AppSuite:OX Drive

From Open-Xchange
Revision as of 12:43, 12 September 2024 by Khgras (talk | contribs) (→‎Debian GNU/Linux 11.0)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Source of http://oxpedia.org/wiki/index.php?title=AppSuite:OX_Drive


OX Drive

In OX App Suite, Open-Xchange provides a cloud storage called OX Drive. It provides file- and folder synchronization across multiple devices in the simplest way for the end user, fully optimized for each device type. This article explains how to set up the server-side components for OX Drive, as well as details about the app setup.

Key features

  • Native Apps for Windows, macOS, iOS and Android
  • Easy and attractive upsell properties (e.g. Upsell based on Quota limitations)
  • Apps are specially designed for the devices they run on taking into account limitations such as battery life, screen limitations, bandwidth etc.
  • Controlled synchronization of files across devices
  • Storage management (e.g. quota control, upload limits)
  • Connection type recognition and adaptation (e.g. Wi-Fi, cell network)

Availability

OX Drive is a combination of two components:

  • OX Drive in OX App Suite
  • OX Drive Apps (optional native apps for synchronization)

OX Drive is available as native app for the following operating systems:

  • OX Drive for Windows (supported with OX App Suite v7.10.5, OX App Suite v7.10.6)
  • OX Drive for macOS (supported with OX App Suite v7.10.5, OX App Suite v7.10.6)
  • OX Drive for iOS (supported with OX App Suite v7.10.6)
  • OX Drive for Android (supported with OX App Suite v7.10.5, OX App Suite v7.10.6)

Requirements

You will find the requirements under OX Drive App and Platform Requirements

Server-side Installation and Configuration

This chapter describes how the backend components of OX Drive are installed and configured on the server.

Prerequisites

  • Open-Xchange Server v7.10.5 and above (open-xchange-core)
  • Grizzly HTTP connector (open-xchange-grizzly), see AppSuite:Grizzly for details, with Comet support enabled in grizzly.properties
  • Valid Push-Certificates / API keys for cloud-based notifications, see configuration below
  • Enabled Hazelcast for inter-OX-communication, see AppSuite:Running_a_cluster for details

Available packages

Open-Xchange Drive is available with the following backend packages:

  • open-xchange-drive - The main server components for OX Drive
  • open-xchange-drive-comet - Provides the Push interface via long-polling for the desktop apps
  • open-xchange-drive-help-* - Online help in various languages for the OX Drive applications (these were called open-xchange-appsuite-help-drive-* in versions earlier than Open-Xchange Server v7.6.2)
  • open-xchange-drive-restricted - Restricted components, including prerequisites for cloud-based push notifications

Installation on the server varies depending on the underlying distribution, details are available in the following chapters.

OX Drive for Windows

Additionally OX Drive for Windows can be provided to users by installing additional packages.

OX Drive for Windows is able to update itself and can be downloaded from the Web UI directly via the App Onboarding Wizard. Therefore the wizard must be installed and configured for OX Drive users. Besides the client onboarding feature you need the following packages:

  • open-xchange-drive-client-windows - The main server component to provide the app
  • open-xchange-drive-client-windows-generic - The package providing the final binary files to be installed on users machines.

To make the app download available via the app onboarding wizard, you need to enable the according scenario. Edit /opt/open-xchange/etc/client-onboarding-scenarios.yml and get to the drivewindowsclientinstall section, where you have to set the enabled property to true.

Drive Update Info
Custom branded apps

OX Drive for Windows can be purchased with a custom theming. In such cases, the according binary files need to be installed on the middleware servers. Instead of the open-xchange-drive-client-windows-generic package, a package containing the branded binaries will be provided as open-xchange-drive-client-windows-<brand-name> and needs to be installed. You MUST then set the property com.openexchange.drive.update.branding in /opt/open-xchange/etc/drive-client-windows.properties to <brand-name> accordingly.

It is also possible to provide multiple brands of the app via the same OX App Suite deployment, multiple open-xchange-drive-client-windows-<brand-name> packages can be installed in parallel. Which brand is available for a certain user is determined by the com.openexchange.drive.update.branding property, which can be overwritten via Config Cascade therefore.

App brands can be managed via command line tools. The tool /opt/open-xchange/sbin/listdriveclients lists all installed brands. After updating a certain brand by installing a newer package version or installing an additional one, no server restart is necessary. Instead /opt/open-xchange/sbin/reloaddriveclients can be executed to refresh the internal server state.


