Google Drive scans your files. Dropbox has had major breaches. iCloud keys are held by Apple. Every mainstream cloud storage service has access to your data - and shares it with whoever asks nicely enough. The solution? Run your own cloud storage that only you control.

Nextcloud is a free, open-source platform that gives you everything Dropbox and Google Drive offer: file sync, calendar, contacts, document editing, photo backup - all on a server you own. And thanks to free cloud hosting credits, you can run it at zero cost.

Last updated: July 2026

What You'll Get

  • Complete file sync - Desktop, mobile, and web access to all your files
  • End-to-end encryption - Optional client-side encryption for sensitive folders
  • Photo backup - Automatic phone photo sync (goodbye Google Photos)
  • Calendar & Contacts - Replace Google Calendar and Contacts
  • Document editing - Collabora or OnlyOffice integration
  • Cost - Free with cloud credits, then $4-6/month or free on Oracle

Prerequisites

Before starting, you'll need:

  • A cloud server (VPS) - Get one free using our cloud hosting comparison
  • A domain name - Optional but strongly recommended for HTTPS ($10-15/year)
  • 30-60 minutes - For initial setup
  • Basic terminal comfort - Copy-paste commands, nothing complex

Need Free Cloud Hosting?

Get up to $200 in free credits to run Nextcloud:

Compare all free cloud options

Server Requirements

Nextcloud is more resource-intensive than a VPN. Recommended specs:

Use Case RAM Storage Monthly Cost
Personal (1-2 users) 2GB 50GB $6-12/mo or free (Oracle ARM)
Family (3-5 users) 4GB 100GB+ $12-24/mo or free (Oracle ARM)
Small team 8GB+ 250GB+ $24-48/mo

Oracle Cloud Free Tier

Oracle's Always Free ARM instances are perfect for Nextcloud:

  • Up to 24GB RAM and 4 OCPUs - more than enough
  • 200GB block storage included
  • Forever free - No expiration

The ARM architecture works great with Nextcloud. Get Oracle Free Tier

Method 1: Docker Installation (Recommended)

Docker makes Nextcloud deployment simple and upgrades painless. This is the recommended approach for most users.

Step 1: Prepare Your Server

SSH into your VPS and install Docker:

# Update system
sudo apt update && sudo apt upgrade -y

# Install Docker
curl -fsSL https://get.docker.com | sudo sh

# Add your user to docker group
sudo usermod -aG docker $USER

# Install Docker Compose
sudo apt install docker-compose -y

# Logout and back in for group changes
exit

After logging back in, verify Docker works:

docker --version
docker-compose --version

Step 2: Create Nextcloud Directory Structure

# Create directories
mkdir -p ~/nextcloud/db ~/nextcloud/data ~/nextcloud/config
cd ~/nextcloud

Step 3: Create Docker Compose File

Create the configuration file:

nano docker-compose.yml

Paste this configuration:

version: '3'

services:
  db:
    image: mariadb:10.11
    container_name: nextcloud-db
    restart: always
    command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
    volumes:
      - ./db:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=CHANGE_THIS_ROOT_PASSWORD
      - MYSQL_PASSWORD=CHANGE_THIS_PASSWORD
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud

  redis:
    image: redis:alpine
    container_name: nextcloud-redis
    restart: always

  app:
    image: nextcloud:stable
    container_name: nextcloud-app
    restart: always
    ports:
      - 8080:80
    links:
      - db
      - redis
    volumes:
      - ./data:/var/www/html/data
      - ./config:/var/www/html/config
      - ./apps:/var/www/html/custom_apps
    environment:
      - MYSQL_PASSWORD=CHANGE_THIS_PASSWORD
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_HOST=db
      - REDIS_HOST=redis
    depends_on:
      - db
      - redis

Change the Passwords!

Replace CHANGE_THIS_ROOT_PASSWORD and CHANGE_THIS_PASSWORD with strong, unique passwords. Use a password manager to generate them.

Save with Ctrl+X, then Y, then Enter.

Step 4: Start Nextcloud

# Start containers
docker-compose up -d

# Check status
docker-compose ps

All three containers should show "Up". Wait about 30 seconds for initial startup.

Step 5: Complete Web Setup

Open your browser and go to http://YOUR_SERVER_IP:8080

You'll see the Nextcloud setup wizard:

  1. Create admin account - Choose a strong username and password
  2. Data folder - Leave as default (/var/www/html/data)
  3. Database - Already configured via Docker environment variables
  4. Click Install

Installation takes 1-2 minutes. You'll then have a working Nextcloud instance!

