Private cloud on Windows Desktop
Many users have a desktop computer (or a laptop) running most of the day. Each person at home has a smartphone with a lot of contacts, SMS, photos and other important files.
Unfortunately, everything is not connected: why should I transfer all my contacts or photos to a cloud server in order to copy it to my computer, 50 cm away? (Answer: because data is money and so you get a easy-to-use for free).
Target of this article is to run some services in a “human understandable way” without leaving home. Services means sharing information (i.e. contacts, calendar) between users and devices of the home.
Home network is protected from the outside through the Internet Box rented by the internet provider. In the local network, there is no need to encrypt the data, making it easier to configure the solution. Data may be encrypted on the mobile devices as those are leaving the home network. This part is not covered by the article, but is explained here.
Technically, the solution shall fullfill the following points:
- Multi user solution.
- A server must run in the background on a Windows 10 desktop machine.
- Several users must be able to continue to work as usually on the desktop machine.
- Data shall not leave from home (excepts on mobile phones).
- Installation shall be moderatly difficult and easy to follow.
(- Instalation shall be updated easily – Not tested at the moment)
- It must be possible to easily uninstall all software.
- Mobile clients must exist.
- Following services must be proposed:
- Synchronize data
Restrictions: the server is not architected for running all the time and for many users. It may be accessible in the local network but not from outside, this to maximize the security of the solution and to reduce its complexity.
Answer: Nextcloud on Docker
The use of docker containers is allowing to limit at the maximum the required footprint of the additional services.
Docker allows to run software in an isolated and minimal environment, named Container. Each container target a single task (Web server, database).
Caution: the following is just a technical documentation. Author does not take responsability on any data loss caused by following those instructions. Mentioned trademarks are ownership of their author. No free support will be offered.
A focus is done on Free and Open-Source software. Consider participating to the common efforts, with your skills, time or money.
Technical overview of the implementation
Prerequisites The machine shall have at least 8GB RAM, CPU or graphics performances are not limiting in this case. An account with administrative rights is required on the host computer.
A Windows professional license is preferred but Home edition shall be sufficient. In Windows Explorer, open the properties of the node This PC to see the version of Windows in use.
A cooking receipt script, docker-compose.yml will be used for this solution. Such a file contains a description of the docker commands to download and run the different docker containers. Required files will be downloaded if not present.
Windows Firewall must be stopped for the services to be available in the local network. This shall be OK as long as the local network is behind a box providing NAT (Network Adress Translation) functionalities.
Here a list of the tools used to run the proposed solution. Those are well-known, mature and maintained.
Docker for Windows or Docker Toolbox
Docker Desktop is the state-of-the-art solution for running containers. It requires Windows 10 professional due to the use of the hypervisor Hyper-V feature.
Alternative is Docker Toolbox, a legacy technology, but supporting Windows 10 Home.
This software contains all the tools required to create, manage and execute docker containers. The setup will configure the required Windows features, like Hyper-V.
The documentation contains the required instruction to check the installation and the basic commands.
The Nextcloud docker appliance will be preferred to any community-driven package. This provides most of the functionalities required for the proposed solution.
Most of the implementation will make use of MariaDB, but I, personally recommend the use of PostgreSQL.
As a fork of Oracle MySQL, MariaDB may be encumbered by some limitations in the future (Hint: MySQL lecture of the GPL license is ‘different’), due to some license infrigement, forcing many users to upgrade or to switch to an alternative.
Alpine Linux, Nginx, PHP-FPM
The following tools are running behind the scene:
- Alpine Linux: Operating system reduced at its minimum.
- Nginx: Light-weight web server
- PHP-FM is an alternative implementation of an internal process. Using this or another is just a matter of choice.
Save the following code to a file docker-compose.yml to any directory on your computer
version: '3' services: db: image: postgres:alpine restart: always volumes: - db:/var/lib/postgresql/data env_file: - db.env app: image: nextcloud:fpm-alpine restart: always volumes: - nextcloud-html:/var/www/html environment: - POSTGRES_HOST=db env_file: - db.env depends_on: - db web: build: ./web restart: always ports: - 80:80 volumes: - nextcloud-html:/var/www/html:ro - nextcloud-data:/var/www/html/data:rw depends_on: - app volumes: db: nextcloud-html: nextcloud-data:
Copy the following content in a file db.env located in the same directory than docker-compose.yml.
POSTGRES_PASSWORD=MyPassword POSTGRES_DB=nextcloud POSTGRES_USER=nextcloud NEXTCLOUD_TRUSTED_DOMAINS=IP-OF-WINDOWS-HOST
Note: Best practice is to use long and complex passwords.
Create a directory web in the directory where are located docker-compose.yml and db.env.
The configuration of the web server nginx is kept outside and will be injected at run-time.
Copy the following content in a file nginx.conf.
Copy the following content in a file Dockerfile bin the subdirectory web.
FROM nginx:alpine COPY nginx.conf /etc/nginx/nginx.conf
This file will perform some initial configuration in the docker container running the web server nginx: copy the nginx configuration file.
Executer script: runme.bat
Copy the following code to a file runme.bat to your local drive. Replace C:\Documents\NextCloud-Docker with the directory where docker-compose.yml is located.
@echo off cd /d C:\Documents\NextCloud-Docker docker-compose up -d pause
This script will start the docker container in the background.
NextCloud supports the standard protocols CalDAV, CardDAV, allowing connecting it to many other software.
- Nextcloud client allows each user to synchronize many types of data with the Nextcloud server.
- Thunderbird Lightning calendar integration allows a form of Groupware
- QOwnNotes is a note taking tool that can synchronize with a Nextcloud server. It can extend your browser, execute some scripts.
- F-Droid is a third-party catalog of Free and Open-source applications. From there several tools can be used to synchronize different services.
- This article explains how to synchronize tasks, calendars and contacts.
This point is the reason behind this article. I did not found any easy how-to to follow, and due to Docker containers are running Linux, itsself running on Hyper-V, managed by Windows… I wonder how it’s work and has to test carefully this solution.
As dockers commands can be executed directly on the containers, and due to the use of persistent docker volumes, it shall work, but need to be more test.
Nextcloud is based on files stored on the web server and data stored in the dabase. So we need to copy the files from the web server and execute a backup of the database (why a tool is required to save the content of the database is beyond the scope of the article).
docker cp docker-compose_web_1:/var/www/html/data/user/files C:\Documents\NextCloudApps docker exec docker-compose_db_1 pg_dump -c -U nextcloud nextcloud > C:\LS\Docker\PGBackup.sql
According to the Nextcloud documentation, an upgrade is performed by pulling the latest image. Due to the usage of containers, no data is lost.
Download (pull) the data and restart the system in the background (-d: daemon)
docker-compose pull docker-compose up -d
If docker is installed, cozy can be installed with a couple of lines (to be adjusted for running on windows):
docker build -t cozy/full github.com/cozy-labs/cozy-docker docker run --restart=always -d -p 80:80 -p 443:443 --name=moncozy --volume=/home/cozy/backup:/media -e DOMAIN=my.domain.com -e TERM=xterm/backup cozy/full
More information on https://github.com/cozy/cozy-setup/wiki/2.4.-The-Docker-Way