Redhat Enterprise Linux 7 or CentOS 7

If not already done, add the following repositories to your Open-Xchange yum configuration:

 [open-xchange-backend]
name=Open-Xchange-backend
baseurl=https://software.open-xchange.com/products/appsuite/stable/backend/RHEL7/
gpgkey=https://software.open-xchange.com/oxbuildkey.pub
enabled=1
gpgcheck=1
metadata_expire=0m

[open-xchange-drive-help] name=Open-Xchange-drive-help baseurl=https://software.open-xchange.com/products/drive/stable/drive-help/RHEL7/ gpgkey=https://software.open-xchange.com/oxbuildkey.pub enabled=1 gpgcheck=1 metadata_expire=0m
[open-xchange-drive-help-updates] name=Open-Xchange-drive-help-updates baseurl=https://LDBUSER:LDBPASSWORD@software.open-xchange.com/products/drive/stable/drive-help/updates/RHEL7/ gpgkey=https://software.open-xchange.com/oxbuildkey.pub enabled=1 gpgcheck=1 metadata_expire=0m
[open-xchange-drive-client-windows] name=Open-Xchange-drive-client-windows baseurl=https://LDBUSER:LDBPASSWORD@software.open-xchange.com/products/drive/stable/drive-client-windows/RHEL7/ gpgkey=https://software.open-xchange.com/oxbuildkey.pub enabled=1 gpgcheck=1 metadata_expire=0m
[open-xchange-drive] name=Open-Xchange-drive baseurl=https://LDBUSER:LDBPASSWORD@software.open-xchange.com/products/appsuite/stable/drive/RHEL7/ gpgkey=https://software.open-xchange.com/oxbuildkey.pub enabled=1 gpgcheck=1 metadata_expire=0m

and run

$ yum update
$ yum install open-xchange-drive open-xchange-drive-comet open-xchange-drive-restricted open-xchange-drive-client-windows

Redhat Enterprise Linux 8

If not already done, add the following repositories to your Open-Xchange dnf configuration:

 [open-xchange-backend]
name=Open-Xchange-backend
baseurl=https://software.open-xchange.com/products/appsuite/stable/backend/RHEL8/
gpgkey=https://software.open-xchange.com/oxbuildkey.pub
enabled=1
gpgcheck=1
metadata_expire=0m

[open-xchange-drive-help] name=Open-Xchange-drive-help baseurl=https://software.open-xchange.com/products/drive/stable/drive-help/RHEL8/ gpgkey=https://software.open-xchange.com/oxbuildkey.pub enabled=1 gpgcheck=1 metadata_expire=0m
[open-xchange-drive-help-updates] name=Open-Xchange-drive-help-updates baseurl=https://LDBUSER:LDBPASSWORD@software.open-xchange.com/products/drive/stable/drive-help/updates/RHEL8/ gpgkey=https://software.open-xchange.com/oxbuildkey.pub enabled=1 gpgcheck=1 metadata_expire=0m
[open-xchange-drive-client-windows] name=Open-Xchange-drive-client-windows baseurl=https://LDBUSER:LDBPASSWORD@software.open-xchange.com/products/drive/stable/drive-client-windows/RHEL8/ gpgkey=https://software.open-xchange.com/oxbuildkey.pub enabled=1 gpgcheck=1 metadata_expire=0m
[open-xchange-drive] name=Open-Xchange-drive baseurl=https://LDBUSER:LDBPASSWORD@software.open-xchange.com/products/appsuite/stable/drive/RHEL8/ gpgkey=https://software.open-xchange.com/oxbuildkey.pub enabled=1 gpgcheck=1 metadata_expire=0m

and run

$ dnf update
$ dnf install open-xchange-drive open-xchange-drive-comet open-xchange-drive-restricted open-xchange-drive-client-windows


Debian GNU/Linux 11.0

If not already done, add the following repositories to your Open-Xchange apt configuration:

deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBullseye /
deb https://software.open-xchange.com/products/drive/stable/drive-help/DebianBullseye /
deb https://LDBUSER:LDBPASSWORD@software.open-xchange.com/products/drive/stable/drive-help/updates/DebianBullseye /
deb https://LDBUSER:LDBPASSWORD@software.open-xchange.com/products/drive/stable/drive-client-windows/DebianBullseye /
deb https://LDBUSER:LDBPASSWORD@software.open-xchange.com/products/appsuite/stable/drive/DebianBullseye /

and run

$ apt-get update
$ apt-get install open-xchange-drive open-xchange-drive-comet open-xchange-drive-restricted open-xchange-drive-client-windows


