Self-Hosting Nextcloud: Cloud Storage 2026

Nextcloud replaces Dropbox, Google Drive, and Google Workspace. Self-hosting gives you unlimited storage, full data ownership, and collaborative editing — all on your own server.

Why Self-Host Nextcloud

Google Workspace Business Starter costs $6/user/month — $720/year for a 10-person team. Business Standard at $12/user/month doubles that. For organizations with 50 users, Google Workspace costs between $3,600 and $7,200 annually just for the collaboration suite. Dropbox Business adds another $15-24/user/month on top if you need file sync.

Self-hosting Nextcloud on a €8/month Hetzner server with a 2 TB block storage volume (€0.0400/GB-month = ~$40/month for 1 TB) gives a 50-person team unlimited files, calendars, contacts, video calls, and collaborative document editing for approximately $580/year — a fraction of Google Workspace costs at scale.

Data sovereignty is Nextcloud's strongest selling point. Healthcare organizations, law firms, government agencies, and any company processing sensitive personal data may be legally prohibited from storing files in US-based cloud services. Nextcloud lets you deploy on servers in your specific jurisdiction and configure data residency at the infrastructure level.

The feature depth is remarkable. Core Nextcloud includes file sync and sharing, but the app ecosystem adds: Nextcloud Office (LibreOffice-based collaborative editing, a direct Google Docs alternative), Talk (video calls with screen sharing), Calendar and Contacts via CalDAV/CardDAV standards, Deck (kanban boards), Forms, Notes, and dozens more. One server replaces an entire SaaS stack.

Customization possibilities: Nextcloud themes let you brand the interface for your organization, custom apps can integrate with internal systems, and LDAP/Active Directory integration enables SSO for enterprise deployments. None of this requires a support contract or enterprise license.

When NOT to self-host Nextcloud: Nextcloud is operationally complex — PHP-based, MariaDB-backed, with Redis for caching and background jobs that must run on a cron schedule. Performance tuning takes time. If your team needs polished file collaboration with zero maintenance, Google Workspace's reliability and mobile apps are worth the cost. Also, Nextcloud's performance on collaborative document editing (Office) can feel sluggish compared to Google Docs on slow internet connections.

Prerequisites

Nextcloud's storage requirements scale with actual usage — plan carefully before choosing your server. Reviewing VPS options for self-hosters helps you understand the storage pricing trade-offs between providers.

Server specs: 2 GB RAM minimum handles a small team of 5-10 users. 4 GB RAM is strongly recommended for teams larger than 10. Nextcloud runs PHP-FPM inside the container; with multiple users uploading and syncing files simultaneously, RAM is the primary constraint. CPU matters less — most operations are I/O bound.

Disk storage strategy: File data is the big variable. Don't put files on your root disk — use a separate block storage volume that you can expand without resizing the entire server. Hetzner volumes start at €0.0400/GB-month; a 500 GB volume for a team costs €20/month. Plan your initial volume size based on current data plus 12 months of growth.

Operating system: Ubuntu 22.04 LTS. Nextcloud's Docker image is well-tested on Ubuntu, and community troubleshooting resources almost universally assume Ubuntu.

MariaDB vs PostgreSQL: The example here uses MariaDB 11, which is Nextcloud's most widely tested database backend. PostgreSQL works too, but MariaDB is more commonly documented for Nextcloud deployments and has better community support for the specific transaction isolation settings Nextcloud requires.

Redis caching: Redis dramatically improves Nextcloud's performance and is required for distributed locking in multi-process setups. Without Redis, file locking uses the database, which creates significant performance bottlenecks under concurrent load.

Skills required: Comfortable with multi-service Docker Compose, editing PHP configuration files inside containers, and running Nextcloud's occ command-line tool for maintenance tasks.

Requirements

• VPS with 2 GB RAM minimum (4 GB recommended)
• Docker and Docker Compose
• Domain name (e.g., cloud.yourdomain.com)
• 50+ GB disk (scale to your storage needs)

Step 1: Create Docker Compose

# docker-compose.yml
services:
  nextcloud:
    image: nextcloud:latest
    container_name: nextcloud
    restart: unless-stopped
    ports:
      - "8080:80"
    volumes:
      - nextcloud_data:/var/www/html
    environment:
      - MYSQL_HOST=db
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_PASSWORD=your-strong-password
      - NEXTCLOUD_ADMIN_USER=admin
      - NEXTCLOUD_ADMIN_PASSWORD=your-admin-password
      - NEXTCLOUD_TRUSTED_DOMAINS=cloud.yourdomain.com
      - OVERWRITEPROTOCOL=https
      - OVERWRITECLIURL=https://cloud.yourdomain.com
    depends_on:
      - db
      - redis

  db:
    image: mariadb:11
    container_name: nextcloud-db
    restart: unless-stopped
    volumes:
      - db_data:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=your-root-password
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_PASSWORD=your-strong-password
    command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW

  redis:
    image: redis:7-alpine
    container_name: nextcloud-redis
    restart: unless-stopped
    volumes:
      - redis_data:/data

volumes:
  nextcloud_data:
  db_data:
  redis_data:

