Google Drive scans your files. Dropbox has had major breaches. iCloud keys are held by Apple. Every mainstream cloud storage service has access to your data - and shares it with whoever asks nicely enough. The solution? Run your own cloud storage that only you control.
Nextcloud is a free, open-source platform that gives you everything Dropbox and Google Drive offer: file sync, calendar, contacts, document editing, photo backup - all on a server you own. And thanks to free cloud hosting credits, you can run it at zero cost.
Last updated: July 2026
What You'll Get
- Complete file sync - Desktop, mobile, and web access to all your files
- End-to-end encryption - Optional client-side encryption for sensitive folders
- Photo backup - Automatic phone photo sync (goodbye Google Photos)
- Calendar & Contacts - Replace Google Calendar and Contacts
- Document editing - Collabora or OnlyOffice integration
- Cost - Free with cloud credits, then $4-6/month or free on Oracle
Prerequisites
Before starting, you'll need:
- A cloud server (VPS) - Get one free using our cloud hosting comparison
- A domain name - Optional but strongly recommended for HTTPS ($10-15/year)
- 30-60 minutes - For initial setup
- Basic terminal comfort - Copy-paste commands, nothing complex
Need Free Cloud Hosting?
Get up to $200 in free credits to run Nextcloud:
Server Requirements
Nextcloud is more resource-intensive than a VPN. Recommended specs:
| Use Case | RAM | Storage | Monthly Cost |
|---|---|---|---|
| Personal (1-2 users) | 2GB | 50GB | $6-12/mo or free (Oracle ARM) |
| Family (3-5 users) | 4GB | 100GB+ | $12-24/mo or free (Oracle ARM) |
| Small team | 8GB+ | 250GB+ | $24-48/mo |
Oracle Cloud Free Tier
Oracle's Always Free ARM instances are perfect for Nextcloud:
- Up to 24GB RAM and 4 OCPUs - more than enough
- 200GB block storage included
- Forever free - No expiration
The ARM architecture works great with Nextcloud. Get Oracle Free Tier
Method 1: Docker Installation (Recommended)
Docker makes Nextcloud deployment simple and upgrades painless. This is the recommended approach for most users.
Step 1: Prepare Your Server
SSH into your VPS and install Docker:
# Update system
sudo apt update && sudo apt upgrade -y
# Install Docker
curl -fsSL https://get.docker.com | sudo sh
# Add your user to docker group
sudo usermod -aG docker $USER
# Install Docker Compose
sudo apt install docker-compose -y
# Logout and back in for group changes
exit After logging back in, verify Docker works:
docker --version
docker-compose --version Step 2: Create Nextcloud Directory Structure
# Create directories
mkdir -p ~/nextcloud/db ~/nextcloud/data ~/nextcloud/config
cd ~/nextcloud Step 3: Create Docker Compose File
Create the configuration file:
nano docker-compose.yml Paste this configuration:
version: '3'
services:
db:
image: mariadb:10.11
container_name: nextcloud-db
restart: always
command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
volumes:
- ./db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=CHANGE_THIS_ROOT_PASSWORD
- MYSQL_PASSWORD=CHANGE_THIS_PASSWORD
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
redis:
image: redis:alpine
container_name: nextcloud-redis
restart: always
app:
image: nextcloud:stable
container_name: nextcloud-app
restart: always
ports:
- 8080:80
links:
- db
- redis
volumes:
- ./data:/var/www/html/data
- ./config:/var/www/html/config
- ./apps:/var/www/html/custom_apps
environment:
- MYSQL_PASSWORD=CHANGE_THIS_PASSWORD
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=db
- REDIS_HOST=redis
depends_on:
- db
- redis Change the Passwords!
Replace CHANGE_THIS_ROOT_PASSWORD and CHANGE_THIS_PASSWORD with strong, unique passwords. Use a password manager to generate them.
Save with Ctrl+X, then Y, then Enter.
Step 4: Start Nextcloud
# Start containers
docker-compose up -d
# Check status
docker-compose ps All three containers should show "Up". Wait about 30 seconds for initial startup.
Step 5: Complete Web Setup
Open your browser and go to http://YOUR_SERVER_IP:8080
You'll see the Nextcloud setup wizard:
- Create admin account - Choose a strong username and password
- Data folder - Leave as default (
/var/www/html/data) - Database - Already configured via Docker environment variables
- Click Install
Installation takes 1-2 minutes. You'll then have a working Nextcloud instance!
