mirror of
http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions.git
synced 2025-07-02 11:56:40 +00:00
332 lines
13 KiB
HTML
332 lines
13 KiB
HTML
<!DOCTYPE html>
|
||
<html lang="en">
|
||
<head>
|
||
<meta charset="utf-8">
|
||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||
<meta name="description" content="">
|
||
<meta name="author" content="">
|
||
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
|
||
|
||
<title>Nextcloud .onion server</title>
|
||
|
||
<!-- Bootstrap core CSS -->
|
||
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
|
||
<link href="../../assets/css/xt256.css" rel="stylesheet">
|
||
|
||
|
||
|
||
|
||
<!-- Custom styles for this template -->
|
||
<link href="../../assets/css/main.css" rel="stylesheet">
|
||
|
||
|
||
|
||
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
|
||
<!--[if lt IE 9]>
|
||
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
|
||
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
|
||
<![endif]-->
|
||
</head>
|
||
|
||
<body>
|
||
|
||
<!-- Static navbar -->
|
||
<div class="navbar navbar-inverse-anon navbar-static-top">
|
||
<div class="container">
|
||
<div class="navbar-header">
|
||
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
|
||
<span class="icon-bar"></span>
|
||
<span class="icon-bar"></span>
|
||
<span class="icon-bar"></span>
|
||
</button>
|
||
<a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
|
||
</div>
|
||
<div class="navbar-collapse collapse">
|
||
<ul class="nav navbar-nav navbar-right">
|
||
|
||
<li><a href="/about.html">About</a></li>
|
||
<li><a href="/blog.html">Categories</a></li>
|
||
<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
|
||
<li><a href="/contact.html">Contact</a></li>
|
||
</ul>
|
||
</div><!--/.nav-collapse -->
|
||
|
||
</div>
|
||
</div>
|
||
|
||
<!-- +++++ Posts Lists +++++ -->
|
||
<!-- +++++ First Post +++++ -->
|
||
<div id="anon2">
|
||
<div class="container">
|
||
<div class="row">
|
||
<div class="col-lg-8 col-lg-offset-2">
|
||
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>Optimist - 23 / 03 / 2025</ba></p>
|
||
<h1>Nextcloud .onion server</h1>
|
||
<img src="../nextcloud/logo.png" class="imgRz">
|
||
<p> In this tutorial we're going to cover how you can install an .onion only Nextcloud instance, it is a FOSS software meant to replace popular websites like google drive, which can be ideal to make sure that your files are backed up somewhere, all while preserving anonymity. </p>
|
||
|
||
</div>
|
||
</div><!-- /row -->
|
||
</div> <!-- /container -->
|
||
</div><!-- /grey -->
|
||
|
||
<!-- +++++ Second Post +++++ -->
|
||
<div id="anon3">
|
||
<div class="container">
|
||
<div class="row">
|
||
<div class="col-lg-8 col-lg-offset-2">
|
||
<h2><b>Serverside Setup </b></h2>
|
||
|
||
<p>So for this tutorial we're going to go with a Debian server to install nextcloud via snap: </p>
|
||
<pre><code>
|
||
su -
|
||
apt update -y
|
||
<!--apt install snapd sudo ufw fuse squashfuse -y-->
|
||
apt install snapd sudo curl mlocate nginx -y
|
||
/sbin/usermod -aG sudo [NAME OF THE NON-PRIVILEGED USER]
|
||
/sbin/ufw enable
|
||
snap install core
|
||
|
||
</code></pre>
|
||
|
||
<p>Using snap, installing nextcloud is fairly simple:</p>
|
||
<pre><code>
|
||
snap install nextcloud
|
||
|
||
ip a | grep inet
|
||
curl ifconfig.me
|
||
|
||
</code></pre>
|
||
<p> you can verify that the nextcloud server works by going at the ip adress of the server http://server_ip/ where you'll create the administrator account.</p>
|
||
<img src="41.png" class="imgRz">
|
||