Debian GNU/Linux 12.0

If not already done, add the following repositories to your Open-Xchange apt configuration:

deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBookworm /
deb https://software.open-xchange.com/products/drive/stable/drive-help/DebianBookworm /
deb https://LDBUSER:LDBPASSWORD@software.open-xchange.com/products/drive/stable/drive-help/updates/DebianBookworm /
deb https://LDBUSER:LDBPASSWORD@software.open-xchange.com/products/drive/stable/drive-client-windows/DebianBookworm /
deb https://LDBUSER:LDBPASSWORD@software.open-xchange.com/products/appsuite/stable/drive/DebianBookworm /

and run

$ apt-get update
$ apt-get install open-xchange-drive open-xchange-drive-comet open-xchange-drive-restricted open-xchange-drive-client-windows

OX Server Edition / App Suite for UCS

If you have purchased the OX Server Edition / App Suite for UCS, the OX Drive is part of the offering and after the installation/update available. The necessary package for push, is available with a valid license and can be installed via the Univention App Center.

  • The new license is already registered at the LDB after purchase.
  • Log on at the Univention Management Console (UMC)
  • Make sure, that the correct LDB account has been selected in the UMC module "OX License Management"
  • Click on "App Center" at the UMC und switch to the tab "Repository Settings"
  • Within the component list, select "Open-Xchange Drive" and press the "Install" button

Configuration

The following gives an overview about the most important settings to enable file synchronization via OX Drive, especially when it comes to real-time Push notifications for the apps.

All settings regarding the OX Drive backend component are located in the configuration file drive.properties. The default configuration should be sufficient for a basic "up-and-running" setup (with the exception of defining the Push certificates and API keys for cloud-based app notifications, see next chapters). Please refer to the inline documentation of the configuration file for more advanced options.

Most properties located in configuration file drive.properties are now config-cascade aware. Therefore all settings can be set per user, per contextSet or per context. If there is no configuration per user, per contextSet or per context, the configuration in drive.properties will still be used as server-wide fallback.

When installing from scratch, the configuration file drive.properties is no longer shipped, as the default values are used. For more details, find an overview of configurable settings here.

If no Push certificates and API keys are defined but cloud-based app notifications are enabled, the Push certificates and API keys from package open-xchange-drive-restricted are used as fallback, if this package is installed.

Push via Firebase Cloud Messaging (FCM)

The OX Drive application for Android devices is able to receive Push notifications from the Open-Xchange Server via Firebase Cloud Messaging (FCM). To issue those Push messages, the backend needs to be provided with a suitable API key file for the corresponding Android app application. The API key file is included in the restricted components installation package open-xchange-drive-restricted for the "vanilla" Android app. Alternatively, the key can be specified directly in the drive.properties configuration file:

# Specifies the API key file of the server application. Required if 
# "com.openexchange.drive.events.fcm.enabled" is "true" and the package 
# containing the restricted drive components is not installed.
com.openexchange.drive.events.fcm.keyPath=/absolute/path/json/file.json

Push via FCM can be enabled via:

# Enables or disables push event notifications to apps using the Google
# Firebase Cloud Messaging (FCM) service. This requires a valid configuration for the 
# FCM API key file, see above. Defaults to "false". 
com.openexchange.drive.events.fcm.enabled=true

Please note that push via FCM needs to be enabled explicitly - also if open-xchange-drive-restricted is installed.

Push via Apple Push Notification service (APNs)

The OX Drive application for iOS and macOS devices is able to receive Push notifications from the Open-Xchange Server via Apple Push Notification service (APNs). To issue those Push messages, the backend needs to be provided with a suitable keystore container file (PKCS #12) containing the APNs certificate and keys. Note that the macOS desktop app and the iOS mobile app are served separately with different certificates, so that both needs to be configured independently. The required certificates are already included in the restricted components installation package open-xchange-drive-restricted for the "vanilla" iOS and macOS applications. Therefore no additional configuration is needed. Alternatively, an external certificate can be specified directly in the drive.properties configuration file (the following only shows the setup for iOS). First, the path to the PKCS #12 container file needs to be specified at:

# Specifies the path to the local keystore file (PKCS #12) containing the APNS 
# certificate and keys for the iOS application, e.g. 
# "/opt/open-xchange/etc/drive-apns.p12". Required if 
# "com.openexchange.drive.events.apn.enabled" is "true" and the package 
# containing the restricted drive components is not installed.
com.openexchange.drive.events.apn.ios.keystore=

This file is opened by the backend using the password as supplied via:

# Specifies the password used when creating the referenced keystore containing
# the certificate of the iOS application. Note that blank or null passwords 
# are in violation of the PKCS #12 specifications. Required if 
# "com.openexchange.drive.events.apn.enabled" is "true" and the package 
# containing the restricted drive components is not installed.
com.openexchange.drive.events.apn.ios.password=

