Hacker News new | past | comments | ask | show | jobs | submit login
EU governments choose independence from US cloud providers with Nextcloud (nextcloud.com)
155 points by jkire 55 days ago | hide | past | web | favorite | 50 comments

The recent changes to Dropbox incited me to finally build a home NAS/personal-cloud server based on Nextcloud last month.

My first impressions were a bit negative, as I was expecting "open source Dropbox" and nothing more; Nextcloud actually does quite a lot, which made me think it was bloatware. This is due to my ignorance and jumping in too fast.

What Nextcloud actually is: a personal Dropbox-style server, with open source equivalents of Google Docs, calendaring, contacts, notepads, and a complete "app store". It's all really well built, and you can use as much (or in my case, as little) as you feel like. I thought I'd use none of these apps at all, until I realized that I would really like a Del.icio.us-style [bookmarking app](https://apps.nextcloud.com/apps/bookmarks), but had no desire to shop around and adopt something that required a fee or might disappear later.

At this point, my only criticisms are that I think the installation should be more idiot-friendly, and the UI smells of 2012.

For anyone interested in following suit, I picked up an [Odroid-HC1](https://www.hardkernel.com/shop/odroid-hc1-home-cloud-one/) (a bit like a Raspberry Pi, but much higher disk and network performance, at a similar price point) and [NextcloudPi](https://ownyourbits.com/nextcloudpi/#download) (complete Debian + Nextcloud image). It went swimmingly and cost well under a hundred bucks, not counting the 3.5" hard drive.

Nextcloud is backed by a corporation that mostly makes its money off support for the German gov't? I think it's an ideal solution for any municipality, non-profit, or small-to-large sized company that for whatever reason doesn't want to go with a commercial cloud.

> At this point, my only criticisms are that I think the installation should be more idiot-friendly, and the UI smells of 2012.

I agree about the installation but what's a good solution? If you're self-hosting something (at home) there are two main problems you need to solve. You need to be able to access it from the internet and you need a backup strategy. I would argue that an install isn't complete unless you have those and they aren't easy to automate.

As for the UI, I agree. It's pretty blah. But I would take that over pretty much all of the recent garbage UIs that are more catered to making money instead of improving the UX.

I guess the fact that 80% of the installation is as good as it is makes me frustrated about the last 20%.

One example: the install expects that the data drive will be on a 1-2gb USB attached storage drive; the Odroid uses SATA, 6tb drives are very commonplace, and the process for formatting <4 | >4gb is apparently completely different in Linux?

To reiterate, the installer is really good, but someone stopped just short of making it great.

Regarding the UI, it's not terrible, but I hope that Nextcloud Corp invests some of their newly found riches on a top-class UX designer.

> the process for formatting <4 | >4gb is apparently completely different in Linux?

It's different for any OS. A good tool hides that from the user, but it's as true for Windows as it is for Linux.

> At this point, my only criticisms are that I think the installation should be more idiot-friendly, and the UI smells of 2012.

One of the Nextcloud designers here – thank you for the honest feedback! :)

Could you share some more details on these two things specifically? - Where did you have issues with the installation? On the website, download, permissions, install page, etc.? - Which parts of the UI you see as outdated? Is it the web interface, specific apps, the desktop client, the mobile apps, all of it? Any specific things which seem off to you and we should focus on?

We continuously work on improving the design of course. As it is we are not so many designers, as unfortunately the problem is in open source. Also we’ve been working on many things in parallel like accessibility, standardization, the new Vue components, and of course our breadth of apps, etc.

So thanks for bringing this up! We’ll do better.

More obvious comparisons to Nextcloud are Synology's DiskStation Manager (the OS that runs on any Synology NAS device), and Apple's Server.app. Both aim to provide the same sort of "SME Intranet Services in-a-box" experience. (Just, neither are FOSS; both are platform-locked.)

To give the opposite view, my experience with Nextcloud was a disaster.

The setup was painful, the UI would randomly not respond to my requests, and in general it just felt like a bad PHP hobby project.

Then to top it off their sync client basically deleted half of my photo collection for some reason, and nobody seemed to have any idea why, in general adopting a ‘that sometimes happens, just reset the sync client’ stance.

I mean, that’s cool, but meanwhile it’d synched the deletion across all my machines.

Thankfully I had everything still synched to Google Drive as well, but I need to be able to trust my sync client.

Sadly this happened to me to, I synced the deletion of my complete music library to all the devices. Lucky my that I had the CDs and download codes from the vinyls, but it was quite some work to get it back.

Since then I use NextCloud for calendar and addressbook sync, notes sync and a browser mail frontend if I'm not on any of my own computers.

I tried setting up owncloud/nextcloud a few times and always had trouble. I did try nextcloudpi (but I can't recall the problems I had)

Eventually I did get it going with Ubos on a raspberry pi 3 booting from a fast sandisk cz80 usb flash drive. Ubos under the covers is based on arch linux.

