Lesson 1Sizing CPU, RAM, an storage fi 25 users an 2 TB first-year growth wid headroomFigure out CPU, RAM, an storage needs fi bout 25 users wid 2 TB expected growth in di first year. Learn how fi size fi peak load, add extra space fi bursts, an plan expansion widout messing up existing Nextcloud services.
Estimating concurrent users and workload patternsCPU core counts and virtualization overheadRAM sizing for PHP, database, and cacheStorage capacity, growth, and safety marginsLesson 2Remote access options: VPN vs direct HTTPS, pros/cons, an access control implicationsCheck remote access options fi users connecting to Nextcloud. Compare VPN-based access wid direct HTTPS exposure, an understand authentication, access control, an logging fi each way.
User access patterns and threat modelingSite‑to‑site and client VPN design optionsDirect HTTPS exposure and hardeningAccess control, SSO, and audit loggingLesson 3Database selection: MariaDB/MySQL vs PostgreSQL — pros, tuning, an version recommendationsChoose between MariaDB/MySQL an PostgreSQL fi Nextcloud. Check pros an cons, recommended versions, an basic tuning fi connections, buffers, an storage engines to get stable, predictable performance at small scale.
MariaDB/MySQL vs PostgreSQL feature overviewVersion support and compatibility guidanceCore tuning: connections, buffers, cachesBackup, restore, and maintenance routinesLesson 4PHP version selection an required PHP modules; version lifecycle an compatibility wid Nextcloud releasesChoose a supported PHP version an required modules fi Nextcloud. Understand lifecycle timelines, compatibility wid releases, an how fi configure PHP-FPM settings fi performance, stability, an secure operation.
Supported PHP versions for Nextcloud releasesRequired and recommended PHP extensionsPHP‑FPM pools, limits, and performanceTracking PHP lifecycle and security updatesLesson 5High-availability an scaling considerations fi future growth an optional storage expansion strategiesPlan fi high availability an future scaling of yuh Nextcloud setup. Check vertical vs horizontal scaling, clustering options, an storage expansion strategies so yuh can grow capacity widout big redesigns.
Vertical vs horizontal scaling trade‑offsLoad balancers and application clusteringScaling database and cache componentsExpanding storage pools and migration pathsLesson 6Network design: DNS naming conventions, internal vs external records, split-horizon DNSDesign a DNS layout dat cleanly separates internal an external views fi Nextcloud. Learn naming conventions, split-horizon DNS, an how fi avoid conflicts, leaks, an certificate issues when exposing services securely.
Choosing consistent DNS names and subdomainsInternal vs external DNS zones and recordsImplementing split‑horizon DNS safelyDNS considerations for TLS and certificatesLesson 7Ports an firewall planning: required ports, NAT, an secure exposure of servicesPlan firewall rules an port exposure fi a secure Nextcloud deployment. Identify required ports, design NAT an port forwarding, an decide how fi publish web, database, an admin interfaces while minimizing attack surface.
Required ports for HTTP, HTTPS, and adminDesigning firewall rules and default policiesNAT, port forwarding, and DMZ placementRestricting admin and database network accessLesson 8Choosing web server: Apache vs Nginx configuration differences an performance/compatibility wid NextcloudDecide between Apache an Nginx as di web server fi Nextcloud. Compare configuration models, performance, an compatibility, an learn how fi enable HTTPS, caching, an important security headers on each platform.
Apache vs Nginx architecture differencesNextcloud rewrite rules and pretty URLsTLS, HTTP/2, and compression settingsCaching, headers, and security hardeningLesson 9Selecting a Linux distribution: Debian, Ubuntu LTS, CentOS/Rocky — stability an support rationaleSelect a Linux distribution dat offers stability an long-term support fi Nextcloud. Compare Debian, Ubuntu LTS, an Rocky-like platforms in terms of lifecycle, package versions, ecosystem, an security update practices.
Debian: stability, packages, and ecosystemUbuntu LTS: cadence and vendor supportRocky‑style RHEL clones: pros and limitsKernel, PHP, and database version impactsLesson 10Choosing storage types: HDD, SATA SSD, NVMe, RAID levels, an file system considerationsSelect storage hardware an layout fi performance an reliability. Compare HDD, SATA SSD, an NVMe, choose RAID levels, an evaluate file systems to balance cost, speed, an resilience fi Nextcloud data an database workloads.
Workload patterns for Nextcloud file storageComparing HDD, SATA SSD, and NVMe optionsRAID levels for redundancy and performanceChoosing file systems and mount optionsLesson 11HTTPS an TLS architecture overview: reverse proxies, SSL termination, an certificate choices (Let’s Encrypt vs commercial)Design HTTPS an TLS architecture fi yuh Nextcloud stack. Learn how reverse proxies an SSL termination work, when fi use Let’s Encrypt or commercial certificates, an how fi manage renewals an secure ciphers.
End‑to‑end TLS vs TLS termination choicesReverse proxy roles and common topologiesLet’s Encrypt automation and ACME clientsWhen to consider commercial certificatesLesson 12Assessing on-premise vs hosted VM trade-offs fi privacy, performance, an costCompare on-premise hardware wid hosted virtual machines fi a Nextcloud deployment. Evaluate privacy, compliance, performance, cost, an operational effort to choose a platform dat fits yuh organization’s risk profile an budget.
Data residency, compliance, and legal controlLatency, throughput, and user experience impactCapEx vs OpEx and total cost of ownershipOperational effort, skills, and support needs
