Friday, 21 September 2018

Nextcloud on Crostini running in its own container



Nextcloud (a fork of Owncloud) provides file hosting on a private server and when running on Crostini provides a simple way of accessing Chrome OS files from different local devices.

It is simple to set up (example) and an advantage of Crostini in allowing multiple containers means you can run Nextcloud effectively in background while you explore and modify your default 'penguin' container.

Start by creating a new container based on the original penguin one. I already made a copy of 'penguin' and called it 'google' but you can take your existing container and add Nextcloud if you prefer.


In your VM or 'termina' enter:

  lxc copy google nextcloud # or lxc copy penguin nextcloud
  lxc start nextcloud
  lxc exec nextcloud -- bash

Then make sure everything is updated by entering:

  sudo apt update
  sudo apt upgrade

Nextcloud depends on an underlying LAMP server so first install Apache:

  sudo apt install apache2


Create the configuration file:

  sudo vi /etc/apache2/sites-available/nextcloud.conf


and add the following text:

Alias /nextcloud "/var/www/nextcloud/"

<Directory /var/www/nextcloud/>
  Options +FollowSymlinks
  AllowOverride All

 <IfModule mod_dav.c>
  Dav off
 </IfModule>

 SetEnv HOME /var/www/nextcloud
 SetEnv HTTP_HOME /var/www/nextcloud

</Directory>

Next create a symolic link to the file:

  sudo ln -s /etc/apache2/sites-available/nextcloud.conf 
    /etc/apache2/sites-enabled/nextcloud.conf

and enable the following modules by entering:

  sudo a2enmod rewrite
  sudo a2enmod headers

Finally restart Apache:

  sudo systemctl restart apache2



Secondly install MariaDB:

  sudo apt install mariadb-server


Create a database administrator account first by entering:

  sudo mariadb

and then:

  create user dba@localhost identified by 'password';
  grant all privileges on *.* to dba@localhost with grant option;
  flush privileges;
  exit


Thirdly install PHP:

  sudo apt install libapache2-mod-php7.0 php7.0-gd php7.0-json php7.0-mysql php7.0-curl php7.0-mbstring php7.0-intl php-imagick php7.0-xml php7.0-zip php7.0-mcrypt # on Debian stretch

or (if your container is Ubuntu 18.04):

  sudo apt install libapache2-mod-php7.2 php7.2-gd php7.2-json php7.2-mysql php7.2-curl php7.2-mbstring php7.2-intl php-imagick php7.2-xml php7.2-zip # on Ubuntu 18.04



Finally install Nextcloud:

  cd /var/www
  sudo apt install wget # only on Debian stretch
  sudo wget https://download.nextcloud.com/server/releases/nextcloud-14.0.0.zip
  sudo unzip nextcloud-14.0.0.zip
  sudo rm nextcloud-14.0.0.zip
  sudo chown -R www-data:www-data nextcloud


Make a note of the container's IP address:

hostname -I

and configure a port forwarding rule using the 'Connection Forwarder' app:
 
  0.0.0.0:8123 -> 100.115.92.206:80


Now open a Chrome window with:

  http://localhost:8123/nextcloud



and enter your details:


and Nextcloud will start:



Finally to be able to access your Nextcloud container from other devices on your LAN enter:

sudo vi /var/www/nextcloud/config/config.php

and change 'trusted_domains' by removing the port number and adding a line for your Chrome device's IP address:

'trusted_domains' =>
  array (
   0 => 'localhost',
   1 => '10.88.88.123',
),



You also need to prevent your Chrome device from sleeping so under Chrome's 'Settings' then 'Power' select 'Keep display on'.

Now you can add files from Chrome OS:


and access them over the LAN from another device:



Please donate if you find this guide useful using the following link http://goo.gl/nXWSGf.

Tuesday, 18 September 2018

External access to Crostini VM e.g. for backups or data transfer


This post shows how to set up Samba access to part of the VM filesystem used by Crostini. In an earlier post on backups & restores I explained how to export a backup as a tarfile:


and this post shows how the exported tarfile can be easily moved to another machine for safekeeping.

