually configured a Nextcloud instance, the auto-configuration parameters by default are equivalent to this Nextcloud default configuration Code. I just re-checked it and it works for me.

Are you sure that the directory exists? Make sure to modify your fstab to mount your USB hard drive on every boot. I included the mkdir line in the instructions to make sure that the directory is created if it does not exist (/mnt/Store in your case). If we do not do this step, it works fine but everything stays on the SD card which is more limited in space.

Write the image again on the SD card, then set up the USB drive mount to /mnt/Store, then copy and paste the instructions again. It should work. Thanks for your help. Alas I had already done it both ways exactly as you describe. I think the problem is that the config.php file on my installation sits at /var/www/html/nextcloud/config, not in /var/nextcloud. As I said everything works fine if all is on the sd card, specifically data in /var/nextcloud/data and the config.php file in /var/www/html/nextcloud/config, again on the sd card. The reason the data directory was moved to /var/nextcloud comes from a suggestion that this is more secure Here is theexplanation and the URL follows Secure the Nextcloud Data Directory It is highly recommended to make Nextcloud more secure by moving the “data” directory to a secure location.

Let’s move it to /var/owncloud/data. That will prevent any unauthorized users from accidentally gaining access through the web browser. Move the data directory: $ sudo mkdir -p /var/nextcloud $ sudo mv -v /var/www/html/nextcloud/data /var/nextcloud/data Configure the new data location into Nextcloud. Using vi or another editor of your choice, edit the configuration file. Make a backup copy first, just in case there is a mistake with the edit: $ cd /var/www/html/nextcloud/config $ sudo cp -p config.php config.php.org $ sudo vi config.php Change this line: ‘datadirectory’ = ‘/var/www/html/nextcloud/data’, to this: ‘datadirectory’ = ‘/var/nextcloud/data’, Be careful not to delete the comma at the end of the line. Save the file and exit the editor. Many thanks.

I want to use this for my Pi zero W that came yesterday. After writing the image to the SD card, putting a ssh.txt file to the root of the SD card in order for ssh access and after mounting the written SD card and altering /etc/network/interfaces before booting up the pi so that it uses the correct wlan connections and settings i cannot get a ssh connection to the pi. I also do not see it when using a dhcp scanner. Does this image work on the pi zero w? The process of ssh.txt and interface file editing does work with the original image of rasbpian. Hello, I have not tested this with a Raspberry Pi Zero or an original Raspberry Pi, but it should work.

It will be quite slow though. I was running Owncloud on my RPi B before RPi 2 came out and it was usable but very slow. The zero has a bit more power.

I will test it on zero when I have time. Also any feedback is welcome.

To answer to your questions the procedure for activating SSH with the ssh.txt file should work (see ). From the top of my head, in order to get network access you can edit /etc/dhcpcd.conf, and include something like this. Your image does boot up on my pi zero w, but it won’t bring up wlan0. I guess there is a driver problem.

Is your image based on Debian 9 stretch instead of the current stable branch? I booted up Debian 8 jessie on my zero w and wlan worked without problems, but as soon as i upgraded to stretch testing branch, the wlan also broke there. So I guess it is not a problem with your image in particular, but with Debian 9 stretch branch as for now. As the wlan chip on the zero w an the rpi 3 B are the same, the problem should occur on the rpi 3 also though. Anyone can confirm that or can anyone provide a solution? Can’t get your image to work correctly with the zero w. It does not bring up wlan0 at boot, always says “device not found” or “there is no such device”.

I guess the wlan-driver is not loaded at all or can’t be loaded. Maybe this has something to do with the kernel in your image? I already installed the firmware for the wifi-chip (same as rpi3) and also copied over existing files in /firmware/brcm to the zero w from an original raspbian 8 image to your image (on the original raspbian image, the zero w works with wifi). Still no success. Did you change the kernel in your image? Btw: These are the drivers that are used for the wlan/BT chip on the rpi3/zero w:. Well, nginx really shines in high load high concurrency situations.

In this case you will not see a difference. I chose apache because it is what I was already using, and because it had easier support for HTTP2 at the time. If you really want to use nginx, just follow the rest of the building script. I share all the code. In any case, I have many plans for this blog. I already am starting to build some dockers that I plan to use on RPi. Nginx included.

