How to go open source with cloud-based file sharing

There aren’t many businesses in the world that don’t deploy at least some file storage and sharing solution along the lines of Dropbox, Box or Google Drive. In fact, it’s a safe bet that your business deploys several of them at the same time, usually in a relatively disorganized way. They’re often placed into workflows by individuals, department managers, or even different branches in the same company.

What happens over time is that the costs mount up. The pay-for-space, pay-per-user models of the cloud providers behind each make the sums involved small, but as more data gets stored, and companies take on more staff, then over time the cost of what’s essentially a file share adds up very significantly. Before you know it, the pay-as-you-go cloud model is more like a pay-through-the-nose problem. And thousands and thousands of dollars a year, just for file sharing doesn’t make a great deal of sense.

For just the price of some very basic hardware you can replace your multiple Dropbox, Dropbox for Business, Google Drive and Box-like accounts for almost no cost at all. Setting up some open source software on a spare machine isn’t difficult, and it can pay dividends over time. But there are a few complications with accessing the share from outside the workplace that may put some organizations off— although nothing that would trouble any half decent tech-support company or IT supplier.

This article will show you just how easy it is to get up and running with free, open source software that will happily run a sophisticated file sharing facility, and one that comes if not absolutely free, then one that will indubitably represent a very small fraction of what your combined file-sharing services cost.

For the purposes of this demo, rather than deploy in-house hardware, we “rented” some virtual hardware from Digital Ocean, a process which is simplicity itself. To get going, we suggest you do the same (perhaps as a proof of concept), and it’s easy to switch to actual hardware too – but setting that up is the subject of another article (watch this space – ed.). We’ll also consider how your organization can pay back into the open source community and bring you more benefits besides.

Free and open source

To try and see just how easy it might be to deploy a “free Dropbox” solution, we set up our own filesharing service. We had it up and running, happily serving several terabytes of data, in less than two hours to everyone in our organization: three offices on different continents, plus dozens of remote freelancing and part-time staff all over the world.

If your organization doesn’t have the know-how to hand to achieve what we did (it’s really not difficult), then you probably already use someone’s services who can help. Your IT support company or consultancy should be your first call, in all likelihood, who may well jump at the chance to lend a hand: in truth, it’s an infinitely more interesting challenge for those guys than reconfiguring your CEO’s email account (for the third time this week).

We used Nextcloud as our open source software platform, although there are probably nearly a dozen to choose from, like ownCloud, Seafile and Syncthing, to name three. Like many open source software companies, Nextcloud makes its money by selling support contracts and enhanced management services for larger users who can pay for the peace of mind.

The free-at-the-point-of-use plus optional-pay-for-support is clearly a business model that pays off for Nextcloud, plus, look at the multi-billion dollar acquisitions in recent years of SUSE and GitHub. Red Hat is one of the biggest names in computing today on a dollar basis, yet you can install Fedora for free and get the same platform in under an hour.

Dig the foundations

As a first step, we rented out a Droplet from Digital Ocean. A droplet is DO’s terminology for a virtual machine, but the same service is available from many other suppliers. There are suppliers like OVH, Hetzner, and Scaleway that offer very similar packages; we chose Digital Ocean because our in-house developers already have accounts there. We rented a Droplet with just 50GB of storage to get started (ready to scale without service interruption), and to make life even easier, we spun up a Droplet that had Cloudron already installed. Cloudron is a package that, for the purposes of this demo, let us install Nextcloud with a single click.

Nextcloud is a service that in its base configuration supplies comprehensive file sharing facilities with which everyone will be familiar: a web interface, local folder synchronization if needed, group management, sharing of folders and files with users and third-parties, and so on. Nextcloud can also be extended very easily: here at TechHQ, we plan to add calendaring and tasks to our service, both of which are one-click installs. You can see all of Nextcloud’s applications here.

Organizations with more technical skills at hand may also wish to investigate the different installation options. There are a web-based install and various appliances (a Docker image & Snap package), and even starting from a bare-bones server isn’t that difficult (there are plenty of walk-throughs & videos out there). It runs on various flavors of Debian (including Ubuntu), CentOS, and SUSE, and you’ll need Apache 2, PHP and MariaDB. Final config: whichever route you take is typically via a web console, but CLI-based administration is possible with occ (a tool written in PHP by ownCloud).

Setting up

Once installed, we configured accounts for our users very quickly, with emails announcing the service going out automatically. The platform integrated with the in-house Active Directory, and there’s also a highly configurable LDAP integration too. You can insist on two-factor authentication on a per-user, or per-group basis, or make it the norm for even the highest administrator. Password policies can prevent low-standard passwords (to turn down choices like “p4ssw0rd” and “ilovesam”), plus there are the usual change-on-first-login stipulations and automated password rotation and resets too.

The server’s repositories can be encrypted at rest with negligible overheads, and all traffic is encrypted. In short, security is as tight as the setup was a breeze – but the ease of the process did not mean that the platform’s underpinnings are consumer-level. On the contrary, even without add-ons, further apps or extensions (many of which are one click installs, too), the platform has been rock-solid, despite what we’ve thrown at it in our testing.

Almost as an afterthought, we had the interface skinned with the company colors and logos, complete with logos, strap-lines, and imagery. The overall look and feel were highly corporate and professional – and to reiterate, all this was out-of-the-box. As a company, we’ve barely scratched the surface of what’s available.

Client-side use

Anyone who’s used Box, OneDrive or Google Drive will be immediately comfortable in the Nextcloud environment. As well as the web interface onto the files and folders to which one has access, there are also desktop and mobile clients (Windows, Mac, Linux, iOS, Android) which can synchronize folders and files as background processes, if required. Setting these up is a simple matter of entering credentials, then choosing which folders to sync. After that, the daemons chug away, keeping repositories up to date.

Folders and individual files can be shared either with other users or via email links to third-parties – any shared resources can be time-limited, thus shutting down access after the file(s) have been accessed. Admins and users can (according to granted privileges) tag items or add comments, with additional notes added on a per-share, per-recipient basis, too. This is a collaborative platform that’s open, yet highly secure.

Next steps with Nextcloud

Part of the open source nature of the Nextcloud platform is the assumption that users should, in some way, ‘payback’ into the platform – but that needn’t be development, debugging or extending the code of the platform. If your organization isn’t that technical, here are a few ideas to give the good folk in the Nextcloud community a boost to show your appreciation of what is, in practical terms, a free product:

• Write up your experiences and post them to your company blog.
• Document your set-up and installation process in as much detail as you can, highlighting any particular issues you faced, or integrations you implemented along the way (using the LDAP filters in one specific way, for instance). That sort of how-to documents is very useful to other users when they get started.
• Shout to your partners, clients, and customers about your experiences.
• Consider a donation to Nextcloud Gmbh: Euros are always good (perhaps a percentage of what you no longer pay to Google for the same service?), but beer or coffee arriving out of the blue on a courier’s truck might also be appreciated!

Conclusion

Free and open source software already runs the internet, and it runs the majority of what’s termed ‘the cloud’. While the paid-for cloud services that many organizations use are very valuable, often cloud companies are offering services that are based on the type of software that’s free for you to use yourself. The mark-up levied on users is sometimes little more than gloss, but as our experience shows, smooth installation and seamless everyday use are not unique to services that are paid for. Feel free to use the comments section below to tell us of your experiences, good or bad.