Skip to main content
 

Status update and Nextcloud as OpenId connect provider!

5 min read

It's been a while we didn't update you. The main reason is because we wanted our newsletter to work again before. But well, let's give a status without sending it by email :)

 

The user journey

I'd say our current main focus is to improve the user journey, when the user get to our website, is convinced, and sign up for a free account on our cloud.

But to understand all the little improvments we are working on, let me present you our stack for you to understand better where we are, what are our current pain points and the way we plan to address them.

Our stack

Our central piece is Nextcloud. We believe it is an amazing software, and are really happy of the late developements.

We make people register there with the application registration.

We manage their invoices with the amazing invoice ninja.

And then, we have a chat and a forum provided by the non less great Rocket.Chat and Discourse.

We also have email service, with dovecot/postfix. We also use vimbadmin as a web interface to let the user manage its emails.

Once people bought their service with us, they get an email, and we integrate Nextcloud with imap using the user_imap external user backend.

The challenges

conversion from free to paid user

The first challenge is to transform a free user into a paid one.

It means we have to transfer the user from the user table into the external_user table in Nextcloud. It also means that we create the user on the imap side, with the same username.

Historically, the username in imap is the email. And the registration app doesn't put restriction on user names.

Basically, it means that today, we need to make user recreate their account, and this is a bad experience, we understand that.

manage invoices

Another challenge for the new user is to view the invoices, and manage them easily.

manage emails

The way to manage the emails, aliases, and password is with vimbadmin, and it is also less than optimal.

single sign on

And finally, right now, the user has an account for each service, the email and the cloud share the same password, but for the rest, the user needs to create an account for each of them.

 

The solutions

The good news, is that there is no issues, just solutions to develop!

conversion from free to paid user

This is currently the main priority. First, in Nextcloud, you can login with either your username or email, and we want to have the same behaviour. With the user_imap user backend, it wasn't possible to login with your email. We did a pull request that was merged to allow just that!

On the imap side, we need to do some work to get the knowldge about the username of the user and also let him login with his username to our imap backend.

Once we have that, it will be easy to migrate a free user into a paid user with email! All we'll need to do, is to recreate the user account on our email database, and switch the user table in Nextcloud.

manage invoices

We also did a change to a Nextcloud application, called external_links, that allow to configure links from various places in your cloud instance to external resources of your choice.

The plan is to use the buy now button feature from invoice ninja.

We added the possibility to add the email and username in the link so that the user wil not have to enter it when buying.

We plan to add the invoice user id in the Nextcloud database, so then we can easily link to the invoice ninja dashboard and let the user have an overview of the current status of all the bills.

manage emails

We are working on an api, and a Nextcloud application that would allow people, from their cloud to manage their emails, aliases, and password, directly from the cloud.

We plan to also develop an app, to let other Nextcloud users to purchase our email service from their own Nextcloud instance, and configure it automatically!

single sign on

This is the part I'm most excited.

If you follow the development of Nextcloud like we do, you would have noticed this folder. And yeah, it looks like it makes Nextcloud an oauth provider. Which means that we could use Nextcloud as our identity provider. I tried during lot of weekend, until I found the solution! Following this thread, I did this pull request,

Here is my configuration to make discourse work against Nextcloud:

oauth2 client id and oauth2 client secret (from Nextcloud admin section)
oauth2 authorize url: https://cloud.indie.host/apps/oauth2/authorize
oauth2 token url: https://cloud.indie.host/apps/oauth2/api/v1/token
oauth2 user json url: https://cloud.indie.host/ocs/v2.php/cloud/user?format=json
oauth2 json user id path: ocs.data.id
oauth2 json username path: ocs.data.id
oauth2 json name path: ocs.data.display-name
oauth2 json email path: ocs.data.email

And then, you can log in to Discourse with Nextcloud \o/

For Rocket.Chat, it didn't work out of the box, I had to propose this change. The latest version should work too :)

 

As a conclusion, I'm rally happy to share this status and show you that the project is not stale. We have lots of idea for 2018, and we hope that you like what you see!

 

And you, what would you like IndieHosters to offer in 2018?

 

PS: we created two new categories in our forum:

https://forum.indie.host/c/bug

https://forum.indie.host/c/feature

We'll work more with them now!