First, with your default 'penguin' container started, add the '$LXD_CONF' directory as a disk in your container by entering the following command the VM or 'termina':


    chmod o+w $LXD_CONF
    lxc config device add penguin sambashare disk source=$LXD_CONF
        path=/home/linuxiumcomau/sambashare

(note that the 'chmod' command is only necessary if you wish to write to the VM directory)

This will make '$LXD_CONF' accessible under your Linux files:


Next install the Samba package in your container 'penguin':


    sudo apt install samba

and then configure the share drive:

    sudo smbpasswd -a linuxiumcomau
    sudo vi /etc/samba/smb.conf

by adding:


    [sambashare]
       comment = Samba Share
       path = /home/linuxiumcomau/sambashare
       valid users = linuxiumcomau
       browseable = yes
       read only = no

and then restart the Samba service:


    sudo service smbd restart

and make a note of the container's IP address using 'hostname -I'.

You can optionally test that Samba is working by connecting as a Network File share:


Finally you need to add a forwarding rule to be able to access the Samba file share from an external machine on the same LAN as you Chrome device:


On your external machine you can now connect using 'Files' where you include the redirected port number with the IP address of your Chrome device:


or you can mount as a CIFS drive:


after which you can treat as part of your file system. For example in this scenario I took two screen shots on the external machine and then saved them on the '$LXD_CONF' drive and accessed them from Crostini:



Additionally I copied the 'eskimo.tar.gz' tarball to a local directory thus creating a external backup of my Crostini container.

Once finished simply un-mount as appropriate any instances of the Samba drive and remove it from the container by entering the following commands in your VM or 'termina':

    lxc config device remove penguin sambashare
    chmod o-w $LXD_CONF

(with the 'chmod' command only being necessary if you initially changed the permissions).

Please donate if you find this guide useful using the following link http://goo.gl/nXWSGf.

Tuesday, 4 September 2018

Introduction to Crostini - Part 5: Backup and Restore

For the purposes of backup and restore there are conceptually five mutable artefacts: your Google account, the operating system (OS), the VM (termina), your container (penguin) and your local data. Being a device whose design in centred around the web the emphasis is to store data in the cloud (i.e. your Google Drive) with which your Google account is intrinsically linked through synchronization. Whilst some data is automatically backed up and restored through being online, granularity and control over what gets synced is also possible:


You can save and sync things like your history, bookmarks, and passwords to your Google account. That way you'll always have them on any Chromebook/Chromebox and in Google Chrome on other devices where you're signed in. Further information can be found in https://support.google.com/chromebook/answer/2914794


Also by default your account syncs the Android apps as explained under "Back up and sync your apps" (see https://support.google.com/chromebook/answer/7021273) unless your sync settings of "Sync everything" or Apps syncing is turned off. However as highlighted in "Back up or restore data on your Android device" (see https://support.google.com/nexus/answer/2819582) not all Android apps can back up or restore all settings and data and you may need to find out more about an individual Android app specifics by contacting its developer.

As Chrome OS backups your Google account to the cloud (in an un-metered area of your Google Drive) a restore is effected every time you log into a device. If it is a new device your Google account information is synced such that it is the same as on other devices or if it is the same device, prior to initiating any recovery as next described.

Chrome OS provides three options for its recovery:



Your Chrome profile basic settings will be changed to the default. This means any customisation you have made to your device with be removed including your homepage, themes etc. together with disabling any extensions you have installed. You can continue using your device with your previously configured Google account and this is a useful recovery option if apps or extensions you installed changed your settings without your knowledge.



A factory reset erases all the information on your device's hard drive including any user accounts and all the local files and makes your device start like new again. This option is called the 'Powerwash'.



When your device's operating system isn’t working properly you can recover it. Recovery is removing everything and reinstalling the OS from scratch. It involves downloading a copy of the Chrome OS suitable for your device using the Chromebook Recovery Utility (see https://chrome.google.com/webstore/detail/chromebook-recovery-utili/jndclpdbaamdhonoechobihbbiimdgai) which is stored on external media and then uses recovery mode on your device to reinstall the OS resulting in your device being like new.

Local data (see below) will need to be recovered from its backup location of either your Google Drive or from external media.

Linux (Crostini) Backup and Restore

Currently VMs/containers/data are not synced or backed up. You are responsible for any data going into the containers (see https://chromium.googlesource.com/chromiumos/docs/+/master/containers_and_vms.md#are-my-vms_containers_data-synced_backed-up).