Method 2: Nextcloud All-in-One (Simplest)

For the absolute easiest setup, Nextcloud offers an "All-in-One" Docker image that includes automatic HTTPS, backups, and updates:

# One command installation
sudo docker run \
--sig-proxy=false \
--name nextcloud-aio-mastercontainer \
--restart always \
--publish 80:80 \
--publish 8080:8080 \
--publish 8443:8443 \
--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
--volume /var/run/docker.sock:/var/run/docker.sock:ro \
nextcloud/all-in-one:latest

Then access https://YOUR_IP:8443 for the setup interface.

All-in-One Requirements

  • Ports 80, 443, 8080, 8443 must be available
  • A domain name pointing to your server (required for HTTPS)
  • At least 4GB RAM recommended

This method is best if you have a domain and want automatic certificate management.

Setting Up HTTPS (Required for Security)

Running Nextcloud without HTTPS exposes your passwords and files. You have two options:

Option A: Cloudflare Tunnel (Free, No Domain Required)

Cloudflare Tunnels give you HTTPS with a free subdomain:

# Install cloudflared
curl -L --output cloudflared.deb https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb
sudo dpkg -i cloudflared.deb

# Login to Cloudflare (free account works)
cloudflared tunnel login

# Create a tunnel
cloudflared tunnel create nextcloud

# Route tunnel to your domain
cloudflared tunnel route dns nextcloud your-subdomain.your-domain.com

# Create config file
mkdir -p ~/.cloudflared
nano ~/.cloudflared/config.yml

Add this configuration:

tunnel: YOUR_TUNNEL_ID
credentials-file: /home/YOUR_USER/.cloudflared/YOUR_TUNNEL_ID.json

ingress:
  - hostname: your-subdomain.your-domain.com
    service: http://localhost:8080
  - service: http_status:404

Start the tunnel:

# Run as service
sudo cloudflared service install
sudo systemctl start cloudflared

Option B: Nginx + Let's Encrypt (Requires Domain)

If you have a domain name, use Nginx as a reverse proxy with free Let's Encrypt certificates:

# Install Nginx and Certbot
sudo apt install nginx certbot python3-certbot-nginx -y

# Create Nginx config
sudo nano /etc/nginx/sites-available/nextcloud

Add this configuration:

server {
    listen 80;
    server_name your-domain.com;

    location / {
        proxy_pass http://localhost:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        client_max_body_size 10G;
        proxy_read_timeout 86400s;
        proxy_send_timeout 86400s;
    }
}

Enable the site and get certificates:

# Enable site
sudo ln -s /etc/nginx/sites-available/nextcloud /etc/nginx/sites-enabled/

# Test config
sudo nginx -t

# Restart Nginx
sudo systemctl restart nginx

# Get SSL certificate
sudo certbot --nginx -d your-domain.com

Configure Nextcloud for HTTPS

After setting up HTTPS, tell Nextcloud about your domain:

# Edit Nextcloud config
nano ~/nextcloud/config/config.php

Find and update these lines:

'trusted_domains' =>
array (
  0 => 'localhost',
  1 => 'your-domain.com',
),
'overwrite.cli.url' => 'https://your-domain.com',
'overwriteprotocol' => 'https',

Installing Desktop and Mobile Apps

Nextcloud has apps for every platform:

Desktop Sync Clients

  • Windows/Mac/Linux: Download Nextcloud Desktop
  • Configure with your server URL (https://your-domain.com)
  • Choose which folders to sync

Mobile Apps

Phone Photo Backup

Replace Google Photos with automatic Nextcloud backup:

  1. Open the Nextcloud mobile app
  2. Go to Settings → Auto upload
  3. Enable Auto upload photos
  4. Choose WiFi-only if desired
  5. Select target folder in Nextcloud

Essential Nextcloud Apps

In your Nextcloud web interface, go to Apps to install these:

App Purpose Replaces
Calendar CalDAV calendar sync Google Calendar
Contacts CardDAV contact sync Google Contacts
Notes Markdown notes with sync Google Keep
Tasks To-do lists Google Tasks
Memories Photo management with AI Google Photos
End-to-End Encryption Client-side encryption -
Two-Factor TOTP 2FA support -

Enable End-to-End Encryption

For maximum security, enable client-side encryption for sensitive folders:

  1. Install the End-to-End Encryption app from the Apps menu
  2. In your desktop client, right-click any folder
  3. Select Encrypt
  4. Store your encryption mnemonic safely - this is your only recovery method!

