Lesson 1Sizing CPU, RAM, and storage for 25 users and 2 TB first-year growth with headroomFigure out CPU, RAM, and storage requirements for around 25 users expecting 2 TB growth in the first year. Learn to plan for high usage times, include extra capacity for sudden increases, and prepare for growth without interrupting current Nextcloud services.
Estimating concurrent users and workload patternsCPU core counts and virtualization overheadRAM sizing for PHP, database, and cacheStorage capacity, growth, and safety marginsLesson 2Remote access options: VPN vs direct HTTPS, pros/cons, and access control implicationsLook at remote access choices for users reaching Nextcloud. Compare VPN access with direct HTTPS connection, and grasp authentication, access rules, and logging effects for each method.
User access patterns and threat modelingSite‑to‑site and client VPN design optionsDirect HTTPS exposure and hardeningAccess control, SSO, and audit loggingLesson 3Database selection: MariaDB/MySQL vs PostgreSQL — pros, tuning, and version recommendationsPick between MariaDB/MySQL and PostgreSQL for Nextcloud. Check advantages and drawbacks, suggested versions, and simple adjustments for connections, buffers, and storage engines to get steady, reliable performance at small scale.
MariaDB/MySQL vs PostgreSQL feature overviewVersion support and compatibility guidanceCore tuning: connections, buffers, cachesBackup, restore, and maintenance routinesLesson 4PHP version selection and required PHP modules; version lifecycle and compatibility with Nextcloud releasesSelect a supported PHP version and needed modules for Nextcloud. Know the support timelines, compatibility with releases, and how to set PHP-FPM for better performance, steadiness, and safe running.
Supported PHP versions for Nextcloud releasesRequired and recommended PHP extensionsPHP‑FPM pools, limits, and performanceTracking PHP lifecycle and security updatesLesson 5High-availability and scaling considerations for future growth and optional storage expansion strategiesPrepare for high availability and future growth of your Nextcloud setup. Look into vertical versus horizontal scaling, clustering choices, and storage growth plans so you can increase capacity without big changes.
Vertical vs horizontal scaling trade‑offsLoad balancers and application clusteringScaling database and cache componentsExpanding storage pools and migration pathsLesson 6Network design: DNS naming conventions, internal vs external records, split-horizon DNSSet up a DNS structure that clearly divides internal and external views for Nextcloud. Learn naming rules, split-horizon DNS, and how to prevent conflicts, leaks, and certificate problems when safely opening services.
Choosing consistent DNS names and subdomainsInternal vs external DNS zones and recordsImplementing split‑horizon DNS safelyDNS considerations for TLS and certificatesLesson 7Ports and firewall planning: required ports, NAT, and secure exposure of servicesPlan firewall rules and port openings for a safe Nextcloud setup. Identify needed ports, set up NAT and port forwarding, and choose how to share web, database, and admin interfaces while reducing risks.
Required ports for HTTP, HTTPS, and adminDesigning firewall rules and default policiesNAT, port forwarding, and DMZ placementRestricting admin and database network accessLesson 8Choosing web server: Apache vs Nginx configuration differences and performance/compatibility with NextcloudChoose between Apache and Nginx as the web server for Nextcloud. Compare setup styles, performance, and compatibility, and learn to turn on HTTPS, caching, and key security headers on each.
Apache vs Nginx architecture differencesNextcloud rewrite rules and pretty URLsTLS, HTTP/2, and compression settingsCaching, headers, and security hardeningLesson 9Selecting a Linux distribution: Debian, Ubuntu LTS, CentOS/Rocky — stability and support rationalePick a Linux distribution offering steadiness and long support for Nextcloud. Compare Debian, Ubuntu LTS, and Rocky-like systems on lifecycle, package versions, tools available, and security update ways.
Debian: stability, packages, and ecosystemUbuntu LTS: cadence and vendor supportRocky‑style RHEL clones: pros and limitsKernel, PHP, and database version impactsLesson 10Choosing storage types: HDD, SATA SSD, NVMe, RAID levels, and file system considerationsChoose storage hardware and arrangement for speed and dependability. Compare HDD, SATA SSD, and NVMe, pick RAID levels, and check file systems to balance cost, quickness, and strength for Nextcloud data and database tasks.
Workload patterns for Nextcloud file storageComparing HDD, SATA SSD, and NVMe optionsRAID levels for redundancy and performanceChoosing file systems and mount optionsLesson 11HTTPS and TLS architecture overview: reverse proxies, SSL termination, and certificate choices (Let’s Encrypt vs commercial)Set up HTTPS and TLS structure for your Nextcloud system. Learn how reverse proxies and SSL ending work, when to use Let’s Encrypt or paid certificates, and how to handle renewals and safe ciphers.
End‑to‑end TLS vs TLS termination choicesReverse proxy roles and common topologiesLet’s Encrypt automation and ACME clientsWhen to consider commercial certificatesLesson 12Assessing on-premise vs hosted VM trade-offs for privacy, performance, and costCompare on-site hardware with hosted virtual machines for Nextcloud setup. Check privacy, rules following, performance, cost, and daily work to pick a platform matching your group’s risk and money plans.
Data residency, compliance, and legal controlLatency, throughput, and user experience impactCapEx vs OpEx and total cost of ownershipOperational effort, skills, and support needs
