Nextcloud AIO installation

HowTo
,
1

Everything you need to run your own Nextcloud instance at home — Apache reverse proxy, Docker AIO, and NFS storage.

Let’s go through all the requirements step-by-step. The setup covered here uses Nextcloud AIO (All-in-One) running in Docker, fronted by an Apache reverse proxy, with storage served over NFS.

Watch the video first to understand which command goes to which machine — the proxy, the storage server, and the Nextcloud host are three separate roles, though you can collapse them onto fewer machines if needed.

Apache reverse proxy

This virtual host configuration goes on the machine facing the internet. It handles TLS termination and forwards traffic to Nextcloud AIO’s internal Apache on port 11000. Naturally, you can use any reverse proxy that you prefer.

# Setting-up Apache reverse-proxy for Nextcloud

<VirtualHost *:80>
    ServerName <your-nc-domain>

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    RewriteCond %{SERVER_NAME} =<your-nc-domain>
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost *:443>
    ServerName <your-nc-domain>

    # Reverse proxy — https://httpd.apache.org/docs/current/mod/mod_proxy_wstunnel.html
    RewriteEngine On
    ProxyPreserveHost On
    RequestHeader set X-Real-IP %{REMOTE_ADDR}s
    AllowEncodedSlashes NoDecode

    ProxyPass / http://localhost:11000/ nocanon
    ProxyPassReverse / http://localhost:11000/

    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteCond %{HTTP:Connection} upgrade [NC]
    RewriteCond %{THE_REQUEST} "^[a-zA-Z]+ /(.*) HTTP/\d+(\.\d+)?$"
    RewriteRule .? "ws://localhost:11000/%1" [P,L,UnsafeAllow3F]

    # Enable h2, h2c and http1.1
    Protocols h2 h2c http/1.1

    # Solves slow upload speeds caused by http2
    H2WindowSize 5242880

    # TLS
    SSLEngine               on
    SSLProtocol             -all +TLSv1.2 +TLSv1.3
    SSLCipherSuite          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
    SSLHonorCipherOrder     off
    SSLSessionTickets       off

    # If running Apache on a subdomain of a domain that already has a wildcard cert,
    # replace <your-nc-domain> below with just the root domain (e.g. example.com)
    SSLCertificateFile    /etc/letsencrypt/live/<your-nc-domain>/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/<your-nc-domain>/privkey.pem

    TraceEnable off
    <Files ".ht*">
        Require all denied
    </Files>

    # Support large file uploads
    LimitRequestBody 0
    Timeout 86400
    ProxyTimeout 86400
</VirtualHost>

Docker installation on Debian

# Add Docker's official GPG key
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

# Install
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

NFS storage mount

Add this to /etc/fstab on the Nextcloud host. Adjust the IP address, remote path, and local mount point to match your setup.

192.168.99.14:/mnt/jaglenac/nextcloud /mnt/jaglenac nfs4 defaults,_netdev,noatime,nolock,rsize=1048576,wsize=1048576,async,x-systemd.automount,x-systemd.idle-timeout=60 0 0

Installing Nextcloud AIO

This is the final step — run this on the machine that will host Nextcloud itself.

sudo docker run \
--init \
--sig-proxy=false \
--name nextcloud-aio-mastercontainer \
--restart always \
--publish 8080:8080 \
--env APACHE_PORT=11000 \
--env APACHE_IP_BINDING=0.0.0.0 \
--env APACHE_ADDITIONAL_NETWORK="" \
--env SKIP_DOMAIN_VALIDATION=false \
--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
--volume /var/run/docker.sock:/var/run/docker.sock:ro \
ghcr.io/nextcloud-releases/all-in-one:latest

After the container starts, open https://<your-machine>:8080 to complete the web-based setup.

Self-host Nextcloud at home | Linux Renaissance