I want to experiment with lighttpd to see if I can make it work with Nextcloud, if you pull the container you will see that it is only 67.8 MB, so about a 10 MB increment from minidebian! Also, Let’s Encrypt is the next thing I am going to include in nextcloudpi-config Stay tuned! Thanks, awesome work! I came across your site by accident, I was looking for something to lets say pre-configure an image like Raspbian or whatever.

All this so I would be able any time to replicate my current setup just in case something goes wrong. I’ve look at Nextcloud before, among numerous other possible solutions, such that I could access my PI from anywhere and show off photos of my little girl on whatever system. Like you I’ve got myself a domain name from no-ip.com and my router provides an auto update feature for noip, easy. After a zillion tries, I found setting for my monitor that works fine so I burn the image from my WIN 10 PC and replace the config.txt file with my version. Unfortunately for me, I decided to use the BTRFS file system for my 5T USB drive and I intend to get a few more. Anyway, all this to say I’m beginning to have memory problems and I want to setup a quasi fail safe system with redundancy, security and the works.

At minimum, 2 PI3 in 2 distinct location and 2 large USB drive (BTRFS) each. Currently I’m setup to boot from a micro-SD card but the root file system is on a USB flash drive (EXT4). I want to be able to rebuild any part of the system as easily as possible. Your image file will definitely bring me very close to what I want.

I see you provide indications and or snippets for many different options or solutions. For example with LetsEncrypt, I’ll use that one for sure. Just to give another example, I don’t want any of my users to be login all day long idle most of the time so I want to shut them down after some period.

It’s not very complicated to do but every time you burn an image you have to start over from scratch. It’s prone to error, it’s very likely you’ll forget this or that and I’m sure you see me coming. Does your image provide and or would be easily adapted to self update as much as possible?

I mean security wise at minimum? I’d like your advise also on how you would proceed to create a snapshot of the system such that I could (relatively) easily recover from some device failure, be it the PI itself, the card or the USB drives. Yes, it’s possible I’ll never use a micro-SD again and I’ll also go all the way with the BTRFS. Thanks again, I’m burning the image as we speak Yves.

I’d like to add some observation and comments if I may, hopefully constructive. Yesterday, I burn the full image using win32diskimager, booted up the new image and then ran raspi-config to setup a few things, password, etc. All of this directly from PI but through SSH. When I came to the nextcloudpi-config part above (usage) the only choice I add where dns-masq and no-ip scripts.

Why not the same as we see above? I notice you practically always refer to QEMU and if I’m not mistaking this mean one need another machine with some linux distro, right? Just when I installed the 2-18-17 version you where uploading behind the scene the 3-13-17 version and unless I mist something really big this would mean all of us would have to start over from scratch, yes? This is one of the reason I was searching for some mean to at minimum be assisted in some way to install and especially configure the packages and or services one need, by this I mean passwords (so your first login is with the proper password), the services I want to run like say ssh setting it properly, everyone agrees, passwords is not a good idea so why not configure it right away for public key or at least having the choice.

Maybe, yes password login but setup firewall for ssh over LAN only. One last thing, IMHO I don’t think most people will stay on a SD card file system for very long, a single video would bust most of the available space from the start.

Why not have the possibility to set this up before installing nextcloud and even the complete web server for that matter. By this, either use an existing drive or drives, format it if necessary and set it up in fstab.

You obviously put a lot of effort into this and I don’t want you to think I don’t appreciate your work. I also know the one size fits all theory doesn’t work either but I recall some 40 years back when I installed my Redhat distribution on my my super duper Intel 386 with 256K + 256K ext of memory. All of these thing I speak above (almost) where part of the installation process, so why not have the same or similar for the PI. I almost forgot, that included setting locale, time zone, keyboard and many other stuff before your first login. I’m curious as well if it would be possible to “UPGRADE” instead of starting over each time you produce a new version? I know, much more work, just some thought. Thanks a million, Yves PS.

I don’t see a donation button anywhere here. Ounce I’m all setup and running I would certainly give something. I would go as far as proposing my help for translating stuff in French if it’s any help for others here. Hello Yves, First, thank you for your encouraging words and feedback. You wrote about many things!

