Saving data in the cloud has become an everyday occurrence. However, the disclosures about regular surveillance being conducted by the NSA have caused many users to become concerned over who has access to their data. The easiest way to protect data from unauthorized third-party access is to set up a private data cloud.

A number of free software solutions have become available for constructing private cloud infrastructures. One of these is a software suite called ownCloud [1]. Because the suite works as a client/server application, established distributions are the most suitable for use in the server context. They guarantee straightforward operability and the stability required for use in a professional setting. The software itself is available in both community and enterprise versions. The enterprise version is compatible with third-party applications like Oracle, and it includes support offerings that are appropriate for commercial users.

Installation Chaos

With its brand new community version 9, ownCloud offers various installation options. According to the project it also cooperates with a large number of distributions that have corresponding software repositories and directions [2]. For the choice of a server during testing, I decided to perform a completely new installation.

However, I was immediately met with difficulties. Debian "jessie" v8.3 was my first candidate. A series of error messages interrupted installation of the server on numerous systems (Figure 1). With a brand new Ubuntu 16.04 "Xenial Xerus," installation proceeded without a hitch.

Figure 1: Problems that plagued the installation in earlier versions now seem resolved in Ubuntu 16.04.

It appears that technical difficulties that plagued earlier version were caused by incorrectly resolved dependencies associated with the PHP 5 server scripting language. There were packaging errors left over from the preceding versions of the ownCloud software [3]. However, the developers have made it such that even users of older versions of ownCloud who want to update to the latest version have to invest significant time and effort in order to do so. It is not possible to perform an upgrade that crosses over multiple versions of ownCloud.

If you want to update an old, series 7 version to the current version 9, you may run into a complicated update scenario populated by bugs [4] that are unworthy of professional-grade cloud software. Additionally, any mistakes made during the update process can potentially result in massive data loss. Therefore the ownCloud developers address the topic of performing updates at great length online [5]. It is important to know that no possibility for performing downgrades exists.

Upon closer inspection, installing ownCloud from the distribution repositories also proves to be problematic. For purposes of making installation on bulk storage easier, this piece of cloud software is already found in the archives of many projects like openSUSE and Ubuntu which we tested. However, the default repositories typically do not currently contain the new version 9 of ownCloud. That's why we resorted to installing the version offered by ownCloud.

First Steps

In order to perform a clean installation of the various services, the first step is to add the package sources for ownCloud to the server and then update the repositories to the current version as shown in the three first lines of Listing 1.

01 $ wget -nv https://download.owncloud.org/download/repositories/stable/Ubuntu_16.04/Release.key -O Release.key
02 $ sudo apt-key add - < Release.key
03 $ sudo sh -c "echo ,deb http://download.owncloud.org/download/repositories/stable/Ubuntu_16.04/ /' >> /etc/apt/sources.list.d/owncloud.list"
04 $ sudo apt update
05 $ sudo apt install owncloud owncloud-files

In order to keep track of which packages are available for ownCloud, check the list of packages in the terminal with:

sudo apt-cache search owncloud

As a final step, install the owncloud package, which contains and configures all of the dependencies and necessary services (Line 5). During installation of MySQL, the user should watch out for the request for a password for database administration to appear.

Restarting the system then starts the new services. In order to find out whether the web server is working properly, visit http://127.0.0.1 from you browser. Apache will appear with a test page.

Building clouds

To visit your new cloud, open http://127.0.0.1/owncloud in your browser. When the software starts up, it displays a start screen that asks for a new administrator password. There is also a warning message, which indicates that only the SQLite database is active as a backend when the software comes from the manufacturer. This can be changed by clicking on the Storage & database button and selecting MySQL/MariaDB from the entries that appear.

The routine continues on with this dialog so the user can specify a user and password for configuring the database and also a name for the new database that is to be created. After a final mouse click on close installation , a welcome message will appear with an overlay window that contains information about client software for numerous platforms.

There are data synchronization applications available as downloads for all standard operating systems. The corresponding software for mobile devices like tablets and smartphones is available in the app store [6] and on Google Play [7] (Figure 2).

Figure 2: ownCloud offers client software for mobile devices with iOS and Android.

Access Problems

In order to use the ownCloud interface from other computers on the intranet, the user needs to change another default setting in the software. The developers have entered just a single trusted host, localhost , in the /var/www/owncloud/config/config.php file. This means that the IP address for the server and its hostname are rerouted to the local host when they are entered and called from another machine. The server is not accessible from external clients. Therefore, the user should enter the name for the server in the trusted_domains section. This will need to be done before the user can speak to the ownCloud server from other computers in the local network (Figure 3).

Figure 3: The user comes to a dead end when attempting to reach the server from other computers on the LAN due to a problematic setting that prevents access.

The middle area of the browser window displays several folders. These can be used as needed to store documents, images, and multimedia files. This feature is very similar to what is found on a customary file server. The software can handle multimedia formats. For example, it can play back videos in most common formats, and it is possible to view images in the browser without the need for external programs.

If you want to change the language, log in as administrator and click at the top right on the root button and select Personal in the corresponding menu. A new screen opens with options that include the setting for language underneath the profile. This is where the user can change the default setting from English to something else. The software will automatically adapt itself so that it is localized to the chosen language.

When you click on the Personal button in the upper left corner of the browser, a menu unfolds containing the files option. Click on it and a vertical bar with various options for sharing and forwarding files will open on the left-hand side of the display.

Clicking on files in the top left-hand corner opens a context menu with the additional entries Activity , Gallery , and Apps . Clicking on each of these changes the entries below depending on the context.

