Linux-Based Self-Hosted Cloud Storage with Nextcloud

Chintan BogharaChintan Boghara
6 min read

Table of contents

In an age where data privacy and control are paramount, setting up your own cloud storage solution can be a game-changer. With Nextcloud, you can create a secure, private cloud similar to Google Drive or Dropbox—running entirely on your own Ubuntu server. This blog post guides you through the installation, configuration, and essential security measures to set up a robust self-hosted cloud storage environment.

Why Choose Nextcloud?

Nextcloud is an open-source platform that not only provides file storage and sharing capabilities but also offers collaboration tools, calendar and contact management, and more. By hosting Nextcloud on your own server, you gain complete control over your data, enhanced privacy, and the flexibility to customize the platform to your needs.

Step-by-Step Installation & Configuration

Below is a detailed guide to set up Nextcloud on an Ubuntu server, covering everything from system updates to SSL encryption and automated backups.

1. Update Your System

Before installing any new software, it's essential to ensure your system is up to date:

sudo apt update && sudo apt upgrade -y

Keeping your system updated helps to avoid compatibility issues and ensures that you have the latest security patches.

2. Install Required Packages

Nextcloud requires a web server, a database, and PHP along with various modules. Install Apache, MariaDB, PHP, and the necessary PHP modules with the following command:

sudo apt install apache2 mariadb-server php php-mysql libapache2-mod-php php-xml php-zip php-mbstring php-curl php-gd php-intl -y

These packages create the backbone for hosting Nextcloud on your server.

3. Secure the MariaDB Database

Security is critical when deploying any service. Strengthen your MariaDB installation by running the secure installation script:

sudo mysql_secure_installation

Follow the prompts to:

  • Set a strong root password.

  • Remove anonymous users.

  • Disable remote root login.

  • Remove test databases.

This step helps protect your database from unauthorized access.

4. Create Nextcloud Database & User

After securing MariaDB, create a dedicated database and user for Nextcloud. Log into MariaDB:

sudo mysql -u root -p

Then execute the following SQL commands within the MariaDB prompt:

CREATE DATABASE nextcloud;
CREATE USER 'nextclouduser'@'localhost' IDENTIFIED BY 'YourStrongPassword';
GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextclouduser'@'localhost';
FLUSH PRIVILEGES;
EXIT;

Using a dedicated database and user isolates Nextcloud’s data and simplifies management.

5. Download & Install Nextcloud

Download the latest Nextcloud release and set up the web directory:

  1. Change to the web directory:

     cd /var/www/

  2. Download the Nextcloud archive:

     sudo wget https://download.nextcloud.com/server/releases/latest.tar.bz2

  3. Install the bzip2 utility if not already installed:

     sudo apt update
 sudo apt install bzip2 -y

  4. Extract the downloaded archive:

     sudo tar -xvf latest.tar.bz2

  5. Set the appropriate permissions:

     sudo chown -R www-data:www-data /var/www/nextcloud
 sudo chmod -R 755 /var/www/nextcloud

Ensuring correct file permissions is crucial for both security and the proper functioning of Nextcloud.

6. Configure Apache for Nextcloud

Set up Apache to serve your Nextcloud installation by creating a new configuration file:

sudo vi /etc/apache2/sites-available/nextcloud.conf

Insert the following configuration, adjusting the email and domain to match your settings:

<VirtualHost *:80>
    ServerAdmin your-email@example.com
    DocumentRoot /var/www/nextcloud
    ServerName yourdomain.com

    <Directory /var/www/nextcloud/>
        Require all granted
        AllowOverride All
        Options FollowSymLinks MultiViews
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/nextcloud_error.log
    CustomLog ${APACHE_LOG_DIR}/nextcloud_access.log combined
</VirtualHost>

Enable the site and necessary Apache modules, then restart Apache:

sudo a2ensite nextcloud.conf
sudo a2enmod rewrite headers env dir mime
sudo systemctl restart apache2

This configuration ensures that Apache correctly serves your Nextcloud installation and allows for dynamic rewriting of URLs, which Nextcloud requires.