So I’ll try to answer to things one by one. First, this is an ‘in progress’ project. It is already usable but I am not done yet, so there are things that might change over time. Feedback that people like you provide is really valuable for me to realize what is more important for people. The first reason I started to do this is that for the third time I want to upgrade from owncloud and it is such a pain that I decided I could do it in an automated way and share the result. Many people would use this but lack the knowledge or time to do it.

Auto Occ Install For Mac

NC is a great product but it needs an underlying system (such as Raspbian). I figured I could help spread it this way. I am kind of planning things as I go, and seeing what people’s response is.

For instance, I realised that many people struggle with setting things up in Linux, and that is why I came up with nextcloudpi-config With this I mean to say (again) that this is still in a maturing process and that is why the old release did not contain everything in nextcloudpi-config. I do plan now to work on figuring out some easy way to upgrade the system so people’s clouds get the latest security updates. As for NextCloud, the latest release was fixed to allow for upgrading using the updater app from NC. I still do not know how I will do it exactly, but I have some ideas. The next things I have in mind are – auto-upgrade for security – let’s encrypt in nextcloudpi-config – automount USB drives When that is working I do not know if I will continue adding things or not. (suggestions welcome). This means that until then, things can change (improve) quite a bit from release to release.

In any case, you do not need to start from scratch to get the latest thing, as you can use the installer.sh method to add my new things to your working image on a running RPi. I do not know if it makes sense. For example, imagine you are using the latest image, and then I come up with Let’s Encrypt and add it to my next release.

You can always just add it to your working image without starting from zero by updating my git repo and running./installer.sh letsencrypt.sh 192.168.0.130 (assuming that is your RPi IP). I’ll say that again because I want it to be clear for everyone. People that already are running NextCloudPi can just use installer.sh and keep adding the latest things to their running setup.

There is no need to start over 🙂 You mention you had some problems moving the data folder. A bunch of people have come to me asking for help with this. Get the latest release. You can configure it from nextcloudpi-config.

I have tested it in all cases I could think of, but of course if someone finds something just tell me. I do ask everyone to be patient. This all takes a lot of my time and I do my best to listen to what you say, but there is only so much time I can dedicate to this. I will get there, but not immediately.

Talking about a data redundancy system I have a basic thing set up myself using raspberry pi and mirror USB drives. It is very basic, but I want to post about this at some point. I’ll make a post about this using rsync and brtfs, maybe write some little util. Again, when I am done wit Nextcloudpi QEMU is a virtual machine where I run Raspbian. I use it for testing and for building images (see my Raspbian on QEMU post).

You do not need it for using Nextcloudpi on a Rasberry Pi. I am really flattered about your offer to help and donate. I do not accept donations because I just write this blog to spread what I like and what I consider good for people from the field of technology, like owning and controlling your own private data. Many thanks anyway!!! Hi, I’m trying to connect an external USB drive to store my data.

I have mounted the drive (ext4) under /mnt/nextcloud. Then I have changed my config. Php file to point the datadirectory to that location. For /mnt/nextcloud I have changed the owner to www:data recursively.

I have also changed the permissions recursively to 700. In the NextCloud UI, I’m getting a ‘Data directory (/mnt/nextcloud) not writable’ error message.

Just to test, I have given the /mnt/nextcloud dir a 777 permission, but the error message is always there (note I restart Apache each time, just in case). I have no idea what could be wrong here. Can you help me with this? Can you explain what you mean by high CPU load? If I use it non-stop changing dirs, loading content and such I cannot get php-fpm over 40% CPU in brief spikes. I can only saturate the system to 1.6 load average like this.

During an upload, the apache process can take up to 50% of the CPU in my testing. Up to 70% during a download I consider all this normal. NC is pretty responsive to me.

What is your setup? Have you changed the data directory or made any other changes? What class is your SD card? # interfaces(5) file used by ifup(8) and ifdown(8) # Please note that this file is written to be used with dhcpcd # For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf' # Include files from /etc/network/interfaces.d: source-directory /etc/network/interfaces.d auto lo iface lo inet loopback iface eth0 inet manual allow-hotplug wlan0 iface wlan0 inet manual wpa-conf /etc/wpasupplicant/wpasupplicant.conf allow-hotplug wlan1 iface wlan1 inet manual wpa-conf /etc/wpasupplicant/wpasupplicant.conf.

