Hey, folks!
So, the card linked to my hetzner account expired, and while I updated it everywhere else, the hetzner info fell through the cracks. They deleted my storageshare server, and erased everything, because I’m a fool, and didn’t have their emails going to an account I ever check. I’ve spent the last several days feeling like I’d had a digital housefire. Things kept popping into my head, photos I had taken 10 years ago, or early drafts of the novel I’m writing… It’s been pretty fucking depressing.
But, tonight, I fired up a laptop I haven’t used in a while to find that most of what was in nextcloud was backed up on it. It’s not everything, but it’s the bulk of it.
I’d like for this to never happen again. I’m wondering if there’s a complete idiot’s guide to self hosting nextcloud? When I say I know nothing about this, please believe me. We’re talking starting from scratch. I’ve never self hosted anything, and I have no idea where to begin. I’m on fedora silverblue, but just because I’m using linux doesn’t mean I know anything. It just means I’m cheap. Haha. All I know is that I never want to go through that feeling of complete loss again. I’ll make sure that whatever I do, it’ll be backed up in two locations at least. I was paying for the family plan, and my brother, his wife, my mom, and a friend lost access to their stuff, too. So far as I know, there isn’t a back up of their stuff. I really messed up here.
Any help is really appreciated, thanks in advance!
If your main motivation is never going through that kind of digital loss, please please please do yourself a favor and do not rely solely on a local solution. If there’s a fire in your apartment, the best nextcloud setup isn’t going to do shit for you. Look up the 3-2-1 rule if you want to be safe.
-
Check if you’re behind CGNAT
The allocated address block for CGNAT is 100.64.0.0/10, i.e. IP addresses from 100.64.0.0 to 100.127.255.255. If your routers WAN IP is one of those then selfhosting stuff accessible from outside requires a lot more work. Ask your ISP if you can have a public IP address and what the cost is or go into the rabbit hole of bypassing cgnat with a vps. -
If you’re gonna host data, especially other peoples data*, learn and use the 3-2-1 backup strategy
For proxmox which I talk about more further down you can look into their own Proxmox backup server solution. -
Data redundancy, either through BIOS/UEFI RAID1 (for two disks) or RAID10 (for four disks) or by running ZFS
This isn’t a backup, this is about being able to replace a faulty drive without downtime and having an easier rebuild process compared to restoring from backup. -
Virtualization, for a beginner that already runs linux I would recommend Proxmox
This makes it more complicated to get started but easier to maintain the installation and easier to migrate it to new hardware.
It also allows you more room to learn by doing, that’s the bonus of the easier restore, cloning and snapshotting of virtual machines compared to bare metal.
*If you’re new to selfhosting then begin with yourself and having only local in-house access. As a step 2 learn how to setup a vpn for access from the outside. Step 3 would be learning how to use a reverse proxy, lets-encrypt and so on for SSL access without vpn.
-
Nextcloud AIO via docker is super simple and has clear instructions.
Install docker through whatever tools Fedora has to install packages/rpms/whatever. Then follow steps 2, 3 and 4 at least. 5 if you need it.
I’ve always wondered if Backblaze B2 would accept advance payments. I would love that
Beyond your eventual technical solution, keep this in mind: untested backups don’t exist.
I recommend reading some documentation about industry-leading solutions like Veeam… you won’t be able to reproduce all of the enterprise-level functionality, at least not without spending a lot of money, but you can try to reproduce the basic practices of good backup systems.
Whatever system you implement, draft a testing plan. A simpler backup solution that you can test and validate will be worth more than something complex and highly detailed.
Data loss is not a problem specific to self-hosting.
Whenever you administrate a system that contains valuable data (a self-hosted network service/application, you personal computer, phone…), think about a backup and recovery strategy for common (and less common) data loss cases:
- you delete a valuable file by accident
- a bad actor deletes or encrypts the data (ransomware)
- the device gets stolen, or destroyed (hardware failure, power surge, fire, flood, hosting provider closing your account)
- anything you can think of
For these different scenarios try to find a working backup/restore strategy. For me they go like
- Automatic, daily local backups (anything on my server gets backed up once a day to a
backupsdirectory usingrsnapshot). Note that file sync like nextcloud won’t protect you against this risk, if you delete a file on the nextcloud client it’s also gone on the Nextcloud server (though there is a recycle bin). Local backups are quick and easy to restore after a simple mistake like this. They wont protect you against 2 and 3. - Assuming an attacker gains access to your machine they will also destroy or encrypt your local backups. My strategy against this is to pull a copy of the latest local backup, weekly, to a USB drive, through another computer, using
rsync/rsnapshot. Then I unplug the USB drive, store it somewhere safe outside my home, and plug in a second USB drive. I rotate the drives every week (or every 2 weeks when I’m lazy - I have set up a notification to nag me to rotate the drive every saturday, but I sometimes ignore it) - The USB strategy also protects me against 3. If both my server and main computer burn down, the second drive is still out there, safely encrypted. It’s the worst case scenario, I’d probably spend quite some time setting up everything again (though most of the setup is automated), and at this point I’d have bigger problems like, you know, burned down house. But I’d still have my data.
There are other strategies, tools, etc, this one works for me. It’s cheap (the USB drives are a one-time investment), the only manual step is to rotate the drives every week or so.
