The topic of self-hosted cloud software comes up often but I haven’t seen anyone mention owncloud infinite scale (the rewrite in Go).
I started my cloud experience with owncloud years ago. Then there was a schism and almost all the active devs left for the nextcloud fork.
I used nextcloud from it’s inception until last year but like many others it always felt brittle (easy to break something) and half baked (features always seemed to be at 75% of what you want).
As a result I decided to go with Seafile and stick to the Unix philosophy. Get an app that does one thing very well rather than a mega app that tries to do everything.
Seafile does this very well. Super fast, works with single sign on etc. No bloat etc.
Then just the other day I discovered that owncloud has a full rewrite. No php, no Apache etc. Check the github, multiple active devs with lots of activity over the last year etc. The project seems stronger than ever and aims to fix the primary issues of nextcloud/owncloud PHP. Also designed for cloud deployment so works well with docker, should be easy to configure via docker variables instead of config files mapped into the container etc.
Anyways, the point of this thread is:
- If you never heard of it like me then check it out
- If you have used it please post your experiences compared to NextCloud, Seafile etc.
If you own the hardware it isn’t a issue
Yes, it is. If people are relying on files to be encrypted they may dispose of their disks differently. Or the NAS might be stolen.
Or an threat actor might just turn it off
Saying files are encrypted when it is not true is an issue, regardless of who owns the host box. Even for a small instance that is private family or friends.
Someone could simply modify Nextcloud to lie about encryption. If you don’t control the server there is no way to know.
It all depends on your threat model, I own my Hardware as well but I’m still not going to use a software that is shown to me that they don’t take security seriously but I’m also more paranoid than most