7. Secure Nextcloud with SSL (Let's Encrypt)

Securing your cloud storage with SSL is vital. Install Certbot and secure your site with a free SSL certificate:

sudo apt install certbot python3-certbot-apache -y
sudo certbot --apache -d yourdomain.com

Set up automatic SSL renewal by editing the root cron table:

sudo crontab -e

Add the following line to renew your certificate daily:

0 3 * * * certbot renew --quiet

SSL encryption protects data in transit between your server and clients, ensuring privacy and data integrity.

8. Configure Firewall & Security

Enhance your server's security by configuring the firewall:

  1. Allow HTTP and HTTPS traffic:

     sudo ufw allow 80,443/tcp

  2. Enable the UFW firewall:

     sudo ufw enable

For added protection, install Fail2Ban to help prevent brute-force attacks:

sudo apt install fail2ban -y

Proper firewall configuration and intrusion prevention tools are essential to guard your cloud against malicious activity.

9. Configure Automatic Backups

Regular backups are a lifesaver in case of data loss or corruption. Set up daily backups using rsync. Edit the root cron table:

sudo crontab -e

Add the following line to create daily backups (adjust the backup directory as needed):

0 2 * * * rsync -a /var/www/nextcloud /backup/nextcloud_$(date +\%F)

Automated backups ensure that you always have a recent copy of your data, minimizing downtime and data loss in emergencies.

Final Setup: Running Nextcloud

  1. Access the Web Interface:
    Open your browser and navigate to:

     http://yourdomain.com

  2. Follow the Setup Wizard:
    During the setup, you will be prompted for the database configuration. Use the following details:

    • Database user: nextclouduser

    • Database password: YourStrongPassword

    • Database name: nextcloud

  3. Complete the Configuration:
    Finalize the setup by creating an administrator account and configuring additional settings as desired.

Additional Tips for a Secure and Efficient Cloud

  • Regular Updates:
    Always keep your Ubuntu system, Apache, MariaDB, PHP, and Nextcloud installation updated to protect against vulnerabilities.

  • User Management:
    Leverage Nextcloud’s built-in user management features to control access, assign permissions, and monitor activity.

  • Monitoring & Logs:
    Regularly review Apache and Nextcloud logs to identify potential issues or unauthorized access attempts.

  • Performance Optimization:
    Depending on your usage, consider configuring caching mechanisms and PHP optimization settings to improve performance.

Conclusion

Setting up a Linux-based self-hosted cloud storage solution with Nextcloud empowers you to take control of your data while ensuring high levels of security and customization. By following this guide, you’ve established a private cloud that offers the flexibility of modern cloud services without relying on third-party providers. With additional measures like SSL encryption, firewall configuration, and automated backups, your Nextcloud installation is not only functional but also secure.

Enjoy the freedom and security of your very own cloud storage—your data, your rules!

Happy hosting!

Reference

  1. Nextcloud Official Documentation
    https://docs.nextcloud.com/server/latest/admin_manual/
    Detailed guidance on installing, configuring, and securing your Nextcloud instance.

  2. Ubuntu Official Website
    https://ubuntu.com/
    Provides essential resources and updates for maintaining your Ubuntu server.

  3. Apache HTTP Server Documentation
    https://httpd.apache.org/docs/
    Comprehensive instructions for setting up and managing Apache to serve your Nextcloud installation.

  4. Certbot Documentation (Let’s Encrypt)
    https://certbot.eff.org/docs/
    Step-by-step instructions for installing SSL certificates and automating their renewal.

  5. MariaDB Secure Installation Guide
    https://mariadb.com/kb/en/mariadb-secure-installation/
    Best practices for securing your MariaDB database for a robust Nextcloud deployment.

11
Subscribe to my newsletter

Read articles from Chintan Boghara directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Self-Hosted Cloud StorageDevopsCloudDevSecOpsSREPlatform Engineering Nextcloud

Written by

Chintan Boghara
Chintan Boghara

Exploring DevOps ♾️, Cloud Computing ☁️, DevSecOps 🔒, Site Reliability Engineering ⚙️, Platform Engineering 🛠️, Machine Learning Operations 🤖, and AIOps 🧠