Step 2: Configure Redis Caching

After first start, configure Redis in config.php:

docker exec -it nextcloud bash
apt update && apt install -y nano
nano /var/www/html/config/config.php

Add to the config array:

'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.distributed' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' => [
    'host' => 'redis',
    'port' => 6379,
],

Step 3: Start Nextcloud

docker compose up -d

Step 4: Reverse Proxy (Caddy)

# /etc/caddy/Caddyfile
cloud.yourdomain.com {
    reverse_proxy localhost:8080
    request_body {
        max_size 10GB
    }
}

sudo systemctl restart caddy

Step 5: DNS

Add an A record: cloud.yourdomain.com → your server IP

Step 6: Install Essential Apps

Navigate to Apps in the top menu:

App	Purpose
Nextcloud Office	Collaborative document editing (LibreOffice)
Calendar	Shared team calendars (CalDAV)
Contacts	Contact management (CardDAV)
Talk	Video calls, screen sharing, chat
Mail	Email client built into Nextcloud
Deck	Kanban boards for task management
Notes	Markdown note-taking
Forms	Surveys and forms (Typeform alternative)
Collectives	Team knowledge base
Groupware	Combined calendar, contacts, mail

Step 7: Configure Background Jobs

Switch from AJAX to cron for reliable background tasks:

# Add to host crontab
*/5 * * * * docker exec -u www-data nextcloud php cron.php

In Administration Settings → Basic settings → set background jobs to Cron.

Step 8: Set Up External Storage (Optional)

Mount S3-compatible storage for scalable file storage:

1. Enable the External storage support app
2. Administration Settings → External storage
3. Add S3 bucket with your credentials

Production Hardening

Performance tuning (config.php):

'default_phone_region' => 'US',
'maintenance_window_start' => 1,  // 1 AM UTC
'filelocking.enabled' => true,

Backups:

# Database backup (daily cron)
docker exec nextcloud-db mysqldump -u nextcloud -p nextcloud > /backups/nc-db-$(date +%Y%m%d).sql

# File data backup
docker run --rm -v nextcloud_data:/data -v /backups:/backup alpine \
  tar czf /backup/nc-files-$(date +%Y%m%d).tar.gz /data

For large file stores, use automated server backups with restic to back up directly to Backblaze B2 or S3 without storing local copies. Restic's deduplication makes it efficient for file backup even with large datasets.

Updates:

docker compose pull
docker compose up -d
# Run upgrade inside container
docker exec -u www-data nextcloud php occ upgrade

Monitoring:

• Monitor port 8080 with Uptime Kuma
• Set up disk space alerts (storage grows with users)
• Check /status.php endpoint for health

Resource Usage

Users	RAM	CPU	Disk
1-10	2 GB	2 cores	50 GB
10-50	4 GB	4 cores	200 GB
50-100	8 GB	4 cores	500 GB+

VPS Recommendations

Provider	Spec (25 users)	Price
Hetzner	4 vCPU, 8 GB RAM, 160 GB	€8/month
DigitalOcean	2 vCPU, 4 GB RAM, 80 GB	$24/month
Linode	2 vCPU, 4 GB RAM, 80 GB	$24/month

Add a separate block storage volume for file data as your team grows.

Production Security Hardening

A Nextcloud server holds your team's files, calendars, and contacts — often the most sensitive data in an organization. The self-hosting security checklist covers the full picture; here are Nextcloud-specific priorities.

UFW firewall: Block direct container port access; only Caddy should be internet-facing.

sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 22/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw deny 8080/tcp   # Block direct Nextcloud access
sudo ufw enable

Fail2ban for SSH and Nextcloud brute force:

sudo apt install fail2ban -y

/etc/fail2ban/jail.local:

[sshd]
enabled = true
maxretry = 5
bantime = 3600
findtime = 600

Environment secrets: Your Docker Compose file contains the admin password and database credentials. Use a .env file instead of hardcoding values:

# .env
MYSQL_PASSWORD=your-strong-password
NEXTCLOUD_ADMIN_PASSWORD=your-admin-password

chmod 600 .env
echo ".env" >> .gitignore

Disable SSH password auth: Edit /etc/ssh/sshd_config:

PasswordAuthentication no
PermitRootLogin no

Restart: sudo systemctl restart sshd

Automatic security updates:

sudo apt install unattended-upgrades -y
sudo dpkg-reconfigure --priority=low unattended-upgrades

Nextcloud-specific: Enable two-factor authentication for all users (TOTP app available in the Nextcloud App Store). Configure bruteforce protection under Administration Settings → Security → Bruteforce throttling. Restrict public file sharing to require passwords and expiry dates.

