So when are they going to support a stable signed repository for either CentOS, Debian, or Ubuntu Server?

That is a really critical feature that they are missing. Stable meaning every major version gets a new repo, and only bump minor vers with bug fixes.

Yes, I know its work, but its a critical feature. Its sorely missing. You cannot start an infrastructure project and not care about infrastructure.

At very least start a PPA on launchpad.

webdevelopers webdevelopers webdevelopers webdevelopers webdevelopers webdevelopers webdevelopers webdevelopers webdevelopers webdevelopers webdevelopers

They won't as far as I know. And that's intentional, because of packaging issues and out of date versions from distros causing security issues etc.

It might be convenient, but also they realise this and provide the internal updater (web and command line based solutions) along with instructions. Not sure about the signing you're after. Seeing as their focus is on security, it likely would be there

I agree with their stance personally, and have had no major issues to updating on a Mint system even (which was surprising as it's desktop orientated). I would prefer they continued focussing on their core product and left admins and engineers to sort out their own systems.

@stiixy I wonder how Apache, PostgreSQL, MySQL, ngynx and so many other vastly used software were included in the repositories without it degrading their security due to out of date packages.

It is quite the opposite, the package manager is critical in keeping software updated and patched when new vulnerabilities are found.

But, even if what you said was true, why then don't they make a snap or a flatpack bundling all the software they need? Although it then would be up to them to provide updates to all the many bits and pieces their software depends on, which is not a trivial task.

It's their decision mate. Best go check out their reasoning. THEY themselves didnt want to handle it at least, or that was the last impression I got.

I'm not qualified in the slighest to discuss NextClouds packaging position (quite possibly some distros do package it), especially considering that was information from a year ago so it may well have changed, although judging by your request, it seemingly hasn't.

I have noticed for the longest time, quite a few web apps don't use packaging and you have to manually download and create the environment. They're a different beast to binaries, despite the fact the likes of PTS and webmin can be packaged, but still tarred for download. Which is for whatever reason, how I manage my own webapps.

I can't find the actual article that gives reasoning why, but that's both a package, and a snap at that.

You are mixing up why distro maintainers dropped them with their reasoning for not giving a fuck.

The main reason they don't package stuff is because they follow the typical webdeveloper release model of "there is only ONE version that gets both features and bug fixes, because fuck security and stability, newer is always better".

see here https://nextcloud.com/changelog/ Each major version lasts like a month.

So you can't package it in distros because it is too fast for the maintainers to review and keep track of it.

You are mixing up people wanting security with people wanting convenience. Updating a site isn't hard.
rm *stuff*, wget *stuff*, restart server application.

Mint is using LTS Ubuntu wich also contains the same packages used on Ubutu Server so I don't see how you can be surprised. It's a goddamn website after all. Install php/webserver/stuff at higher than min version and it runs fine.

Not the point of the complaint above. It's not hard to set up, it's just that peopl might like some kind of "stable" release that can go in distros.

Wow, so you can use their own webserver/php/stuff that may or may not get updates unlike your distro's.

And that's just to avoid like 10 minutes to set up a manual install that isn't even hard if you are a linux user. https://docs.nextcloud.com/server/11...tallation.html

I value my security highly.

1. letting a php web script update itself. No, no, no, no no, Nyet, Nine, No. At the same time, I need a release channel that security issues and other bugs. Write or Execute security. The package manager copies files, linux package management does this flawlessly.

2. point releases and stable releases. For people who actually install software on infrastructure, this is how it works in the real world. I don't need the latest features, I need to ensure my data will not be corrupted, and all applications work the same from the time I install the machine, until the time I decommission the machine. Upgrading is no small event, where I commission a new box, test it, verify it, migrate data over, verify the functionality with new data, then migrate the new machine, wait a week or so, then securely wipe and decommission the old machine, after it is verified to no longer be needed.

That is how production works. I trust owncloud with important personal data. more than new wizbang features it needs to fit in a production lifecycle. If it does not, than its nothing more than a novelty.

Mate, I'm not justifying NextClouds stance. I was merely relaying information I read from a year ago, and in a para-quasi state at that. I didn't think I could put more anecdotal evidence had I stamped it on my forehead, or at least I thought so. Also, not going to address your points, as they're moot. They're not even close to adressing the situations I was using them in (testing...)

Just go ask your question (you too, GI_Jack) about this very situation on their fora and feel free to relay any information back here for posterities sake. I'm not the man you want to be dissecting over a simple issue that I have no involvement or relevancy with.

Also, NextCloud is Great NextCloud is Good =D Pity there's no multi-server file-sharing a la torrent, but better like DC yet....looking to get funding to sponsor that feature.