
EU governments choose independence from US cloud providers with Nextcloud - jkire
https://nextcloud.com/blog/eu-governments-choose-independence-from-us-cloud-providers-with-nextcloud/
======
Eric_WVGG
The recent changes to Dropbox incited me to finally build a home NAS/personal-
cloud server based on Nextcloud last month.

My first impressions were a bit negative, as I was expecting "open source
Dropbox" and nothing more; Nextcloud actually does quite a lot, which made me
think it was bloatware. This is due to my ignorance and jumping in too fast.

What Nextcloud actually is: a personal Dropbox-style server, with open source
equivalents of Google Docs, calendaring, contacts, notepads, and a complete
"app store". It's all really well built, and you can use as much (or in my
case, as little) as you feel like. I thought I'd use none of these apps at
all, until I realized that I would really like a Del.icio.us-style
[bookmarking
app]([https://apps.nextcloud.com/apps/bookmarks](https://apps.nextcloud.com/apps/bookmarks)),
but had no desire to shop around and adopt something that required a fee or
might disappear later.

At this point, my only criticisms are that I think the installation should be
more idiot-friendly, and the UI smells of 2012.

For anyone interested in following suit, I picked up an [Odroid-
HC1]([https://www.hardkernel.com/shop/odroid-hc1-home-cloud-
one/](https://www.hardkernel.com/shop/odroid-hc1-home-cloud-one/)) (a bit like
a Raspberry Pi, but much higher disk and network performance, at a similar
price point) and
[NextcloudPi]([https://ownyourbits.com/nextcloudpi/#download](https://ownyourbits.com/nextcloudpi/#download))
(complete Debian + Nextcloud image). It went swimmingly and cost well under a
hundred bucks, not counting the 3.5" hard drive.

Nextcloud is backed by a corporation that mostly makes its money off support
for the German gov't? I think it's an ideal solution for any municipality,
non-profit, or small-to-large sized company that for whatever reason doesn't
want to go with a commercial cloud.

~~~
addicted
Thanks for sharing this. I've been interested in creating my own setup, and I
was wondering if you've setup an off-prem backup solution, and what you're
using for that?

~~~
glup
I have a cron job that copies the internal drive to an (encrypted) USB drive
every night, and about every 3 months I sneakernet it to an offsite location
(eg my parents' house in another state) and bring back the previously-stashed
drive. It's nice to know my data is in multiple places I trust, and not
plugged in. I also do a lot of digital photography (~1TB/year) so it's cheaper
than cloud solutions (at least last I checked)

------
olliej
Alternatively "Countries that aren't the US choose not to work with US
companies or subsidiaries because the US gov. has stated that foreign
subsidiaries are still beholden to US law over the local law, and the US
constitution does not apply to foreigners".

It's not just "independence" it's literally: you cannot trust a US [owned]
company because the US government has said it that US law governs any foreign
subsidiaries. Because they're now magically subject to US law they have to
comply with the patriot act, which is already unconstitutional. But that
doesn't matter as the US Supreme Court has repeatedly held that the
constitution does not apply to foreigners. Therefore they don't even need the
patriot act: foreigners don't get the 4th amendment.

If you were the leader of some country, and there was another country acting
that way, would you ever want to store any of your information, or rely on
services provided by, a company subject to such rules?

------
wil421
Do EU governments not have something like FedRamp? I work on a popular SaaS
product for enterprises. At my last job I supported a managed service provider
who was going after some federal IT outsourcing business.

AWS has FedRamp instances in DCs no one else uses. Same with the SaaS system I
work on. They had all kinds of restrictions including only allowing US
Citizens to access the systems.

~~~
compuguy
You're referring to AWS's GovCloud regions, right
([https://aws.amazon.com/govcloud-us/](https://aws.amazon.com/govcloud-us/))?
I also believe Microsoft has a eqivalent product
([https://azure.microsoft.com/en-us/global-
infrastructure/gove...](https://azure.microsoft.com/en-us/global-
infrastructure/government/))

~~~
wil421
Yes, FedRamp is the certification. GovCloud is FedRamp certified AWS.

------
LinuxBender
Nextcloud is really cool. A coworker had initially set it up for an in-house
place for our team to store more sensitive things that we didn't want floating
around on confluence or google docs. It didn't last long. The legal team
didn't like the AGPL license and we had to abandon the project. Too bad
really, the interface is very nice and the file level encryption was a big
plus.

~~~
Aeolun
Why would the legal team care about the license in this case?

~~~
LinuxBender
Fear. I think they are over-cautious. They don't want AGPL code running in an
environment that could be perceived as part of our customer environment.

~~~
jospoortvliet
They should contact us - Nextcloud GmbH. A contract with us contains all
indemnification they could ever want, so it should not be an issue at all.
(A)GPL is used in a countless business environments, they're tried-and-true
licenses that have been proven to be pro-customer. Especially if you have a
proper vendor contract it's actually a huge advantage over the various vendor
licenses and their often heavy-handed anti-user clauses.

------
zepearl
Just asking: the new plans of "Owncloud" won't have any repercussion on
"Nextcloud", right? Question based on 1) the fact that Nextcloud is a fork of
Owncloud and 2) this post...

[https://owncloud.com/owncloud-infinite-scale-owncloud-
unveil...](https://owncloud.com/owncloud-infinite-scale-owncloud-unveils-new-
architecture-for-unlimited-scalability/)

...as reported e.g. here (I had problems loading the above page):

[https://translate.google.com/translate?hl=en&sl=de&u=https:/...](https://translate.google.com/translate?hl=en&sl=de&u=https://www.golem.de/news/infinite-
scale-owncloud-aendert-grundlegend-seine-
architektur-1907-142723.html&prev=search)

Meaning: Nextcloud won't follow a similar direction, right? Thx

~~~
jospoortvliet
First of all, we forked 3 years ago and have progressed very fast since then -
there is, from what I know, no code going between the two code bases since 2
years or so.