At the lower edge of the bar in the administrator window there is also a trash can for deleted files and folders plus a settings button, which when clicked shows a URL for enabling the WebDAV protocol in ownCloud. You can manage additional modules that expand ownCloud's features with modules for collaborative work solutions like calendars and address books [8] (Figure 4).

Figure 4: OwnCloud's modular structure makes it possible for the user to adapt and extend the framework according to the individual wishes of the user.

Configuration

You should first test and adapt the configuration before using the system for the first time in order to make sure that the computer has sufficient capacity to perform the services with numerous clients. This initial step requires that you have administrative rights. By clicking with the mouse on the name of the administrator at the upper right of the browser window, you can open a submenu that contains the Admin entry. One click on this option displays a wide variety of options in the work area of the browser.

As you are probably initially accessing the server through an insecure connection, it is a good idea to immediately configure access through an HTTPS connection. This involves only a small amount of manual work under Ubuntu and its derivatives. A basic cryptography infrastructure lands on the drive when the operating system is installed. Therefore, all that needs to be done is to activate the relevant settings in the Apache server configuration (Listing 2). Reload the server to activate the changes, making it possible to connect via a secure HTTPS connection to ownCloud.

# a2enmod ssl
# a2ensite default-ssl
# service apache2 reload

Customer Support

You will need to install appropriate software on the clients in order to synchronize data with the newly set up ownCloud server. All of the familiar distributions have the necessary packages available in their repositories. If you discover outdated packages in the repository, then a good alternative is to go to the project website to get a current release [9].

Unlike the experience with the server version, it was easy to install the client under various distributions. Some installations like the one under openSUSE required just a few mouse clicks. Once the installation is complete, the user will see, depending on the desktop environment, a starter ownCloud desktop sync client in the Tools menu or in Accessories .

Clients that want to connect with the server need corresponding authorization data. To enter this data, log into the server as an administrator and click on the upper right of the main window on the username. In the menu that opens, select the Users entry, go to the upper line in the corresponding field, and set up the new accounts by entering user name, password, and the corresponding memory portion for the account.

Once this data is entered, click on the Create button. The software generates the new account according to the settings that have been selected. The entry appears in the table for accounts where it can be integrated with a mouse click on Groups into the various groups and inherit their privileges. At this point, you should specify the accompanying administrator for the group (Figure 5).

Figure 5: The clients appear in an inventory where the user grants the required group rights to each of them.

The next step is to open the client software on the external computer by clicking on ownCloud desktop sync client and entering the name or the IP address of the server along with the password and username for the ownCloud client. After the final request for the certificate, the routine sets up a corresponding folder for synchronization. You can pick any folder you wish.

Additionally, you should specify the contents to be synchronized in the start screen. The last step connects the work place PC with the ownCloud server and synchronizes the files and directories that you have selected. Then you can view recent activities in the client (Figure 6).

Figure 6: You only need the IP address and the access data to accept the connection to the server.

Alternatively, you can connect the server directory via the WebDAV protocol to the local system by specifying the appropriate network drive. This is done with a WebDAV-capable file manager. Open the Settings prompt at the lower left, and copy the WebDAV addresses provided there to the clipboard. Then import these via the dialog to set up a network folder in the file manager.

In some distributions, the client is not automatically activated during booting. If this happens, you can start it with a script. This method takes care of security concerns and minimizes the data throughput over the network. The client polling, i.e., making contact with the server at short intervals, increases the data throughput over the network.

In order to maintain data synchronicity between the clients and the server, first start the ownCloud client. Then add other directories for synchronization or delete those no longer needed in a window, which has been designed with simplicity in mind (Figure 7).

Figure 7: A straightforward window makes it possible to include other directories in the client software for synchronization or to delete those no longer needed.

Expandable

The apps integrated into ownCloud expand the functionality of the software. To activate them, log in as administrator and click at the top left of the window on the Files button. Then select the Apps entry in the submenu.

The apps appear in the vertical context menu that opens on the left side of the window. The apps are arranged in various subgroups. Clicking on the activate button found underneath each of the apps, incorporates the desired functionality into the system. A newly integrated app becomes available to all users once they log in again.

There is a search feature at the upper right of the main window which you can use to search for terms and character strings. Administrative functions like integrating additional apps or assigning storage space are reserved for the server administrator and are therefore not available in the client interface.

ownCloud also lets users work collaboratively. You can share files by clicking with the mouse on the Sharing symbol and entering the other users' names. In the Shared with you window, you will find content that other users have released to the intranet for you. It is also possible to share using a link.

ownCloud lets you assign certain rights to the recipient of data, thus making it possible for the recipient to perform additional editing tasks. After releasing one or more files, the shared icon will appear behind each. The view for the recipient is different. This user sees the shared files with the designation Shared with you .

Conclusion

ownCloud lets you create a private cloud and use professional data administration and editing tools. During testing, the breadth of functionality was impressive. The software is stable and intuitive to operate. There is no need to study boring documentation.

Nonetheless, improvements are urgently needed with respect to server installation. Apparently, testing has been insufficient since the release of version 9.0. As a result, a very buggy installation process blocks quick access to the local cloud, sometimes permanently.

The problems with updates also need urgent attention from the developers. Presently, each upgrade from an older version to the current version turns into an installation drama of unique proportions that extends across multiple releases. Other cloud projects are already doing significantly better in managing this process.

The bandwidth requirements for ownCloud are relatively high. With multiple active clients, older hardware can quickly become overwhelmed if you share large files like videos and films. However, casual users will find an excellent option for building a private cloud that protects against incursions.