<p>Once that's done you should have access to your nextcloud instance, but instead of accessing it through the ip address, we'll set it up in such a way that we can access it through an .onion domain name. </p>
|
||
<p>So we follow <a href="../torwebsite/index.html">this tutorial</a> to have our own custom .domain name:</p>
|
||
<pre><code class="nim">
|
||
[ Wonderland ] [ /dev/pts/3 ] [~]
|
||
→ cat /etc/tor/torrc
|
||
|
||
HiddenServiceDir /var/lib/tor/onions/nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/
|
||
HiddenServicePort 80 127.0.0.1:4443
|
||
SocksPort 127.0.0.1:9050
|
||
|
||
[ Wonderland ] [ /dev/pts/3 ] [~]
|
||
→ systemctl restart tor@default
|
||
|
||
</pre></code>
|
||
<p>Then we setup a reverse nginx proxy to make sure that the onion requests get redirected to the correct IP: </p>
|
||
<pre><code class="nim">
|
||
[ Wonderland ] [ /dev/pts/3 ] [~]
|
||
→ rm /etc/nginx/sites-*/default
|
||
|
||
[ Wonderland ] [ /dev/pts/3 ] [~]
|
||
→ cat /etc/nginx/sites-available/cloud.conf
|
||
upstream cloudbackend {
|
||
server 192.168.100.130:80;
|
||
}
|
||
|
||
server {
|
||
######## TOR WEBSITE ########
|
||
listen 4443;
|
||
listen [::]:4443;
|
||
server_name cloud.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion;
|
||
|
||
location / {
|
||
proxy_pass http://cloudbackend;
|
||
proxy_http_version 1.1;
|
||
proxy_set_header Upgrade $http_upgrade;
|
||
proxy_set_header Connection "Upgrade";
|
||
client_max_body_size 20G;
|
||
}
|
||
}
|
||
|
||
[ Wonderland ] [ /dev/pts/3 ] [~]
|
||
→ ln -s /etc/nginx/sites-available/cloud.conf /etc/nginx/sites-enabled/
|
||
|
||
[ Wonderland ] [ /dev/pts/3 ] [~]
|
||
→ nginx -s reload
|
||
|
||
</pre></code>
|
||
|
||
</div>
|
||
</div><!-- /row -->
|
||
</div> <!-- /container -->
|
||
</div><!-- /white -->
|
||
|
||
<div id="anon2">
|
||
<div class="container">
|
||
<div class="row">
|
||
<div class="col-lg-8 col-lg-offset-2">
|
||
<h2><b>Configuring Nextcloud</b></h2> </br> </br>
|
||
<p>Now that we have the domain name pointing to the public ip address of the nextcloud server, we can setup the https certificate using let'sencrypt, just
|
||
ssh into your server once more and run the following commands: </p>
|
||
<pre><code>
|
||
[ Wonderland ] [ /dev/pts/3 ] [~]
|
||
→ /var/snap/nextcloud/common/nextcloud/data# PATH=$PATH:/snap/bin/
|
||
|
||
[ Wonderland ] [ /dev/pts/3 ] [~]
|
||
→ /var/snap/nextcloud/common/nextcloud/data# which nextcloud.occ
|
||
|
||
[ Wonderland ] [ /dev/pts/3 ] [~]
|
||
→ /snap/bin/nextcloud.occ
|
||
|
||
|
||
[ Wonderland ] [ /dev/pts/3 ] [~]
|
||
→ /snap/bin/nextcloud.disable-https
|
||
|
||
[ Wonderland ] [ /dev/pts/3 ] [~]
|
||
→ /snap/bin/nextcloud.occ config:system:set trusted_domains 1 --value=cloud.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion
|
||
|
||
[ Wonderland ] [ /dev/pts/3 ] [~]
|
||
→ /snap/bin/nextcloud.occ config:system:set overwritehost --value="cloud.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion"
|
||
|
||
[ Wonderland ] [ /dev/pts/3 ] [~]
|
||
→ /snap/bin/nextcloud.occ config:system:set overwriteprotocol --value="http"
|
||
|
||
</code></pre>
|
||
<p> And once that's done, you can access your nextcloud instance from your onion domain:</p>
|
||
<img src="42.png" class="imgRz">
|
||
<p>In order to upgrade your nextcloud, you can run the following, and also add it to cron to run automatically every day at midnight: </p>
|
||
<pre><code class="nim">
|
||
root@cloud:~# sudo snap refresh nextcloud
|
||
snap "nextcloud" has no updates available
|
||
|
||
root@cloud:~# crontab -e
|
||
|
||
[...]