E2E Encryption Limitations

  • Encrypted folders can only be accessed from clients that support E2E (desktop and mobile apps, not web)
  • If you lose your mnemonic, encrypted data is permanently lost
  • Some apps (like Memories) don't work with encrypted folders

Recommended: Use E2E only for truly sensitive folders, not your entire Nextcloud.

Backups

Your data is only as safe as your backups. Set up automated backups:

Option 1: Docker Volume Backup Script

# Create backup script
nano ~/backup-nextcloud.sh

Add this content:

#!/bin/bash
BACKUP_DIR="/root/nextcloud-backups"
DATE=$(date +%Y%m%d)

# Create backup directory
mkdir -p $BACKUP_DIR

# Put Nextcloud in maintenance mode
docker exec nextcloud-app php occ maintenance:mode --on

# Backup data and config
cd ~/nextcloud
tar -czf $BACKUP_DIR/nextcloud-data-$DATE.tar.gz data config

# Backup database
docker exec nextcloud-db mysqldump -u nextcloud -pCHANGE_THIS_PASSWORD nextcloud > $BACKUP_DIR/nextcloud-db-$DATE.sql

# Take Nextcloud out of maintenance mode
docker exec nextcloud-app php occ maintenance:mode --off

# Delete backups older than 7 days
find $BACKUP_DIR -type f -mtime +7 -delete

echo "Backup completed: $DATE"
# Make executable
chmod +x ~/backup-nextcloud.sh

# Add to cron (daily at 3 AM)
crontab -e
# Add this line:
0 3 * * * /root/backup-nextcloud.sh >> /var/log/nextcloud-backup.log 2>&1

Option 2: Rclone to External Storage

Copy backups to another cloud provider for disaster recovery:

# Install rclone
curl https://rclone.org/install.sh | sudo bash

# Configure a remote (e.g., Backblaze B2, Wasabi, another cloud)
rclone config

# Add to your backup script:
rclone copy $BACKUP_DIR remote:nextcloud-backups/

Security Hardening

Protect your Nextcloud instance:

1. Enable Two-Factor Authentication

  1. Install Two-Factor TOTP Provider app
  2. Go to Settings → Security
  3. Enable TOTP and scan with your authenticator app

2. Configure Firewall

# Allow only necessary ports
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow 80
sudo ufw allow 443
sudo ufw enable

3. Enable Brute Force Protection

Nextcloud has built-in brute force protection. Verify it's enabled:

docker exec nextcloud-app php occ config:system:get auth.bruteforce.protection.enabled

Should return true.

4. Regular Updates

# Update Nextcloud containers
cd ~/nextcloud
docker-compose pull
docker-compose up -d

# Check for Nextcloud app updates in web UI under Settings → Administration → Overview

Troubleshooting

"Access through untrusted domain"

Add your domain to trusted_domains in config/config.php.

Upload size limits

Edit config/config.php and add:

'upload_max_size' => '10G',

Also check Nginx config has sufficient client_max_body_size.

Slow performance

Enable memory caching:

# Already configured with Redis in our Docker setup
# Check it's working:
docker exec nextcloud-app php occ config:system:get memcache.local

Container logs

# View app logs
docker logs nextcloud-app

# View database logs
docker logs nextcloud-db

Comparison: Nextcloud vs Commercial Cloud Storage

Feature Nextcloud (Self-Hosted) Google Drive Dropbox
Cost (100GB) $0-6/month $2.99/month $11.99/month
Storage limit Your server's capacity Plans limited Plans limited
Data access Only you Google Dropbox
E2E encryption Yes (opt-in) No No
Law enforcement Server warrant only Account request Account request
File scanning No Yes (AI scanning) Limited
Maintenance You handle updates Automatic Automatic

Next Steps

Now that you have your own private cloud storage, consider these additional projects:

Continue Building Your Privacy Infrastructure

Summary

You now have your own private cloud storage that:

  • Costs nothing with free cloud credits (or $4-6/month after)
  • Syncs files across all your devices
  • Backs up photos automatically from your phone
  • Replaces Google Calendar, Contacts, and Drive
  • Encrypts data with optional end-to-end encryption
  • Only you control - no third-party access to your files

Dropbox and Google made cloud storage convenient. They also made it surveilled. Nextcloud gives you the convenience without the surveillance. Your files, your server, your rules.