Troubleshooting Common Issues

Nextcloud shows "Trusted domain" error

This means you're accessing Nextcloud from a domain not listed in NEXTCLOUD_TRUSTED_DOMAINS. Either add the domain to your environment variable and restart, or add it directly in config.php:

'trusted_domains' => [
  'cloud.yourdomain.com',
  'localhost',
],

File uploads fail at large sizes

Check three limits in sequence: Caddy's max_size (should be at least 10GB for large uploads), PHP's upload_max_filesize and post_max_size inside the container (default 512M — increase in the Nextcloud Docker image's PHP config), and the Nextcloud admin setting under Administration Settings → Files → Maximum upload size.

Nextcloud Office won't open documents

Nextcloud Office requires a separate Collabora Online server or the built-in CODE server (installed via the Nextcloud Office app). If you installed the app but Office still fails to open documents, check that the CODE server started correctly: docker exec nextcloud ps aux | grep collab. Alternatively, point to an external Collabora server via Administration Settings → Nextcloud Office.

Background jobs show "Last cron execution was X hours ago"

The cron job isn't running. Verify the crontab entry: crontab -l. The command must include -u www-data since Nextcloud files are owned by that user. Also verify the container is named nextcloud exactly. Test manually: docker exec -u www-data nextcloud php cron.php and check for errors.

Sync clients show "Server replied: 423 Locked"

This is a file locking conflict. Redis-based locking is more reliable than database locking — ensure Redis is configured in config.php as shown above. If lock errors persist, clear stuck locks manually:

docker exec -u www-data nextcloud php occ files:scan --all
docker exec -u www-data nextcloud php occ maintenance:data-fingerprint

Ongoing Maintenance and Operations

Nextcloud is one of the more maintenance-intensive self-hosted applications, but the operational work is predictable and manageable once you establish routines.

Disk space management. This is Nextcloud's most common operational issue. Users delete files but don't empty the trash, consuming storage indefinitely. Configure the trash retention period in Administration Settings → File handling → Trash retention obligation (e.g., automatically delete trashed files after 60 days). Similarly, configure the file versions retention policy to prevent old file revisions from consuming unlimited disk space.

Running the occ command. Nextcloud's occ (ownCloud Console) tool is the primary maintenance interface. Common operations you'll run periodically:

• docker exec -u www-data nextcloud php occ files:scan --all — rescans the file system, useful after manual file operations
• docker exec -u www-data nextcloud php occ maintenance:repair — repairs inconsistent database state
• docker exec -u www-data nextcloud php occ db:add-missing-indices — adds database indices added in newer versions
• docker exec -u www-data nextcloud php occ app:update --all — updates all installed apps

App updates. Nextcloud apps update independently of the core application. Enable automatic app updates in Administration Settings → Apps → Allow automatic app updates, or update manually monthly with the occ app:update --all command. Outdated apps sometimes cause warnings in the admin panel that won't affect functionality but can be distracting.

Major version upgrades. Nextcloud releases a new major version every 6 months. Upgrades must be done sequentially — you can't skip versions. Use the docker exec -u www-data nextcloud php occ upgrade command after pulling a new major version image. Always back up before major version upgrades. The upgrade typically takes 5-15 minutes during which Nextcloud enters maintenance mode.

CalDAV and CardDAV sync. Nextcloud's Calendar and Contacts apps expose CalDAV/CardDAV endpoints compatible with all major calendar and contact applications. For macOS users, point Calendar.app to https://cloud.yourdomain.com/remote.php/dav/. For Android, DAVx5 (formerly DAVdroid) is the recommended sync client. Document these endpoints for your team — the native integration with system calendars is one of Nextcloud's best features and worth the brief setup time.

User storage quotas. Without quotas, any user can fill your entire disk. Set default storage quotas in Administration Settings → Sharing → Default user quota. A sensible starting point is 10-50 GB per user depending on your disk capacity, with the option to increase for power users who need more.

External user authentication. For organizations with existing user directories, Nextcloud's LDAP/AD integration (available in the LDAP/AD Integration app) allows users to log in with their existing corporate credentials. This is significantly easier for onboarding new team members than managing separate Nextcloud accounts.

Nextcloud as a collaboration hub. The most effective Nextcloud deployments go beyond file storage. With Talk installed, your team gets encrypted video calls, screen sharing, and text chat — hosted entirely on your server. Nextcloud Office enables real-time collaborative editing of documents, spreadsheets, and presentations via a LibreOffice-based engine. Combined with Calendar (CalDAV) and Contacts (CardDAV), a single Nextcloud deployment can replace Google Workspace for teams willing to manage their own infrastructure. The tradeoff versus Google Workspace is real — Google's mobile apps and offline editing are more polished — but for organizations where data sovereignty is a requirement rather than a nice-to-have, Nextcloud delivers a genuinely complete collaboration suite at a fraction of the cost. A 50-person team on Nextcloud spends roughly $580/year in infrastructure instead of $3,600+ on Google Workspace Business Starter, representing a significant annual saving even after accounting for maintenance time.

---

Compare cloud storage platforms on OSSAlt — features, self-hosting guides, and pricing side by side.

See open source alternatives to Nextcloud on OSSAlt.