Moving the data directory only seems to work but still I could not find the directory for the new user that I created on the disk though the files show in web interface. The “admin” user and the files are on the disk. I have a 2nd pi that is connected to a hard disk. The data partition is NTFS. And here I got in to permission problem. I get “Please change the permissions to 0770 so that the directory cannot be listed by other users.” I have “UUID=F1A487 /media/nxtclud ntfs-3g nofail,uid=pi,gid=pi,umask=0770 0 0” in fstab. I got this error on my firefox but i can go through with ie by clicking on trused.

Your connection is not secure The owner of XXX.XXX.X.XXX has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. Also when i tried connecting the nextcloud windows app and the pi it gives me this error. Is it ok to tick trust this certificate anyway?

'Cannot connect securely to XXX.XXX.X.XXX: The host name did not match any of the valid hosts for this certificate The certificate is self-signed, and untrusted with Certificate raspberrypi Organization: Unit: Country: can you explain the error received and possible action i should take? Sorry just being paranoid. Hello, here some really noobs question 1. I get next time the Nextcloudbox. So i want to install the NextCloudPi on the card.But i want the accounts and data transfer to the hdd.Maybe after a new installation i have all my data back (Useraccounts and Data are not deleted). Have somebody something like a step by step tutorial how to make this?

I saw the post from Marck Buckmann, but i think this is only to store the data on the hdd, not the accounts. If everything work like i want, what i need to do after a fresh install of the SD? I read to change the passwords. Pi/raspberry on the pi and admin/ownyourbits in the browser. Do i need change more passwords somewhere?

Again, i really happy about your project and the most things are really easy to make.Great great job and support of you. Thank you, I’ve found how to, and learnt about umask and chmod/chown options, if anyone looks for this: I’ve set 755 permissions to the mountpoint folder for the nextcloud user www-data, remember to give it also in the fstab with umask:0002 for the automont. I havn’t tried to unplug the usb while Nextcloud is active, but will be nice to know if I can plug and unplug as much as I need to while the raspi stills powered on with Nextcloud running and if it won’t break my FS. For now I’m doing sudo shutdown -h now and then poweroff the raspi for unpluging the usb Now I’m also trying the encryption module, It works great, it doesn’t secure the filenames.

EDIT: I recommend to use nc-backup before trying this. If it fails, just go back with nc-restore I know, but that is not the issue with NextCloudPi because I ‘fixed’ the permissions. I created that issue to report it to them. (look, it is reported by nachoparker 🙂 ) I fixed the permissions so you could upgrade from 11.0.1 to 11.0.2. BUT do not try to upgrade to 11.0.3 in any case, because when I tested it I discovered that it fails. I also reported this other bug to the NextCloud developers, as you can see here If you already did and NC is broken for you, unfortunately, you will have to manually restore your backup (it is performed automatically during the upgrade process).

Today I uploaded a fresh version of NextCloudPi with NC 11.0.3, but you would have to start over (recopy your files, re-import your calendars, etc) Sadly, it seems that the updater is not very stable. At this point I do not recommend it.

The upgrade from 11.0.2 to 11.0.3 fails prior to the actual upgrade because of the permissions check. So NC is fine, it’s just still on 11.0.2. At this stage the only way out as I see it is to manually set the permissions back to sane values, which I do not see as a workaround in any of the pages I read. I’ll wait a little longer until the NC people sort it out. But, removing the hardening of permissions in the documentation isn’t going to solve the problem for those already stuck with the hardened permissions. I initially tried the nextcloudpi-config option to configure my wifi, but it would never accept my passphrase.

The issue was that I needed to download and install the linux driver for my dongle, before it wanted to play right. Since I was at the command line, I just stayed there to configure the wireless dongle and the only problem I had after installing the driver is that the dongle would not be recognized after I rebooted my Pi.

After some research I found that using the lsmod command along with modprobe, I was able to wake up my wireless dongle. The challenge was to figure out how to issue this command at start up.