Second, there is simply no reason to rewrite everything from scratch. We know
our code base well enough to be able to maintain and keep driving it forward.

Nextcloud can already scale to hundreds of millions of users. See
nextcloud.com/globalscale - GS is in production since 2017 and at at least one
customer, some nodes have shown to scale to 250K users, as part of a larger
architecture designed for tens of millions. We have about a half dozen other
customers using GS or working on deployments, and some in proof-of-concept
stage.

In short, we have no plans to change a working, proven architecture which
_actually_ scales from Raspberry Pi to a global deployment for something which
actually doesn't do either of those.

~~~
zepearl
Great, this makes me happy:)

Thanks a lot for mentioning the interesting details!

------
nominated1
Do EU Governments care about security? Has a proper audit of this monstrosity
been done?

Or is this just another ploy to get better pricing?

~~~
codedokode
Where is information stored securely? On a private server not accessible from
outside and protected by law or on foreign publicly accessible servers not
protected by local laws?

~~~
jospoortvliet
So both the German and French governments host Nextcloud firewalled off from
the internet. Others use things like a reverse proxy (City of Geneva). Most
customers just run Nextcloud internet-facing, as that is the easiest if you
want to collaborate and work remotely. We trust Nextcloud to be perfectly safe
for that, at least as safe as any complex piece of software can every be, of
course. We have a very active security team, the latest security measures and
a bug bounty program where you get up to $5K for reporting issues to us.

------
Havoc
Glad to see nextcloud getting more punchy support. Could be a big plus for
everyone doing self hosting stuff

------
groundlogic
France/Netherlands/Sweden/Germany is an interesting mix.

(Edit: removed incorrect information.)

~~~
addicted
NextCloud was an independent company well before it did anything government
related.

The only thing that's happening here is they appear to have struck a huge
contract with a few EU countries to build internal clouds.

I believe NextCloud is open source, and a fork of owncloud from the original
owncloud developer who wasn't happy with the direction it was taking, or
something like that. Also, they are a profitable company, and the product is
open source, so this only looks like a boost to their business model and the
open source product it's based on.

~~~
groundlogic
Ah, I see. Perhaps not as bad as first thought, then!

------
novaRom
I first thought it's about a new competitor for AWS, Azure, Google Cloud. A
bit misleading headline. According to Wikipedia: Nextcloud is a suite of
client-server software for creating and using file hosting services. More
properly would be to say: cloud storage.

It's very bad Europe has no its own public cloud yet. All universities,
schools, research centers, public services can be much more efficient and
secure than now. But they will probably fall again into the same trap like it
happened with Windows and other proprietary garbage before. Will it be AWS or
Azure this time?

~~~
claudius
A fair number of universities and research institutes already use Nextcloud,
e.g. the Max Planck Computing and Data Facility offers a Nextcloud
installation for all users and TU Berlin also offers one for all of its
students. There's no reason for these things to live in a "public cloud",
whatever that means, self-hosting them is much more efficient, privacy
friendly and secure (if only by compartmentalising).

------
shreyshrey
We(FileCloud) compete with NextCloud in Self-Hosted EFSS space and part of
Gartner MQ. We are seeing more and more government customers are asking for
solutions that offer complete control over their data. We have large
government and education customers in switzerland and Denmark.

------
SanchoPanda
The new dashboard app/widget dock looks great. Looks like it's a totally
different app from the old unmaintained one which got buggy and then low
ratings, but the new dev kept that listing and is working to get it back up.

Playing life on expert mode, respect.

------
kissgyorgy
I'm so happy to see this, I'm a huge fan of Nextcloud since I switched from
Dropbox and couldn't been happier. I never seen such a high quality PHP
project, it's really simple to operate and upgrade!

------
DEADBEEFC0FFEE
If nothing else another player in the market is a good idea. To get government
contracts, they would have had meet stringent security standards, it would
interesting to know what level they are compliant to.

------
dafty4
Could this be the next MiniTel in the making?

~~~
frenchman99
Minitel was based on another protocol. Nextcloud reuses current technology and
provides open source interfaces.

So, the difference between the internet and the minitel is nothing like the
difference between Nextcloud and American alternatives (Dropbox & Co).

~~~
gcbw3
> Minitel was based on another protocol.

 _everything_ was 'based on another protocol' before x25 :D

i think that just like Minitel was one of many services that used the banal
packet switching tech at the time, nextcloud is just another banal cloud
offering. What is interesting is what will happen soon: truly distributed
networks will be for [aws/nextcloud/etc] what the internet was for
[minitel/dec/telenet/bbs] users.

------
wtdata
I used Nextcloud for more than one year, but in the end I found it too bloated
for my usage and I kept having problems with some outstanding bugs in it.

I finally moved to Syncthing one year ago and never had to configure anything
else. I have it running in a docker container that gets automatically updated
and needed zero configuration since then. It's also much faster at
syncronizing files than Nextcloud was, and doesn't need a central repository.

If you don't need Nextcloud fancy features and just want a Dropbox self hosted
alternative, Syncthing should be the way to go.

[https://syncthing.net/](https://syncthing.net/)

