Menu
Cart 0

Harp Nextcloud May 2026

Any user can request a proof that a current file version is the result of a legitimate sequence of operations. The server returns the hash chain segment and a signed timestamp from a threshold of other nodes (in federated mode). This enables proof of integrity without a blockchain.

Nextcloud is brilliant for storage and management. You get CalDAV, CardDAV, rich editing, and app ecosystems. However, default file access relies on the traditional WebDAV protocol. When you download a 50GB video file from your Nextcloud instance:

If the server is underpowered or far away, this fails. Harp bypasses the server entirely.

  • Build then deploy to Nextcloud webroot:
  • CI/CD with Nextcloud as artifact storage:
  • Using Nextcloud as content source:

    • A team of 10 editors in different countries. The raw footage (500GB) is stored in a Nextcloud folder. Normally, one editor uploads (takes 2 hours), the server streams to 9 others (crashing the server). With Harp: Editor A uploads. Editor B downloads from Editor A. Editor C downloads from A and B simultaneously. The server does nothing. Speed increases with every new peer.

    A common concern: "Does P2P bypass Nextcloud’s permissions?"

    No. The Harp integration respects Nextcloud’s ACL (Access Control Lists). harp nextcloud

    Furthermore, because Harp uses end-to-end encryption (E2EE), even the signaling server (which you host) cannot read the file chunks.

    Nextcloud is built on PHP and a modular architecture, but its technical stack is less interesting than its philosophical stack. The platform is a "Fork"—a term derived from the open-source movement where developers take existing code and take it in a new direction. Nextcloud was forked from ownCloud in 2016 by Frank Karlitsch

    This paper outlines the role and architecture of HaRP (High-performance AppAPI Reverse Proxy) within the Nextcloud ecosystem, particularly its necessity for Nextcloud 32+ and its support for WebSockets in External Apps (ExApps). HaRP: The High-Performance Gateway for Nextcloud ExApps

    Modern cloud collaboration platforms are increasingly moving toward microservices to handle resource-intensive tasks like AI and real-time document editing. Nextcloud’s AppAPI framework allows developers to build "External Apps" (ExApps) in any language. However, traditional proxy methods often bottlenecked performance and lacked support for real-time protocols. This paper explores HaRP, the recommended proxy for Nextcloud 32+, which optimizes communication by bypassing the standard PHP stack and providing secure tunneling via FRP (Fast Reverse Proxy). 1. Introduction

    Historically, Nextcloud relied on the Docker Socket Proxy (DSP) to manage external integrations. While functional, DSP is being deprecated—with removal scheduled for Nextcloud 35—due to its complexity and inability to support modern protocols like WebSockets. HaRP (Nextcloud AppAPI HaProxy Reverse Proxy) serves as a modern replacement, designed to simplify deployment while significantly boosting performance for real-time features. 2. Key Architectural Components Any user can request a proof that a

    HaRP introduces several architectural improvements over its predecessor:

    Direct Communication Path: Unlike previous setups, HaRP routes requests directly to ExApps, bypassing the Nextcloud PHP process. This reduces latency and saves server resources.

    FRP-Based Tunneling: Using Fast Reverse Proxy (FRP) tunnels, ExApp containers do not need to expose ports to the host or be directly reachable from the main Nextcloud server. This enables easier NAT traversal and deployment on remote hosts, such as specialized GPU servers for AI workloads.

    WebSocket Support: One of HaRP's primary advantages is enabling end-to-end WebSocket traffic. This eliminates the need for inefficient polling, allowing for cleaner real-time architectures in Nextcloud Hub. 3. Deployment and Security HaRP is designed to be highly secure and flexible:

    Authentication & Protection: It includes built-in brute-force protection and uses secret tokens (HP_SHARED_KEY) for authentication between services. If the server is underpowered or far away, this fails

    Automated TLS: The system automatically generates the necessary certificates for FRP communications, ensuring secure tunnels by default.

    Multi-Docker Management: A single HaRP instance can manage multiple Docker engines, facilitating large-scale distributed environments. 4. Conclusion

    As Nextcloud moves toward version 35, the transition from DSP to HaRP is critical for administrators and developers. By providing a future-proof path for External Apps, HaRP ensures that Nextcloud remains a scalable, low-latency platform capable of supporting the next generation of real-time collaboration tools. Adapting ExApps to HaRP - Nextcloud Documentation

    roxy) is the modern proxy engine for Nextcloud 32+ that allows External Apps (ExApps) to communicate with Nextcloud

    . It is specifically designed to support high-performance features like WebSockets for real-time AI and communication tools. 1. Deploy the HaRP Container

    Run the HaRP container using Docker. Replace the placeholders with your specific values. NC_INSTANCE_URL : Your internal Nextcloud address (e.g.,