What is Nextcloud
Nextcloud is primarily an open source cloud storage service that you can install on your server. It's sort of an alternative to Google Drive, Dropbox and Microsoft Onedrive. When you store your data using commercial services, you have no control over it. And, since you're using these services for free, these companies scan your data and use it to show targeted advertisements to you. Plus, if their AI algorithms decide that you violated their terms of service, they can block your account and you can lose access to your data. To be on the safe side, it's best to self-host such things.
Nextcloud is not just a cloud storage service though. There are many, many apps available for Nextcloud which can add features like audio/video chat, document editor, calendar, contact syncing, RSS feed reader, picture gallery, URL shortening service, among other things.
Prerequisites
You will need a domain name and a VPS with a static IP address to self-host Nextcloud. I hope you have completed initial VPS setup too. It's also possible to do it on a raspberry pi in your home but then you'll need to setup a VPN if you want to access it outside of home network.
Install Nextcloud
Snap is the easiest way to install Nextcloud. You won't have to worry about updating it because snaps auto-update. I'm using Ubuntu Server edition to install Nextcloud. Instructions will be more or less similar if you're using some other distro which supports snap packages.
sudo snap install nextcloud
Create a new admin user by providing a username (in this case, admin) and a password (in this case, supersecretpw).
sudo nextcloud.manual-install admin supersecretpw
Add your domain name (replace your.domain.name below with your domain name) to trusted_domains in /var/snap/nextcloud/current/nextcloud/config/config.php file.
'trusted_domains' =>
array (
0 => 'localhost',
1 => 'your.domain.name',
),
Sweet Sweet Encryption
Before executing following commands, add A record pointing to the IP address of the server in your domain name registrar's dashboard and wait for around 30-40 minutes so the DNS change propagates worldwide.
Getting HTTPS certificate for our Nextcloud website is important to prevent sniffing or modification of our data as it travels between our device and our server. We are going to obtain the HTTPS certificate from Let's Encrypt. We will be using Nginx as a reverse proxy in front of Nextcloud. And we will use certbot to get our HTTPS certificate. We will then configure Nginx to terminate SSL and proxy our requests to Nextcloud.
Note that Nextcloud is currently listening on port 80. If you want Nginx to be your reverse proxy, ie, sit at the front and proxy requests to Nextcloud, then Nginx should listen at port 80. So we need to change the port Nextcloud is listening on to 81.
sudo snap set nextcloud ports.http=81
Install Nginx :
sudo apt install nginx
If you're using Ubuntu Server 18.04 LTS, run following commands to install certbot.
sudo apt install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt update
sudo apt install certbot python3-certbot-nginx
If you're using Ubuntu Server 20.04 LTS, execute following commands to install certbot.
sudo apt update
sudo apt install software-properties-common
sudo apt install certbot python3-certbot-nginx
Add following rules to ufw firewall to allow HTTP and HTTPS (and SSH too; don't lock yourself out!) traffic to come through.
sudo ufw limit ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw enable
Go to your VPS provider's dashboard and allow HTTP and HTTPS traffic to come through.
Now, get a TLS certificate for your domain from certbot. Certbot will ask you for your email address (to send reminders and stuff). We are using certonly option here because we will manually setup Nginx configuration later.
sudo certbot certonly --nginx --cert-name your.domain.name -d your.domain.name
Now, we need to setup Nginx configuration for the Nextcloud website. Save following configuration as /etc/nginx/sites-available/your.domain.name.conf file. Don't forget to replace your.domain.name below with your actual domain name.
server {
# listen on port 443 (both ipv4 and ipv6) and use HTTP2
listen 0.0.0.0:443 ssl http2;
listen [::]:443 ssl http2;
# max file upload size
client_max_body_size 100M;
# your domain name
server_name your.domain.name;
# configure the ssl certificate
ssl_certificate /etc/letsencrypt/live/your.domain.name/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your.domain.name/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/your.domain.name/chain.pem;
# proxy requests to Nextcloud which is listening on port 81
location / {
include proxy_params; # include necessary headers
proxy_pass http://localhost:81;
}
}
# redirect HTTP requests to HTTPS
server {
listen 0.0.0.0:80;
listen [::]:80;
server_name your.domain.name;
if ($host = your.domain.name) {
return 301 https://$host$request_uri;
}
return 404;
}
Activate Nginx configuration of your.domain.name.
sudo ln -s /etc/nginx/sites-available/your.domain.name.conf /etc/nginx/sites-enabled/
Check whether there are any errors in Nginx config.
sudo nginx -t
Restart Nginx so all the changes take effect.
sudo systemctl restart nginx
Login to your Nextcloud instance
Go to https://your.domain.name in your favorite browser and log in using the username and password you gave to the manual install command above. You can create users, upload and download files here. You can also use Nextcloud mobile and desktop apps.
Nextcloud Mobile Apps
Nextcloud's mobile apps are open source and they are available on F-droid, Google Play and Apple App Store.
Nextcloud Desktop Apps
Nextcloud's desktop apps are also open source and they are available for Linux, Windows and Mac.