Data Node - Nextcloud

Introduction

Data Node is the centre of your Private Cyberspace, where ALL your data resides.

Data Node consists of at least 2 software packages:

  1. Nextcloud
  2. Mastodon

It can optional contain:

1.2. Security

  1. Separated System and User Storage Encryption

Stolen hardware cannot be

  1. Remote Boot Up Decryption

You can have

2. Value-Add

2.1. Infinite Disk

Although Nextcloud supports a lot of external storages, they all have feature limitations when compared to native local storage.

Infinite Disk provide a native local storage to nextcloud, supporting the maximum number of features.

Your Nextcloud data (files or databases) will revolutionary storage that:

  • never run out of capacity

Infinite Disk
smb server (apple time machine compatible)
continuous backup
unlimited disk size

2.2. Area Mesh

Virtual Private Mesh
secure remote boot
separate user, system, data links

2.3. Dynamic Alias

Dynamic Alias
built-in TOTP
public accounts
trust labels

Nextcloud

Currently the Data Node is based on open sourced the Nextcloud software, with substantial value-added by Private Cyberspace.

1.1. Version

Minimum Supported Version: 26.0.2
2023-06-06

Create Nextcloud User

Requirements

  1. Guest or Member Alias

Access Nextcloud

Steps

Guest alias

Community Entity -> Public Application -> Data Server
The username and password are located at Dynamic Alias -> Alias Details -> Hub Info

Member Alias

Personal Entity -> Community Cluster -> Cluster A -> Activated, click on https://data-bohcif8iew8e.jeiheaxi2iu4phea.1.88.io

Access Nextcloud as User from an external network

Requirements

Please make sure you are able to access app.contacttrace.com.au menu first.

  1. Go to Personal Entity -> Community Cluster -> Cluster A -> Access.
  2. Enter the Duration(Days) field, the minimum is 1 and the maximum is 300.
  3. Enter the Password and select the Submit button which will create the Access Token.

Steps

  1. Using an external network. go to https://data.quuvoo4ohcequuox.0.88.io or https://data-bohcif8iew8e.jeiheaxi2iu4phea.1.88.io
  2. Select Access Anonymously (access is limited to a maximum of 60 minutes) or Access with your Alias. When choosing "Access with your Alias", the password is the access token password and the access duration is based on the duration set by the owner of the account, which has a minimum of 1 day. Select the Submit button.
  3. Enter the Nextcloud Username and Password.

2-Factor Authentication (optional)

Setup

  1. After logging on to Nextcloud, go to Settings and select the 3-bar button on the upper top left.
  2. Navigate to Security and select ENABLE TOTP
    nextcloud_enable_totp
  3. Copy the TOTP secret. In the example below, the TOTP secret is Z7WQNRBIP7XTSYF5
    nextcloud_totp_secret
  4. Open a new tab on the browser and go to https://token.contacttrace.com.au and press the + button.
    time_token
  5. Paste the TOTP secret into the Shared secret field. The Name field is used to identify the site that uses it. In the example below, the site is nextcloud . Press the add_button to continue.
    shared_secret_nextcloud
  6. If successful, the One Time Password will be shown and it changes every 30 seconds.
    token_otp_nextcloud
  7. Go back to first tab, i.e: https://data.quuvoo4ohcequuox.0.88.io or https://data-bohcif8iew8e.jeiheaxi2iu4phea.1.88.io and enter the TOTP One Time Password in the Authentication code field. In the example below, the code is 537297. Press on the Verify button to continue.
    nextcloud_authentication_code
  8. If successful, the Enable TOTP will be ticked.
    nextcloud_totp_enabled

Usage

  1. After entering the username and password on https://data.quuvoo4ohcequuox.0.88.io or https://data-bohcif8iew8e.jeiheaxi2iu4phea.1.88.io, there will be a prompt to enter the Authentication code.
    nextcloud_2fa_prompt
  2. Open https://token.contacttrace.com.au to view the One Time Password, enter it into the Authentication code field and Submit

Device-specific password (optional)

Setup

At the bottom of the list you find a button to create a new device-specific password. The generated password is used for configuring the new client. Ideally, generate individual tokens for every device you connect to your account, so you can disconnect those individually if necessary.

  1. Enter the device name. In the example below the name used is iPhone13.
    device_pw

  2. Click on the Create new app password button. If prompted enter the web authentication password. The app username and password will be displayed as in the example below. Click on the Done button.
    device_pw_enabled

  3. If successful the entry will be displayed.
    device_session

Usage

If 2FA is enabled, the sync apps such as DAVx must use this new app password instead of the web authentication password.