It was pretty straightforward to set up.

I then installed nextcloud apps for iOS and Mac OS.

It is nice -- it does files, contacts, calendars, photos, etc.

Then I didn't touch anything. It works, although I'm at least a year out of date, but everything is stable and all my stuff syncs back and forth.

I have used Nextcloud for about two years and really like it as well; the only problem I have encountered is that the client sometimes slows down my OS X machine and it's not clear how to proceed in debugging the client.

Does Nextcloud have end to end encryption on it yet? I'm a fan of it but until it does I might wait

Sadly it's still in testing, but we (finally) managed to hire a 2nd developer so we're moving forward... 3rd job position is still open so if you're in C++ or know somebody who is - let them mail us!

Thanks for sharing this. I've been interested in creating my own setup, and I was wondering if you've setup an off-prem backup solution, and what you're using for that?

I have a cron job that copies the internal drive to an (encrypted) USB drive every night, and about every 3 months I sneakernet it to an offsite location (eg my parents' house in another state) and bring back the previously-stashed drive. It's nice to know my data is in multiple places I trust, and not plugged in. I also do a lot of digital photography (~1TB/year) so it's cheaper than cloud solutions (at least last I checked)

Not yet. Currently living on the edge with a USB backup drive. I’d like to offload to Amazon Glacier but waiting for a rainy day to sort out IAM nonsense.

Alternatively "Countries that aren't the US choose not to work with US companies or subsidiaries because the US gov. has stated that foreign subsidiaries are still beholden to US law over the local law, and the US constitution does not apply to foreigners".

It's not just "independence" it's literally: you cannot trust a US [owned] company because the US government has said it that US law governs any foreign subsidiaries. Because they're now magically subject to US law they have to comply with the patriot act, which is already unconstitutional. But that doesn't matter as the US Supreme Court has repeatedly held that the constitution does not apply to foreigners. Therefore they don't even need the patriot act: foreigners don't get the 4th amendment.

If you were the leader of some country, and there was another country acting that way, would you ever want to store any of your information, or rely on services provided by, a company subject to such rules?

I used Nextcloud for more than one year, but in the end I found it too bloated for my usage and I kept having problems with some outstanding bugs in it.

I finally moved to Syncthing one year ago and never had to configure anything else. I have it running in a docker container that gets automatically updated and needed zero configuration since then. It's also much faster at syncronizing files than Nextcloud was, and doesn't need a central repository.

If you don't need Nextcloud fancy features and just want a Dropbox self hosted alternative, Syncthing should be the way to go.


Do EU governments not have something like FedRamp? I work on a popular SaaS product for enterprises. At my last job I supported a managed service provider who was going after some federal IT outsourcing business.

AWS has FedRamp instances in DCs no one else uses. Same with the SaaS system I work on. They had all kinds of restrictions including only allowing US Citizens to access the systems.

You're referring to AWS's GovCloud regions, right (https://aws.amazon.com/govcloud-us/)? I also believe Microsoft has a eqivalent product (https://azure.microsoft.com/en-us/global-infrastructure/gove...)

Yes, FedRamp is the certification. GovCloud is FedRamp certified AWS.

Just asking: the new plans of "Owncloud" won't have any repercussion on "Nextcloud", right? Question based on 1) the fact that Nextcloud is a fork of Owncloud and 2) this post...


...as reported e.g. here (I had problems loading the above page):


Meaning: Nextcloud won't follow a similar direction, right? Thx

First of all, we forked 3 years ago and have progressed very fast since then - there is, from what I know, no code going between the two code bases since 2 years or so.

Second, there is simply no reason to rewrite everything from scratch. We know our code base well enough to be able to maintain and keep driving it forward.

Nextcloud can already scale to hundreds of millions of users. See nextcloud.com/globalscale - GS is in production since 2017 and at at least one customer, some nodes have shown to scale to 250K users, as part of a larger architecture designed for tens of millions. We have about a half dozen other customers using GS or working on deployments, and some in proof-of-concept stage.

In short, we have no plans to change a working, proven architecture which actually scales from Raspberry Pi to a global deployment for something which actually doesn't do either of those.

Great, this makes me happy:)

Thanks a lot for mentioning the interesting details!

Do EU Governments care about security? Has a proper audit of this monstrosity been done?

Or is this just another ploy to get better pricing?

Where is information stored securely? On a private server not accessible from outside and protected by law or on foreign publicly accessible servers not protected by local laws?

So both the German and French governments host Nextcloud firewalled off from the internet. Others use things like a reverse proxy (City of Geneva). Most customers just run Nextcloud internet-facing, as that is the easiest if you want to collaborate and work remotely. We trust Nextcloud to be perfectly safe for that, at least as safe as any complex piece of software can every be, of course. We have a very active security team, the latest security measures and a bug bounty program where you get up to $5K for reporting issues to us.