Method 2: Nextcloud All-in-One (Simplest)
For the absolute easiest setup, Nextcloud offers an "All-in-One" Docker image that includes automatic HTTPS, backups, and updates:
# One command installation
sudo docker run \
--sig-proxy=false \
--name nextcloud-aio-mastercontainer \
--restart always \
--publish 80:80 \
--publish 8080:8080 \
--publish 8443:8443 \
--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
--volume /var/run/docker.sock:/var/run/docker.sock:ro \
nextcloud/all-in-one:latest Then access https://YOUR_IP:8443 for the setup interface.
All-in-One Requirements
- Ports 80, 443, 8080, 8443 must be available
- A domain name pointing to your server (required for HTTPS)
- At least 4GB RAM recommended
This method is best if you have a domain and want automatic certificate management.
Setting Up HTTPS (Required for Security)
Running Nextcloud without HTTPS exposes your passwords and files. You have two options:
Option A: Cloudflare Tunnel (Free, No Domain Required)
Cloudflare Tunnels give you HTTPS with a free subdomain:
# Install cloudflared
curl -L --output cloudflared.deb https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb
sudo dpkg -i cloudflared.deb
# Login to Cloudflare (free account works)
cloudflared tunnel login
# Create a tunnel
cloudflared tunnel create nextcloud
# Route tunnel to your domain
cloudflared tunnel route dns nextcloud your-subdomain.your-domain.com
# Create config file
mkdir -p ~/.cloudflared
nano ~/.cloudflared/config.yml Add this configuration:
tunnel: YOUR_TUNNEL_ID
credentials-file: /home/YOUR_USER/.cloudflared/YOUR_TUNNEL_ID.json
ingress:
- hostname: your-subdomain.your-domain.com
service: http://localhost:8080
- service: http_status:404 Start the tunnel:
# Run as service
sudo cloudflared service install
sudo systemctl start cloudflared Option B: Nginx + Let's Encrypt (Requires Domain)
If you have a domain name, use Nginx as a reverse proxy with free Let's Encrypt certificates:
# Install Nginx and Certbot
sudo apt install nginx certbot python3-certbot-nginx -y
# Create Nginx config
sudo nano /etc/nginx/sites-available/nextcloud Add this configuration:
server {
listen 80;
server_name your-domain.com;
location / {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 10G;
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
}
}
Enable the site and get certificates:
# Enable site
sudo ln -s /etc/nginx/sites-available/nextcloud /etc/nginx/sites-enabled/
# Test config
sudo nginx -t
# Restart Nginx
sudo systemctl restart nginx
# Get SSL certificate
sudo certbot --nginx -d your-domain.com Configure Nextcloud for HTTPS
After setting up HTTPS, tell Nextcloud about your domain:
# Edit Nextcloud config
nano ~/nextcloud/config/config.php Find and update these lines:
'trusted_domains' =>
array (
0 => 'localhost',
1 => 'your-domain.com',
),
'overwrite.cli.url' => 'https://your-domain.com',
'overwriteprotocol' => 'https', Installing Desktop and Mobile Apps
Nextcloud has apps for every platform:
Desktop Sync Clients
- Windows/Mac/Linux: Download Nextcloud Desktop
- Configure with your server URL (https://your-domain.com)
- Choose which folders to sync
Mobile Apps
- Android: F-Droid (recommended) or Google Play
- iOS: App Store
Phone Photo Backup
Replace Google Photos with automatic Nextcloud backup:
- Open the Nextcloud mobile app
- Go to Settings → Auto upload
- Enable Auto upload photos
- Choose WiFi-only if desired
- Select target folder in Nextcloud
Essential Nextcloud Apps
In your Nextcloud web interface, go to Apps to install these:
| App | Purpose | Replaces |
|---|---|---|
| Calendar | CalDAV calendar sync | Google Calendar |
| Contacts | CardDAV contact sync | Google Contacts |
| Notes | Markdown notes with sync | Google Keep |
| Tasks | To-do lists | Google Tasks |
| Memories | Photo management with AI | Google Photos |
| End-to-End Encryption | Client-side encryption | - |
| Two-Factor TOTP | 2FA support | - |
Enable End-to-End Encryption
For maximum security, enable client-side encryption for sensitive folders:
- Install the End-to-End Encryption app from the Apps menu
- In your desktop client, right-click any folder
- Select Encrypt
- Store your encryption mnemonic safely - this is your only recovery method!