Client Installation

Android

iOS

Internal Plugins

Nextcloud comes with a lot of plugins (it calls them "apps"), most Private Cyberspace installations will have the following plugins installed and enabled by default.

  1. Activity
  2. Analytics ++
  3. Auditing / Logging
  4. Bookmarks ++
  5. Brute-force settings -
  6. Calendar
  7. Circles --
  8. Client Push
  9. Collaborative tags
  10. Comments
  11. Contacts
  12. Contacts Interaction
  13. Custom menu ++
  14. Default encryption module -
  15. Dashboard
  16. Deck
  17. External storage support +
  18. Federation
  19. File sharing
  20. First run wizard
  21. Forms ++
  22. Full text search
  23. Full text search - Elasticsearch Platform
  24. Full text search - Files
  25. LDAP user and group backend -
  26. Log Reader
  27. Monitoring
  28. Music ++
  29. Nextcloud All In One
  30. Nextcloud announcements --
  31. Nextcloud Office
  32. NCDownloader ++
  33. Notifications
  34. Password policy
  35. PDF viewer
  36. PhoneTrack ++
  37. Photos
  38. Privacy
  39. Recommendations
  40. Related Resources
  41. Right click
  42. Share by mail
  43. Snappymail ++
  44. Support --
  45. Suspicious Login -
  46. Tables ++
  47. Talk
  48. Tasks
  49. Text
  50. Two-Factor TOTP Provider
  51. Usage survey --
  52. User status
  53. Versions
  54. Weather status --

Below documents what has been done to Nextcloud plugins listed above by default (when your Private Cyberspace is first created).

  • Those 36 without any suffix are enabled when installed.
  • Those 4 with - suffix are disabled already when installed and remain disabled.
  • Those 1 with + suffix are disabled when installed but are enabled after install.
  • Those 4 with -- are enabled when installed but are disabled after install.
  • Those 9 with ++ are added and enabled after install.

Feel free to suggest some more "must have" plugins to be added to the above list!

External Software

Some external software are added in the Data Node to complement Nextcloud.

1. Photoprism

Currently Photoprism is installed in the Data Node to provide an AI driven multimedia album for your Private Cyberspace.

The files on Photoprism are accessed from within Nextcloud under the photoprism directory using via the WebDAV external storage with the following setting by default:

  • Encryption - Disabled
  • Preview - Disabled
  • Sharing - Disabled
  • Check Changes - Once every direct access
  • Mac NFD - Disabled
  • Read Only - Disabled

Note the default processing delays in Photoprism:
PHOTOPRISM_AUTO_INDEX - default 5 minutes.
PHOTOPRISM_AUTO_IMPORT - default 3 minutes.

Further work:

  • turn off requirement for review in order to show image in main view (by default).

1.1. Alternative

The following Nextcloud Memories Plugin Set can be used instead of Photoprism to provide media album function.

  1. Mosquitto

MQTT server for messaging

OCC Commands

Data Node Search

Currently supported data sources:

  1. Bookmarks
  2. Calendar
  3. Contacts
  4. Deck
  5. Files
  6. Talk

Syntax

You can type the following into the search input box:

  • word will try to find posts with that word

  • “exact phrases” will try to find the term inside the quote marks. This allows looking only for direct matches, such as "look at my cluckers" to find posts explicitly telling you to look at someone’s cluckers.

  • -exclude will exclude the term prepended by a minus sign. This allows filtering out certain terms, such as animals -cats to find posts about animals without posts about cats.

  • +include will include the term after the plus sign. This allows searching for multiple terms that must be included, such as cat +dog to find posts about both cats and dogs.

the search syntax is the same as the one used on the hub server.

Examples

  • test nextcloud help
    will return all your files containing test OR nextcloud OR help in their path or content.

  • +test nextcloud help
    will return all your files containing the exact word test and that might contains nextcloud OR help in their path or content.
    For example, the file in the folder help/ that contains the string test the opensource project nextcloud or test anything or testing nextcloud but not testing anything.

  • +testing nextcloud -"testing nextcloud"
    will return all your files containing the exact word “testing” and that might contains nextcloud but does not contains the exact string testing nextcloud

  • nextcloud -test
    will return all your files containing nextcloud but does not contains words starting with test

Additional Servers

Some open source servers that can be added to the Data Node to complement Nextcloud.

1. File Browser

2. File Server

3. File Transfer

4. Data Vault