|
||
|
||
0 0 * * * /usr/bin/snap refresh nextcloud
|
||
|
||
:wq
|
||
|
||
|
||
--2022-12-17 20:34:07-- https://github.com/cronitorio/cronitor-cli/releases/download/28.8/linux_amd64.tar.gz
|
||
Resolving github.com (github.com)... 140.82.121.3
|
||
Connecting to github.com (github.com)|140.82.121.3|:443... connected.
|
||
HTTP request sent, awaiting response... 302 Found
|
||
Location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/274548350/682877d8-1d52-4029-9777-425f3da0f77c?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20221217%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221217T193407Z&X-Amz-Expires=300&X-Amz-Signature=1bf21514b0120917047558bc2d6de9d2f900d34dba04cfd3d30838b59ae4701e&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=274548350&response-content-disposition=attachment%3B%20filename%3Dlinux_amd64.tar.gz&response-content-type=application%2Foctet-stream [following]
|
||
--2022-12-17 20:34:07-- https://objects.githubusercontent.com/github-production-release-asset-2e65be/274548350/682877d8-1d52-4029-9777-425f3da0f77c?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20221217%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221217T193407Z&X-Amz-Expires=300&X-Amz-Signature=1bf21514b0120917047558bc2d6de9d2f900d34dba04cfd3d30838b59ae4701e&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=274548350&response-content-disposition=attachment%3B%20filename%3Dlinux_amd64.tar.gz&response-content-type=application%2Foctet-stream
|
||
Resolving objects.githubusercontent.com (objects.githubusercontent.com)... 185.199.110.133, 185.199.108.133, 185.199.109.133, ...
|
||
Connecting to objects.githubusercontent.com (objects.githubusercontent.com)|185.199.110.133|:443... connected.
|
||
HTTP request sent, awaiting response... 200 OK
|
||
Length: 6326130 (6.0M) [application/octet-stream]
|
||
Saving to: ‘linux_amd64.tar.gz’
|
||
|
||
linux_amd64.tar.gz 100%[===========================================================================================================================================>] 6.03M 6.47MB/s in 0.9s
|
||
|
||
2022-12-17 20:34:09 (6.47 MB/s) - ‘linux_amd64.tar.gz’ saved [6326130/6326130]
|
||
|
||
root@cloud:~# sudo tar xvf linux_amd64.tar.gz -C /usr/bin/
|
||
cronitor
|
||
root@cloud:~# sudo cronitor configure --api-key 1234567890
|
||
|
||
Configuration File:
|
||
/etc/cronitor/cronitor.json
|
||
|
||
Version:
|
||
28.8
|
||
|
||
API Key:
|
||
1234567890
|
||
|
||
Ping API Key:
|
||
Not Set
|
||
|
||
Environment:
|
||
Not Set
|
||
|
||
Hostname:
|
||
cloud
|
||
|
||
Timezone Location:
|
||
{Europe/Paris}
|
||
|
||
Debug Log:
|
||
Off
|
||
root@cloud:~# cronitor select
|
||
|
||
✔ /usr/bin/snap refresh nextcloud
|
||
----► Running command: /usr/bin/snap refresh nextcloud
|
||
|
||
snap "nextcloud" has no updates available
|
||
|
||
----► ✔ Command successful Elapsed time 0.451s
|
||