I just created a.sh script with modprobe 8188CUS made it executable and placed this script in my etc/init.d directory and I was good to go. Ok, I managed to fix the slow apache / ssh kill problem (it was the power supply). But I now have another big problem. I want the nextcloud data to be on my Synology NAS.

I therefore mounted the share via CIFS in /etc/fstab, and it gets mounted without any error and nextcloud can read the data folder, BUT it cannot write or delete anything in there. So for example if I want to create a folder in Nextcloud I just get an error.

It must be a permission problem, but I don’t know how to fix it. This is inside of /etc/fstab: //192.168.X.X/abc/xyz /mnt/xyz/ cifs defaults,owner,noauto,nofail,user=##,passwd=##,uid=33,gid=33,rw,noperm,x-systemd.automount,x-systemd.requires=network-online.target 0 0 I set uid=33 and gid=33 so the files inside of the mounted folder are owned by www-data (so Apache can read it) but this “rw” for read/write doesn’t work. I also tried to set the permissions to 770 with “dirmode” and “filemode” but this didn’t change anything until I set ‘nounix’ aswell (then the files/folders are really 770), but then ls -l only shows some???? At the mountpoint. NFS is not an option as my NAS uses different users than the PI for the http folders.

Because of this, nextcloud doesn’t even write anything in the log (as it somehow doesn’t have the permission to write in it, strangely). Is it maybe an Apache problem? That it doesn’t grant the access? I would be so glad if anyone could help me solve my problem! Thank you so much! And thanks a lot for the image, nachoparker! After some effort I finally was able to get my Edimax wireless dongle to get recognized.

I then needed to do some research on how to get it recognized after each reboot. I needed to do a modprobe command to get my dongle to wake up.

So I created shell script and placed it in my init.d directory and everything is okay with wifi. When I first launch the browser on a Windows PC using my ip addresss/nextcloud I get this error message: “You are accessing the server from an untrusted domain. Please contact your administrator.

If you are an administrator of this instance, configure the “trusteddomains” setting in config/config.php. An example configuration is provided in config/config.sample.php. Depending on your configuration, as an administrator you might also be able to use the button below to trust this domain.” Do I need to run each option in the nextcloud config option before I can expect to have a functional Cloud service on my Raspberry Pi? As things stand now I can’t login to my nextcloud server due to the error above. I know this is supposed to make things easier on inexperienced users which I would include myself, but I’m stuck in the mud right now and don’t know how to get out. Like I said, I fixe the permissions for the upgrade from 11.0.1 to 11.0.2.

When I tested the upgrade to 11.0.3 I did not have an issue with permissions (I had a different issue, which I reported to NC), but I would be interested in seeing what happened to your NCP instance. Would you kindly open an issue on the github for the project? Post details of configuration, the error message, etc Also, if it is a problem with permissions, you can just fix the permissions yourself so the updater does not complain, but like I said, I do not recommend using the updater because NextCloud still has to work in improving it. In any case, it would be great to get feedback of any problem that I did not encounter, and in case it needs to be dealt with, fix it thank you. Love the work you’ve done and really appreciate it. I took the time to use your image when I had to migrate to another DDNS provider after I had to get a new router (no DD-WRT so I couldn’t do a custom one). Anyway, I’ve got an A- on the Mozilla Observatory and a B on Security Headers.

Both mention Content-Security-Policy containing ‘unsafe-eval’ which should be removed. My question is, where did you set this policy? I set it from scratch when I followed another tutorial on my previous install, but rather than search for it, I’d figure I’d ask you first. There is also the Public-Key-Pins and Referrer-Policy. I feel like only the Referrer Policy can be set, but not the other, since I’m using a DDNS, correct? I just found NextcloudPI and am interested in using it to set up a Nextcloud instance for my home. I am confused and want to make sure I get this right.

I am trying to create an image (using Raspbian Lite?) to run Nextcloud on a RPi3. I already have an external hard disk. In reading your instructions, I am confused about the Qemu stuff. Since I am running directly on a RPi, do I need Qemu at all? Do I just create a bootable image of your nextcloudpi image file and boot on a RPi? Once I’ve done that, is Nextcloud installed in running, or do I need to use the install script to install Nextcloud?