E2E Encryption Limitations
- Encrypted folders can only be accessed from clients that support E2E (desktop and mobile apps, not web)
- If you lose your mnemonic, encrypted data is permanently lost
- Some apps (like Memories) don't work with encrypted folders
Recommended: Use E2E only for truly sensitive folders, not your entire Nextcloud.
Backups
Your data is only as safe as your backups. Set up automated backups:
Option 1: Docker Volume Backup Script
# Create backup script
nano ~/backup-nextcloud.sh Add this content:
#!/bin/bash
BACKUP_DIR="/root/nextcloud-backups"
DATE=$(date +%Y%m%d)
# Create backup directory
mkdir -p $BACKUP_DIR
# Put Nextcloud in maintenance mode
docker exec nextcloud-app php occ maintenance:mode --on
# Backup data and config
cd ~/nextcloud
tar -czf $BACKUP_DIR/nextcloud-data-$DATE.tar.gz data config
# Backup database
docker exec nextcloud-db mysqldump -u nextcloud -pCHANGE_THIS_PASSWORD nextcloud > $BACKUP_DIR/nextcloud-db-$DATE.sql
# Take Nextcloud out of maintenance mode
docker exec nextcloud-app php occ maintenance:mode --off
# Delete backups older than 7 days
find $BACKUP_DIR -type f -mtime +7 -delete
echo "Backup completed: $DATE" # Make executable
chmod +x ~/backup-nextcloud.sh
# Add to cron (daily at 3 AM)
crontab -e
# Add this line:
0 3 * * * /root/backup-nextcloud.sh >> /var/log/nextcloud-backup.log 2>&1 Option 2: Rclone to External Storage
Copy backups to another cloud provider for disaster recovery:
# Install rclone
curl https://rclone.org/install.sh | sudo bash
# Configure a remote (e.g., Backblaze B2, Wasabi, another cloud)
rclone config
# Add to your backup script:
rclone copy $BACKUP_DIR remote:nextcloud-backups/ Security Hardening
Protect your Nextcloud instance:
1. Enable Two-Factor Authentication
- Install Two-Factor TOTP Provider app
- Go to Settings → Security
- Enable TOTP and scan with your authenticator app
2. Configure Firewall
# Allow only necessary ports
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow 80
sudo ufw allow 443
sudo ufw enable 3. Enable Brute Force Protection
Nextcloud has built-in brute force protection. Verify it's enabled:
docker exec nextcloud-app php occ config:system:get auth.bruteforce.protection.enabled Should return true.
4. Regular Updates
# Update Nextcloud containers
cd ~/nextcloud
docker-compose pull
docker-compose up -d
# Check for Nextcloud app updates in web UI under Settings → Administration → Overview Troubleshooting
"Access through untrusted domain"
Add your domain to trusted_domains in config/config.php.
Upload size limits
Edit config/config.php and add:
'upload_max_size' => '10G', Also check Nginx config has sufficient client_max_body_size.
Slow performance
Enable memory caching:
# Already configured with Redis in our Docker setup
# Check it's working:
docker exec nextcloud-app php occ config:system:get memcache.local Container logs
# View app logs
docker logs nextcloud-app
# View database logs
docker logs nextcloud-db Comparison: Nextcloud vs Commercial Cloud Storage
| Feature | Nextcloud (Self-Hosted) | Google Drive | Dropbox |
|---|---|---|---|
| Cost (100GB) | $0-6/month | $2.99/month | $11.99/month |
| Storage limit | Your server's capacity | Plans limited | Plans limited |
| Data access | Only you | Dropbox | |
| E2E encryption | Yes (opt-in) | No | No |
| Law enforcement | Server warrant only | Account request | Account request |
| File scanning | No | Yes (AI scanning) | Limited |
| Maintenance | You handle updates | Automatic | Automatic |
Next Steps
Now that you have your own private cloud storage, consider these additional projects:
Continue Building Your Privacy Infrastructure
- Build Your Own VPN - Complete the privacy stack
- Self-Host Vaultwarden - Private password manager
- Compare Cloud Providers - Find more free hosting
Summary
You now have your own private cloud storage that:
- Costs nothing with free cloud credits (or $4-6/month after)
- Syncs files across all your devices
- Backs up photos automatically from your phone
- Replaces Google Calendar, Contacts, and Drive
- Encrypts data with optional end-to-end encryption
- Only you control - no third-party access to your files
Dropbox and Google made cloud storage convenient. They also made it surveilled. Nextcloud gives you the convenience without the surveillance. Your files, your server, your rules.