Introduction

Data Node is the centre of your Private Cyberspace, where ALL your data resides.

1. Features

Currently Data Node is based on Nextcloud All-in-One, by default some features are turned off on machines with less than 4GByte of RAM and when required can be turn on manually for those machines.

2. Security

Vulnerabilities

• Nextcloud : Security vulnerabilities, CVEs

System and Data Separation

Remote Boot Up Decryption

Just pull the power plug and your data is safe.

Stolen hardware cannot be used

Human check boot up - say the secret word when requesting boot up.

2. Value-Add

2.1. Infinite Disk

Although Nextcloud supports a lot of external storages, they all have feature limitations when compared to native local storage.

Infinite Disk provide a native local storage to nextcloud, supporting the maximum number of features.

Your Nextcloud data (files or databases) will revolutionary storage that:

• never run out of capacity

Infinite Disk
smb server (apple time machine compatible)
continuous backup
unlimited disk size

2.2. Area Mesh

Virtual Private Mesh
secure remote boot
separate user, system, data links

2.3. Dynamic Alias

Dynamic Alias
built-in TOTP
public accounts
trust labels

Nextcloud

Currently the Data Node is based on open sourced the Nextcloud software, with substantial value-added by Private Cyberspace.

• https://nextcloud.com/

1.1. Version

Minimum Supported Version: 26.0.2
2023-06-06

• Nextcloud server changelog
• Milestones - nextcloud/server · GitHub

Create Nextcloud User

Requirements

1. Guest or Member Alias

Access Nextcloud

Steps

Guest alias

Community Entity -> Public Application -> Data Server
The username and password are located at Dynamic Alias -> Alias Details -> Hub Info

Member Alias

Personal Entity -> Community Cluster -> Cluster A -> Activated, click on https://data-bohcif8iew8e.jeiheaxi2iu4phea.1.88.io

Access Nextcloud as User from an external network

Requirements

Please make sure you are able to access app.contacttrace.com.au menu first.

1. Go to Personal Entity -> Community Cluster -> Cluster A -> Access.
2. Enter the Duration(Days) field, the minimum is 1 and the maximum is 300.
3. Enter the Password and select the Submit button which will create the Access Token.

Steps

1. Using an external network. go to https://data.quuvoo4ohcequuox.0.88.io or https://data-bohcif8iew8e.jeiheaxi2iu4phea.1.88.io
2. Select Access Anonymously (access is limited to a maximum of 60 minutes) or Access with your Alias. When choosing "Access with your Alias", the password is the access token password and the access duration is based on the duration set by the owner of the account, which has a minimum of 1 day. Select the Submit button.
3. Enter the Nextcloud Username and Password.

2-Factor Authentication (optional)

Setup

1. After logging on to Nextcloud, go to Settings and select the button on the upper top left.
2. Navigate to Security and select ENABLE TOTP
   
3. Copy the TOTP secret. In the example below, the TOTP secret is Z7WQNRBIP7XTSYF5
   
4. Open a new tab on the browser and go to https://token.contacttrace.com.au and press the + button.
   
5. Paste the TOTP secret into the Shared secret field. The Name field is used to identify the site that uses it. In the example below, the site is nextcloud . Press the to continue.
   
6. If successful, the One Time Password will be shown and it changes every 30 seconds.
   
7. Go back to first tab, i.e: https://data.quuvoo4ohcequuox.0.88.io or https://data-bohcif8iew8e.jeiheaxi2iu4phea.1.88.io and enter the TOTP One Time Password in the Authentication code field. In the example below, the code is 537297. Press on the Verify button to continue.
   
8. If successful, the Enable TOTP will be ticked.
   

Usage

1. After entering the username and password on https://data.quuvoo4ohcequuox.0.88.io or https://data-bohcif8iew8e.jeiheaxi2iu4phea.1.88.io, there will be a prompt to enter the Authentication code.
   
2. Open https://token.contacttrace.com.au to view the One Time Password, enter it into the Authentication code field and Submit

Device-specific password (optional)

Setup

At the bottom of the list you find a button to create a new device-specific password. The generated password is used for configuring the new client. Ideally, generate individual tokens for every device you connect to your account, so you can disconnect those individually if necessary.

1. Enter the device name. In the example below the name used is iPhone13.
   

2. Click on the Create new app password button. If prompted enter the web authentication password. The app username and password will be displayed as in the example below. Click on the Done button.
   

3. If successful the entry will be displayed.
   

Usage

If 2FA is enabled, the sync apps such as DAVx must use this new app password instead of the web authentication password.

Client Installation

Android

iOS

Internal Plugins

Nextcloud comes with a lot of plugins (it calls them "apps"), most Private Cyberspace installations will have the following plugins installed and enabled by default.