Sounds like someone didn't bother reading the linked page...

Those quotes read like typical PR statements made by politicians. I was hoping for a bit more.

I can’t find it now but it wasn’t long ago that the NextCloud (or was it OwnCloud) FAQ had a note about security that read something like “we’re busy adding features we’ll get to security later”. It left me feeling uneasy. I would have hoped security would have been part of the design. Maybe I’m just getting old...

Things have changed a fair bit since the early ownCloud days - you'll be hard pressed to find a large PHP app with so few security issues, and that's not me saying that but quoting a pentest firm hired by the Swiss city of Geneva which audited Nextcloud recently. See https://nextcloud.com/secure - thoughts are, of course, always welcome.

Actually, we already quoted them in an earlier blog: https://nextcloud.com/blog/a-wave-of-cities-all-over-europe-...


Nextcloud is really cool. A coworker had initially set it up for an in-house place for our team to store more sensitive things that we didn't want floating around on confluence or google docs. It didn't last long. The legal team didn't like the AGPL license and we had to abandon the project. Too bad really, the interface is very nice and the file level encryption was a big plus.

Why would the legal team care about the license in this case?

Fear. I think they are over-cautious. They don't want AGPL code running in an environment that could be perceived as part of our customer environment.

They should contact us - Nextcloud GmbH. A contract with us contains all indemnification they could ever want, so it should not be an issue at all. (A)GPL is used in a countless business environments, they're tried-and-true licenses that have been proven to be pro-customer. Especially if you have a proper vendor contract it's actually a huge advantage over the various vendor licenses and their often heavy-handed anti-user clauses.

Glad to see nextcloud getting more punchy support. Could be a big plus for everyone doing self hosting stuff

France/Netherlands/Sweden/Germany is an interesting mix.

(Edit: removed incorrect information.)

It's not an EU project, it's individual governments making long-term infrastructure decisions. Just like the French gov chose matrix for internal communication. Sadly there has been no national move to Linux as desktop OS for staff yet, but quite a few lower level initiatives. Those lower level ones obviously have less resources and more fluctuation, but shifting 300k federal employees to a new storage provider will not be a frequent decision.

NextCloud was an independent company well before it did anything government related.

The only thing that's happening here is they appear to have struck a huge contract with a few EU countries to build internal clouds.

I believe NextCloud is open source, and a fork of owncloud from the original owncloud developer who wasn't happy with the direction it was taking, or something like that. Also, they are a profitable company, and the product is open source, so this only looks like a boost to their business model and the open source product it's based on.

Ah, I see. Perhaps not as bad as first thought, then!

Nextcloud has been around since 2010 (insert boring digression about a fork here).

Dunno what your threshold for abandonment is, but that’s already a better shelf-life than most profit-driven startups.

I first thought it's about a new competitor for AWS, Azure, Google Cloud. A bit misleading headline. According to Wikipedia: Nextcloud is a suite of client-server software for creating and using file hosting services. More properly would be to say: cloud storage.

It's very bad Europe has no its own public cloud yet. All universities, schools, research centers, public services can be much more efficient and secure than now. But they will probably fall again into the same trap like it happened with Windows and other proprietary garbage before. Will it be AWS or Azure this time?

A fair number of universities and research institutes already use Nextcloud, e.g. the Max Planck Computing and Data Facility offers a Nextcloud installation for all users and TU Berlin also offers one for all of its students. There's no reason for these things to live in a "public cloud", whatever that means, self-hosting them is much more efficient, privacy friendly and secure (if only by compartmentalising).

We(FileCloud) compete with NextCloud in Self-Hosted EFSS space and part of Gartner MQ. We are seeing more and more government customers are asking for solutions that offer complete control over their data. We have large government and education customers in switzerland and Denmark.

The new dashboard app/widget dock looks great. Looks like it's a totally different app from the old unmaintained one which got buggy and then low ratings, but the new dev kept that listing and is working to get it back up.

Playing life on expert mode, respect.

If nothing else another player in the market is a good idea. To get government contracts, they would have had meet stringent security standards, it would interesting to know what level they are compliant to.

I'm so happy to see this, I'm a huge fan of Nextcloud since I switched from Dropbox and couldn't been happier. I never seen such a high quality PHP project, it's really simple to operate and upgrade!

Could this be the next MiniTel in the making?

Minitel was based on another protocol. Nextcloud reuses current technology and provides open source interfaces.

So, the difference between the internet and the minitel is nothing like the difference between Nextcloud and American alternatives (Dropbox & Co).

> Minitel was based on another protocol.

everything was 'based on another protocol' before x25 :D

i think that just like Minitel was one of many services that used the banal packet switching tech at the time, nextcloud is just another banal cloud offering. What is interesting is what will happen soon: truly distributed networks will be for [aws/nextcloud/etc] what the internet was for [minitel/dec/telenet/bbs] users.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact