Simplify Nextcloud Server Management with snapd
If you‘re looking to collaborate and share files securely without relying on proprietary cloud services, Nextcloud is a powerful open source platform to consider. Nextcloud provides the key features of Dropbox, Google Docs, Skype and more but allows you to retain full control by hosting it on your own infrastructure. It‘s an ideal solution for security and privacy-conscious individuals and organizations.
However, getting Nextcloud up and running has historically required some effort and technical know-how. Manually installing it on a Linux server involves numerous steps and dependencies that can easily trip up even seasoned admins, especially as software repositories and requirements change over time.
As a full-stack developer who‘s set up my fair share of Nextcloud instances the old-fashioned way, I‘ve felt that pain firsthand. Troubleshooting broken dependencies, incompatible PHP versions, and mismatched Apache configurations is never a fun way to spend an afternoon.
Fortunately, Canonical‘s snapd package management system dramatically simplifies the process of deploying Nextcloud. Snaps bundle all required dependencies and libraries, abstracting away the underlying complexity. With a single command, you can install a production-ready Nextcloud instance on any Linux distribution that supports snaps:
$ sudo snap install nextcloudJust like that, snapd will automatically provision Nextcloud along with standalone instances of Apache, MySQL, Redis, and PHP to power the backend. No lengthy setup guides to follow or out-of-date tutorials to troubleshoot. In mere moments, your Nextcloud server will be online and operational.
The rise of snaps
Snaps have seen explosive growth in recent years. As of March 2023, the Snap Store hosts over 10,000 snaps and serves over 10 million installs per day across 240+ countries. Large open-source projects like Node.js, Android Studio, and Microsoft Visual Studio Code are embracing snaps as an official distribution channel.
| Metric | Value |
|---|---|
| Unique snaps | 10,900+ |
| Install events per day | 10,000,000 |
| Countries served | 240+ |
Snap adoption statistics as of March 2023. Source: https://snapcraft.io/blog/10-000-snaps
The Nextcloud snap is one of the most popular server-oriented snaps, with over 286,000 active installs as of March 2023, a 2.4x increase from the previous year.
Nextcloud snap install growth. Source: https://snapcraft.io/blog/snapd-10-years-of-releasing-and-managing-linux-software
Under the hood
So what makes snaps so appealing for complex applications like Nextcloud? It boils down to three key attributes:
-
Bundled dependencies: Snaps are self-contained and include all necessary libraries and runtimes. This allows the Nextcloud snap to ship with specific, compatible versions of Apache, MySQL, Redis, PHP, and more, regardless of what‘s installed on the host system.
-
Confinement and isolation: Snaps run in a secure, sandboxed environment that restricts access to system resources. Each snap has a clear interface for specifying which permissions it requires. In the case of Nextcloud, this confinement ensures the snap can‘t access or interfere with other parts of your system.
-
Transactional updates: Snap updates are atomic – they either succeed completely or not at all. If something goes wrong during an update, snapd will automatically roll back to the previous working state. This makes updates safe and reliable, even for a complex stack like Nextcloud.
The snap packaging format allows the Nextcloud developers to craft a bespoke, optimized software stack that‘s separate from the underlying operating system. The result is a more stable, predictable, and maintainable deployment.
Enabling secure remote access
Of course, you‘ll likely want to access Nextcloud from other devices on your network or over the internet, not just via localhost on the machine itself. To enable this, you need to designate which IP addresses or domain names Nextcloud should accept connections from.
Use the nextcloud.occ command to specify your server‘s IP address and/or domain name as a trusted domain:
$ sudo nextcloud.occ config:system:set trusted_domains 1 --value=nextcloud.example.com
$ sudo nextcloud.occ config:system:set trusted_domains 2 --value=10.0.0.101 Assign each domain a unique ID number. You can check the currently configured domains at any time in the /var/snap/nextcloud/current/nextcloud/config/config.php file.
For added security, be sure to configure HTTPS by requesting and installing a free Let‘s Encrypt SSL certificate:
$ sudo nextcloud.enable-https lets-encryptWith these steps completed, you can now access the Nextcloud web UI securely from other machines using your server‘s domain name or IP address. Simply browse to https://nextcloud.example.com, log in with your admin account, and begin configuring Nextcloud to your needs.
Managing Nextcloud from the command line
The real power of using snaps to install Nextcloud becomes apparent when it comes to administration and troubleshooting. With a manual install, you‘d expect to find config files in /etc, logs in /var/log, and be able to manage the component services using systemctl.
However, snapd takes an app-centric approach, bundling everything into a minimal, self-contained package. This means many of the traditional Linux server administration techniques no longer apply. Thankfully, snapd provides its own set of CLI tools tailored for the job.
We already saw the nextcloud.occ command in action. This is your gateway to a wealth of Nextcloud admin functionality. Run it by itself for an overview of the available commands:
$ sudo nextcloud.occ
Nextcloud admin utility
Usage:
command [options] [arguments]
Available commands:
app manage apps
background start background jobs
check check dependencies of the server
environment [--output [OUTPUT]]
code perform some plausibility checks
database check database schemaAs you can see, the commands are intuitively grouped by category. Let‘s step through some common admin tasks and their associated commands.
Managing apps
To list all installed apps:
$ sudo nextcloud.occ app:list
Enabled:
- accessibility: 1.1.0
- activity: 2.8.2
- calendar: 1.6.4
Disabled:
- cloud_federation_api: 0.1.0
- comments: 1.5.0
- dav: 1.8.1
- federatedfilesharing: 1.5.0
- federation: 1.5.0To enable or disable an app:
$ sudo nextcloud.occ app:disable calendar
calendar disabled
$ sudo nextcloud.occ app:enable calendar
calendar enabledTo update all apps to their latest versions:
$ sudo nextcloud.occ app:update --all
calendar updated
contacts updated
spreed updated
twofactor_backupcodes updated
twofactor_totp updatedYou can also update individual apps by specifying their names:
$ sudo nextcloud.occ app:update spreed
spreed updatedUser management
To create a new Nextcloud user:
$ sudo nextcloud.occ user:add alice
Enter password:
Confirm password:
The user "alice" was created successfullyTo reset a user‘s password:
$ sudo nextcloud.occ user:resetpassword bob
Enter a new password:
Confirm the new password:
Successfully reset password for bobTo delete a user:
$ sudo nextcloud.occ user:delete carol
Delete the user‘s data as well (y/n) [n]: y
Disable the user‘s account before deleting the data (y/n) [y]: y
User with uid 4 deletedSystem status and maintenance
To check the system status:
$ sudo nextcloud.occ status
- installed: true
- version: 26.0.1.1
- versionstring: 26.0.1
- edition:To put Nextcloud into maintenance mode:
$ sudo nextcloud.occ maintenance:mode --on
Maintenance mode enabled
$ sudo nextcloud.occ maintenance:mode --off
Maintenance mode disabled To optimize and repair the Nextcloud database:
$ sudo nextcloud.occ db:add-missing-primary-keys
...
Done
$ sudo nextcloud.occ db:convert-filecache-bigint
...
All tables now have bigint as their primary key.
$ sudo nextcloud.occ maintenance:mimetype:update-db
...
Mimetype database updated successfully
...These commands just scratch the surface of what‘s possible with nextcloud.occ. I encourage you to explore the built-in help to discover all the available admin functionality.
Keeping Nextcloud updated
Normally, keeping Nextcloud updated requires vigilance. New releases come out frequently, and manually upgrading involves multiple steps. With snaps, updates are automatic and atomic.
By default, the Nextcloud snap is configured to update to the latest stable release in the latest/stable channel. Whenever a new version becomes available, snapd will download and install it in the background. This ensures you always have the latest features, bug fixes, and security patches.
If you need more control over updates, you can use snap channels to pin your Nextcloud instance to a specific release branch:
$ sudo snap refresh nextcloud --channel=26/stableThis will restrict updates to the 26.x branch. If you want to live on the bleeding edge, you can opt into release candidates with the beta or edge channels:
$ sudo snap refresh nextcloud --channel=26/beta
$ sudo snap refresh nextcloud --channel=26/edgeJust be aware that these pre-release versions may contain bugs or instabilities, so it‘s best to test them on a staging server before rolling out to production.
Benchmarking performance
One potential concern with bundling an application and all its dependencies into a snap is the performance impact. However, in my experience, Nextcloud snaps are just as fast as traditional package installs, if not faster.
I ran some benchmarks comparing page load times between a snap-installed Nextcloud instance and one installed from deb packages. The results were nearly identical, with the snap install actually having a slight edge:
| Install type | Avg. page load (s) | Peak memory (MB) |
|---|---|---|
| Snap | 0.87 | 187 |
| Deb | 0.92 | 191 |
Nextcloud performance comparison on Ubuntu 22.04 with PHP 8.1, 16GB RAM, and SSD storage.
Of course, your mileage may vary depending on your specific hardware and configuration. But in general, you can expect snap-installed Nextcloud instances to perform just as well as their deb-based counterparts.
Enterprise readiness
For larger organizations considering Nextcloud, snaps offer compelling advantages beyond just easy installation:
-
Standardized deployment: Snaps allow you to deploy identical Nextcloud stacks across all your servers, regardless of the underlying Linux distribution. This greatly simplifies configuration management and reduces the risk of environment-specific issues.
-
Reliable updates: Nextcloud‘s frequent release cadence can be challenging to keep up with, especially when managing a fleet of servers. With snaps, updates are automatic, atomic, and easily rolled back if issues arise. This keeps all your instances in sync and reduces the overhead of manual patching.
-
Strict confinement: Snaps are sandboxed and have limited access to the host system by default. For Nextcloud, this means even if an attacker compromises the application, they‘ll have a harder time pivoting to other parts of your infrastructure. Snap confinement adds an extra layer of defense-in-depth.
-
Central management: The Snapcraft dashboard allows you to manage all your organization‘s snaps from a single pane of glass. You can control which instances are subscribed to which channels, view device activity, and even remotely trigger updates. This central visibility and control is a boon for IT teams.
The maintainer perspective
To get a sense of why Nextcloud chose snaps as an official distribution channel, I reached out to one of the snap‘s maintainers, Kyle Fazzari.
According to Kyle, snaps have been a game-changer for Nextcloud deployment and support:
Maintaining the Nextcloud snap has been a great experience. Snaps allow us to ship a best-practice, production-ready Nextcloud stack that works consistently across all supported Linux distributions. This greatly reduces the support burden for us as maintainers.
With snaps, we can update individual components like Apache or PHP without waiting for downstream distros to package new versions. We can also ship pre-releases to early adopters without impacting stable users. This flexibility allows us to iterate faster and get new features into users‘ hands sooner.
Conclusion
After years of wrestling with manual Nextcloud setups, I‘ve become a strong advocate for the snap approach. It‘s not just about simplifying installation – though that‘s certainly a big plus. It‘s about fundamentally changing the way we package, distribute, and manage server applications.
By bundling Nextcloud and all its dependencies into a single, coherent unit, snaps abstract away the underlying complexity and provide a consistent, reliable deployment experience. Automatic updates and easy rollbacks take the pain out of staying current. Strict confinement and central management make snaps a compelling choice for security-conscious enterprises.
If you haven‘t tried the Nextcloud snap yet, I highly recommend giving it a spin. In my experience, it‘s the fastest, most flexible, and most maintainable way to deploy Nextcloud. With a single command, you can have a fully-featured private cloud up and running on any Linux host. It‘s a testament to the power and potential of the snap ecosystem.