</pre></code>
|
||
</div>
|
||
</div><!-- /row -->
|
||
</div> <!-- /container -->
|
||
</div><!-- /white -->
|
||
|
||
|
||
<!-- +++++ Second Post +++++ -->
|
||
<div id="anon1">
|
||
<div class="container">
|
||
<div class="row">
|
||
<div class="col-lg-8 col-lg-offset-2">
|
||
<h2><b>Clientside Setup</b></h2> </br> </br>
|
||
|
||
<p>Now you can install the official nextcloud client <a href="https://nextcloud.com/install/#install-clients">here</a></p>
|
||
<pre><code class="nim">
|
||
[ cloud ] [ /dev/pts/1 ] [/snap/bin]
|
||
→ apt install tor nextcloud-desktop -y
|
||
|
||
</pre></code>
|
||
<img src="25.png" class="imgRz">
|
||
<p>Here as you try to login you'll first see that it can't resolve the .onion domain, which is normal as you need to tell nextcloud to use the local tor socks5 proxy, available on 127.0.01:9050</p>
|
||
<img src="43.png" class="imgRz">
|
||
<p>Afterward, you need to copy the authorization link into the tor browser to validate the request:</p>
|
||
<img src="44.png" class="imgRz">
|
||
<img src="45.png" class="imgRz">
|
||
<img src="46.png" class="imgRz">
|
||
<p>Once you have granted access, you can start to sync your nextcloud instance files locally:</p>
|
||
<img src="47.png" class="imgRz">
|
||
|
||
<p>Once logged in you can check the progress in the system tray:</p>
|
||
<img src="31.png" class="imgRz">
|
||
<p>Then let it sync, it can take a while due to the low bandwidth of Tor.</p>
|
||
<img src="32.png" class="imgRz">
|
||
<p>And that's it ! You now have a local folder that is synchronized with your nextcloud instance.</p>
|
||
</div>
|
||
</div><!-- /row -->
|
||
</div> <!-- /container -->
|
||
</div><!-- /white -->
|
||
|
||
<!-- +++++ Footer Section +++++ -->
|
||
|
||
<div id="anonb">
|
||
<div class="container">
|
||
<div class="row">
|
||
<div class="col-lg-4">
|
||
<h4>Nihilism</h4>
|
||
<p>
|
||
Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
|
||
|
||
</p>
|
||
</div><!-- /col-lg-4 -->
|
||
|
||
<div class="col-lg-4">
|
||
<h4>My Links</h4>
|
||
<p>
|
||
|
||
<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FBD4qkVq8lJUgjHt0kUaxeQBYsKaxDejeecxm6-2vOwI%3D%40b6geeakpwskovltbesvy3b6ah3ewxfmnhnshojndmpp7wcv2df7bnead.onion%2FpyfV2wlxrcepw8g2OHINsMNuVmpsZsAo%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAgePBM9B_duSC7yFaBWI8Dp_jJO62NpTwJN2wsAXeQis%253D&data=%7B%22groupLinkId%22%3A%22rrxS6sZIQHHjO9RUJsjrVA%3D%3D%22%7D">SimpleX Chat</a><br/>
|
||
|
||
</p>
|
||
</div><!-- /col-lg-4 -->
|
||
|
||
<div class="col-lg-4">
|
||
<h4>About nihilist</h4>
|
||
<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
|
||
</div><!-- /col-lg-4 -->
|
||
|
||
</div>
|
||
|
||
</div>
|
||
</div>
|
||
|
||
|
||
<!-- Bootstrap core JavaScript
|
||
================================================== -->
|
||
<!-- Placed at the end of the document so the pages load faster -->
|
||
|
||
</body>
|
||
</html>
|