VM

If you want to back up an individual container you can use the standard LXC commands which is the preferred method for saving the state of Crostini. The 'vmc export' command can be used to export an entire VM manually. It will dump the 'qcow2' disk image to the Downloads folder by default. However there isn't yet a way to import a VM so a backup is only useful for diagnostics (see https://chromium.googlesource.com/chromiumos/docs/+/master/containers_and_vms.md#how-can-i-backup-a-vm).


Container

At this stage in the development of Project Crostini there are two ways to backup and restore a container using LXC commands: snapshots and images.

Backup using snapshots


You can create a backup or snapshot of a container from within the VM using the command:
lxc snapshot penguin igloo

Restore using snapshots

To restore the container from a previously taken snapshot simply enter:
lxc restore penguin igloo

Alternatively you can replace the container with an earlier snapshot of it. First stop and rename the container:

    lxc stop --force penguin
    lxc rename penguin​ ​​oldpenguin


then create the replacement container:
lxc copy​ ​​oldpenguin/igloo penguin
and optionally delete the original container:
lxc delete​ ​​old​penguin
Another way of backup and restore is by using images. If you want an external copy of the snapshot backup then you can publish the snapshot as an image:
lxc publish penguin/igloo --alias eskimo
Backup using images


To backup a container using images first it is best to stop the container to create a static backup:
lxc stop --force penguin
then publish container as an image:
lxc publish penguin --alias eskimo

To make an external backup first export image as a tarball file:
lxc image export eskimo $LXD_CONF/eskimo
and optionally to save space:
lxc image delete eskimo
and then restart the container:
lxc start penguin

Now import the tarball file back into the container ready for copying as a Linux File (see below):

    ​chmod o+w $LXD_CONF​
    lxc config device add penguin lxd​_​conf disk source=$LXD_CONF path=/mnt/lxd_conf
    lxc exec penguin -- mv /mnt/lxd_conf/eskimo.tar.gz /home/linuxiumcomau/
    c​hmod o-w ​$LXD_CONF​
    l​xc config device remove penguin lxd_conf
    lxc exec penguin -- rmdir /mnt/lxd_conf​


or if the tarball file is less that the size allocated to /tmp​ ​​then it is also possible to use the following command instead:
lxc file push $LXD_CONF/eskimo.tar.gz penguin/home/linuxiumcomau/
​together with optionally ​saving space:
rm $LXD_CONF/backup.tar.gz

You can then copy the tarball to external media using the 'Files' app.

Restore using images


To restore an externally prepared tarball backup first load the tarball into the VM. Again if it is small enough simply copy the file into the container using the Files app and then:
lxc file pull penguin/home/linuxiumcomau/eskimo.tar.gz $LXD_CONF
otherwise:

​    chmod o+w $LXD_CONF​
    lxc config device add penguin lxd​_​conf disk source=$LXD_CONF path=/mnt/lxd_conf
    lxc penguin exec -- mv /home/linuxiumcomau/eskimo.tar.gz /mnt/lxd_conf/
​    chmod o​-​w $LXD_CONF


Next import the tarball file as an image:
lxc image import $LXD_CONF/eskimo.tar.gz --alias eskimo

Finally recreate the container based on the backup image:

    lxc stop --force penguin
    lxc rename penguin​ ​​oldpenguin
    lxc launch eskimo penguin

and optionally delete the image and the old container:

    lxc image delete eskimo
    lxc delete​ ​​oldpenguin

Local Data


Aligned with storing data in the cloud the 'Downloads' folder is intended only as a temporary resource for (as the name suggests) downloaded data. You can upload files and folders to Google Drive (see https://support.google.com/drive/answer/2424368) and files can also be saved and recovered to/from external media  (see https://support.google.com/chromebook/answer/1700055#save).

Android app data can also be stored in the cloud. Specifically you can save a file to Google Drive from the 'Play Files' folder using the 'Files' app or save to external media. You cab also access Android app data from 'Storage' and 'Explore' from 'Manage Android preferences'.




The 'Linux Files' folder shows your home directory in your 'penguin' container (i.e. the contents of '/home/linuxiumcomau'). Again you can backup or save a file to Google Drive from the 'Linux Files' folder using the 'Files' app or backup/save to external media. As a reminder this local data is not synced or backed up automatically and you are responsible for any data going into the container so regular container snapshots are recommended as a minimum.

Please donate if you find this guide useful using the following link http://goo.gl/nXWSGf.