Improving NextCloud experience on the Omnia
The NextCloud version that is installed on a fresh install is quite outdated - 18.04. Even with the v18 series, it's not the latest. This is two major versions behind; and the v18 series has also seen its last release last month. Since the NC install does not get any patch updates or security updates on TurrisOS, it goes against the philosophy of being a security-focused router.
I'd like to start a discussion to fix the situation, and also help improving it.
Here are the problems with the current setup:
a. TurrisOS updates (important, security updates for the core router functionality) should not interfere with NC updates. With the current setup, if an NC update was to be pushed, it'll have to compete with these core updates. How does one distinguish between an NC update, that does not need a reboot, vs an OS update, that does? What is a regular cadence for NC updates vs OS updates?
b. NC updates landing via OS package updates need to ensure to put the NC in maintenance mode before installing the package, otherwise there's risk of DB corruption. Currently, this is not taken care of.
c. NC updates may take a long time to activate due to DB upgrades. That is not desirable to happen asynchronously, without admin involvement. OS updates, on the other hand, are important to be pushed to routers, so that they are rebooted into the most secure state as soon as possible.
Suggestions to improve on the situation:
NextCloud should get its own opkg feed repository. It's currently packaged as part of the
turrispackagesrepo; we should move to a separate
nextcloudrepo. Separating out the NC feeds into one, possibly multiple, helps us manage the upgrades from v18 -> v20 series.
OS updates and NC updates will not be tied together with this change in point 1. When the OS updates are being installed, the NC repository can be masked, so that NC updates are installed and checked for after OS updates are installed.
A separate configurations page in the ReForis UI for NC maintenance. This will include options to put NC in maint mode; upgrade NC
Optionally, take a snapshot of the /srv subvolume so that "bad" NC updates can be rolled back as well.
[Not sure completely of this point] Does NC have to be put in maintenance mode before reboot or update activities? To ensure consistency of data, that the sequence of events is: NC in maint mode -> mysql service stopped -> reboot. On the next bootup, NC will be put out of maint mode after /srv is mounted and after mysql has restarted.
I've previously suggested in https://forum.turris.cz/t/nextcloud-data-consistency-issues-and-suggested-workarounds/14835 to offer NC as an LXC image instead; but I think offering it in a separate feed/repo makes more sense.
I'd first like to discuss the problem and the solutions here; but it's clear we need to improve the situation w.r.t. NextCloud on TurrisOS.