1. Activity
2. Analytics ++
3. Auditing / Logging
4. Bookmarks ++
5. Brute-force settings -
6. Calendar
7. Circles --
8. Client Push
9. Collaborative tags
10. Comments
11. Contacts
12. Contacts Interaction
13. Custom menu ++
14. Default encryption module -
15. Dashboard
16. Deck
17. External storage support +
18. Federation
19. File sharing
20. First run wizard
21. Forms ++
22. Full text search
23. Full text search - Elasticsearch Platform
24. Full text search - Files
25. LDAP user and group backend -
26. Log Reader
27. Monitoring
28. Music ++
29. Nextcloud All In One
30. Nextcloud announcements --
31. Nextcloud Office
32. NCDownloader ++
33. Notifications
34. Password policy
35. PDF viewer
36. PhoneTrack ++
37. Photos
38. Privacy
39. Recommendations
40. Related Resources
41. Right click
42. Share by mail
43. Snappymail ++
44. Support --
45. Suspicious Login -
46. Tables ++
47. Talk
48. Tasks
49. Text
50. Two-Factor TOTP Provider
51. Usage survey --
52. User status
53. Versions
54. Weather status --

Below documents what has been done to Nextcloud plugins listed above by default (when your Private Cyberspace is first created).

• Those 36 without any suffix are enabled when installed.
• Those 4 with - suffix are disabled already when installed and remain disabled.
• Those 1 with + suffix are disabled when installed but are enabled after install.
• Those 4 with -- are enabled when installed but are disabled after install.
• Those 9 with ++ are added and enabled after install.

Feel free to suggest some more "must have" plugins to be added to the above list!

External Software

Some external software are added in the Data Node to complement Nextcloud.

1. Photoprism

Currently Photoprism is installed in the Data Node to provide an AI driven multimedia album for your Private Cyberspace.

The files on Photoprism are accessed from within Nextcloud under the photoprism directory using via the WebDAV external storage with the following setting by default:

• Encryption - Disabled
• Preview - Disabled
• Sharing - Disabled
• Check Changes - Once every direct access
• Mac NFD - Disabled
• Read Only - Disabled

Note the default processing delays in Photoprism:
PHOTOPRISM_AUTO_INDEX - default 5 minutes.
PHOTOPRISM_AUTO_IMPORT - default 3 minutes.

Further work:

• turn off requirement for review in order to show image in main view (by default).

1.1. Alternative

The following Nextcloud Memories Plugin Set can be used instead of Photoprism to provide media album function.

• GitHub - pulsejet/memories: Fast, modern and advanced photo management suite. Runs as a Nextcloud app.
• GitHub - nextcloud/previewgenerator: Nextcloud app to do preview generation in the background.
• GitHub - nextcloud/recognize: 👁 👂 Smart media tagging for Nextcloud: recognizes faces, objects, landscapes, music genres
• GitHub - matiasdelellis/facerecognition: Nextcloud app that implement a basic facial recognition system.

2. Mosquitto

MQTT server for messaging

OCC Commands

• Using the occ command — Nextcloud latest Administration Manual latest documentation
• Files_external - How to create a local storage with occ command? - 📦 Appliances (Docker, Snappy, VM, NCP, AIO) - Nextcloud community

Data Node Search

Currently supported data sources:

1. Bookmarks
2. Calendar
3. Contacts
4. Deck
5. Files
6. Talk

Syntax

You can type the following into the search input box:

• word will try to find posts with that word

• “exact phrases” will try to find the term inside the quote marks. This allows looking only for direct matches, such as "look at my cluckers" to find posts explicitly telling you to look at someone’s cluckers.

• -exclude will exclude the term prepended by a minus sign. This allows filtering out certain terms, such as animals -cats to find posts about animals without posts about cats.

• +include will include the term after the plus sign. This allows searching for multiple terms that must be included, such as cat +dog to find posts about both cats and dogs.

the search syntax is the same as the one used on the hub server.

Examples

• test nextcloud help
  will return all your files containing test OR nextcloud OR help in their path or content.

• +test nextcloud help
  will return all your files containing the exact word test and that might contains nextcloud OR help in their path or content.
  For example, the file in the folder help/ that contains the string test the opensource project nextcloud or test anything or testing nextcloud but not testing anything.

• +testing nextcloud -"testing nextcloud"
  will return all your files containing the exact word “testing” and that might contains nextcloud but does not contains the exact string testing nextcloud

• nextcloud -test
  will return all your files containing nextcloud but does not contains words starting with test

Additional Servers

Some open source servers that can be added to the Data Node to complement Nextcloud.

1. File Browser

• Filestash

2. File Server

• SFTPGo

3. File Transfer

• FileSender

4. Data Vault

• Vaultwarden