I think I just need to run nextcloudpi-config to setup everything, correct? Thanks for all your work on this! Hi Thx So many people asking the same thing haha I should write a post about it.

Basically nginx shines in high concurrency situations If you are hosting a web with hundreds of connections per second. For a personal hosting only accessed by you you won’t feel a difference Apache has many modules, and they can be loaded dynamically, meaning that is easier from apt without compiling to install and manage. Nginx is only starting to do this and is still not easy to accomplish If you read my post about NC security I really value the added security of modsecurity for Apache. Those are my reasons, but of course it will depend on each use case Look this for more details. Hello friend, Thanks for your amazing works.

I currenttly have nextcloud installed on my SD card, and the card’s I/O speed limits to about 1020MB/S, I have two methods to improve I/O performance for optimizing nextcloud: 1. Using a higher speed SD card for example UHS-3 level(But I read that Raspberr Pi 3 doesn’t support this speed level SD card); 2. Storaging NC’s database and files in an external USB driven hard disk. Which method above can effectively improve Raspberry Pi 3’s I/O performance? Or another method? Hi, I downloaded the 612 MB Image and put it on the SD Card.

I was able to access nextcloud via local IP. Afterwards I issued a new certificate with Letsencrypt.

Then I changed the external data on /media/USBdrive/ncdata and saved it in fstab. I am getting the issue with ocdata but the error attempts only when I redirect to my website when connected in LAN. CA is ok Outside I am not getting so far and receiving fault ” unsecure connection with errcertauthorityinvalid but inside LAN OK. I created ocdata via bank and saved in root =” /” and changed owner to www-data. READ PERMISSION is granted. All without success. A reinstall is to critical I had in the past issues with Certificate so better no new install.

What can be the problem and how can I solve it. Best regards flipthemouse.

Dear NachoParker: This has been the easiest and best cloud setup I have ever used. I used to have ownCloud setup on my RaspberryPi then I read about ownCloud vs NextCloud goals objectives regarding Open EchoSystem (development transparency). I wanted to make the jump from ownCloud to NextCloud with clean setup and you have amazed me with the simplicity of setup including usage of fail2ban and ddns as well as additions added to your image and creating free SSL cert and ModSecurity bundledall I can say is WOW! Thank you so much for your dedicated time to create this and so much for continuing to embrace “Peace of Mind”.

Keep up the awesomenesslooking forward to many other bright features. Hi, Thanks for your work and sharing it. I am successfully booted into the image on a Raspberry Pi 3. Few things here that I am not able to work out:.

I am currently running it locally through an IP address and the browser says it is not secure. How can I solve that? I read that I can disable the https connection but I want to use it via Internet as well then that is not an option!

When I ask the browser to remember the exemption for the IP address then the nextcloud gives a message asking to “Add as trusted domain”. I need to do it every time I change/update the domain?. SSH is not enabled by default? Dear Nachopacker, Good to see you are so active. Tried today the new Nextcloud 12 image, still has issues with adding multiple users, however works in a way. Here’s what i am doing. – Created SSD card, changed user pi password and enabled ssh – Logged in on my local nextcloud as admin – On admin - users, added user1, works ok – On admin - users, added user2, now webserver becomes unresponsive – By ssh sudo shutdown -r now – Logged in on my local nextcould as admin, check admin - users On NextCloudPi 12 the user2 was created after all, on previous NextCloudPi there was no user2.

So still undesired that admin - users screen hangs the webserver. However it now succeeds in a way. Hello Rrrr I just setup NC12 from scratch image and I was able to login as admin and create user1 and user2 I gave user1 admin group membership user2 I created a new group called users for it see my above posts but somewhere I lost access to the GUI and am maybe wondering if it was permissions (likely) or 2nd user add that broke it, although in my case rebooting didn not resolve it. At any rate if you look at the github link above I comented and resolved my permissions issue BUT I was also able to delete and re create user1 and user2 and they both work without any adverse web GUI issues, you might consider trying that? Just a suggestion since it worked for me.

Mn 730 driver for mac lion. • At the execution of this wizard, you have to connect USB cable between Epson Artisan 730 printer and your computer. It triggers to start the installation wizard. Then follow the instructions until to finish it.