Configuration also allows to switch between development and production environments, however, this setting should be true normally:

# Indicates which APNS service is used when sending push notifications to iOS
# devices. A value of "true" will use the production service, a value of 
# "false" the sandbox service. Defaults to "true".
com.openexchange.drive.events.apn.ios.production=true

The OX backend contacts the APNs servers from time to time to get informed about apps no longer reachable apps where the applications was uninstalled. The interval can be defined with the following setting:

# Configures the interval between queries to the APN feedback service for the
# subscribed iOS devices. The value can be defined using units of measurement: 
# "D" (=days), "W" (=weeks) and "H" (=hours). Defaults to "1D" (one day). 
# Leaving this parameter empty disables the feedback queries on this node. 
# Since each received feedback is processed cluster-wide, only one node in the 
# cluster should be enabled here. 
com.openexchange.drive.events.apn.ios.feedbackQueryInterval=1D

Please note that if you have multiple backend nodes in the cluster, it's recommended that only one node is configured to contact the feedback query service. Finally, Push notifications via APN for iOS can be enabled via:

# Enables or disables push event notifications to apps using the Apple Push
# Notification service (APNS) for macOS devices. This requires a valid 
# configuration for the APNS certificate and keys, see either options below, 
# or install the restricted components packages for drive. Defaults to 
# "false". 
com.openexchange.drive.events.apn.ios.enabled=false

As stated above, configuration for Push notifications via APN for the macOS desktop application is configured similarly, the relevant options are prefixed with com.openexchange.drive.events.apn.macos. Please also note that push via APNS needs to be enabled explicitly - also if open-xchange-drive-restricted is installed.

Further Configuration

  • The backend component of OX Drive supplies the apps with various hyperlinks, e.g. deep-links to files and folders in the groupware webinterface or an URL to the online help. In order to point to the suitable web interface, please ensure that the correct UI web path is configured via com.openexchange.UIWebPath located in server.properties.
  • As already mentioned above, the backend relies on the Comet component of the Grizzly http connector for sending push notifications to the desktop apps. Therefore, com.openexchange.http.grizzly.hasCometEnabled needs to be set to true in grizzly.properties.

Enabling OX Drive for Users

OX Drive is enabled for all users that have the capability com.openexchange.capability.drive. Please note that users need to have the infostore permission set to use drive. So the users that have drive enabled must be a subset of those users with infostore permission. Since 7.6.0 we enforce this via the default configuration. You can also enable this cabaility globally with the following setting in the drive.properties configuration file:

# Enables or disables the "drive" module capability globally. The capability
# can also be set more fine-grained via config cascade. Per default it is only
# enabled for users that have the "infostore" permission set. This is configured
# in /opt/open-xchange/etc/contextSets/drive.yml.
com.openexchange.capability.drive=false

More details about capabilities can be found at AppSuite:Capabilities. Furthermore, this capability can be defined in a more granular way using the Config Cascade as described at ConfigCascade.

Installation of the Apps

Installation of macOS Desktop App

The OX Drive for macOS is provided via the Mac App Store:

Enabling the Finder Extension on macOS

In order to be able to open or share documents in the App Suite from Finder you need to enable the Drive Finder Extension.

How to enable the Drive Finder Extension on macOS:

  1. Open the System Preferences.
  2. In the System Preferences window select Extensions.
  3. In the Extensions window select Finder.
  4. Enable Drive Finder Extension.

Installation of Windows Desktop App

If the necessary packages are installed (See OX Drive for Windows), users can download the app from within the App Suite via "Settings > Connect my Device".

Installation of Android and iOS Apps

The OX Drive app is available via the different App Stores:

App Configuration and Deployment

The user needs to enter the App Suite server URL and provide his username and password to log in. More help is available in the online documentation which is accessible from within the apps.

After the initial synchronization is completed, all subsequent changes are synchronized instantly across all devices.

Note: Version v7.10.3 of the OX App Suite introduced optional multifactor authentication, see https://documentation.open-xchange.com/7.10.3/middleware/security_and_encryption/multifactor_authentication.html.

Not all OX Drive apps support this yet.

To connect to a server that has multi-factor authentication (MFA) activated with an app that does not support MFA, you can switch on app-specific passwords, see https://documentation.open-xchange.com/7.10.5/middleware/login_and_sessions/application_passwords.html. Users then need to define this password in App Suite under "Settings > Security > Application Passwords" and use it when signing in.