Private Cloud HomeLab

Table of Contents

Description

NextCloud is a Free and Open-Source Software (FOSS) described as a "Open source content collaboration platform" and holds a software suite.

NextCloud can be self-hosted by using containers (either docker, podman or others) or by using a Virtual Machine Image.

It has features like NextCloud Files which is a file storage solution like Google Cloud or DropBox.
NextCloud Talk which is a private audio/video conferencing softwarethat also has text-chat abilities for private communication between users like Microsoft Teams or Google Workspace.
Nextcloud Groupware integrates Calendar, Contacts, Mail and other productivity features.
Nextcloud Office is a powerful LibreOffice-based online office suite with collaborative editing, which supports all major document, spreadsheet and presentation file formats and works in all modern browsers.
- LibreOffice is a Open-Source version of the Microsoft 365 suite like Exel, or Docx
local AI assistant that is built into the Nextcloud Hub collaboration platform. Integrated across apps, it can generate content, answer questions about your data, summarize emails, translate, and much more.
- All AI queries are contained within the server, no data is being shared to 3rd parties and the AI uses local hardware to generate its responses, leading to a more private and secure AI implimentation.
NextCloud also has offical and community extentions that allow for NextCloud to be more versitile like createing whiteboards or automation tasks.

I want to build this NextCloud instance so then I have have my personal files anywhere in the world and even use a Generative AI assistant without fear of my data being harvested for big corporations.

In short, this is a all-in-one private cloud solution that is extremely private, secure and versitile.

This project will also be a baseplate for other projects in the future. Since I am running a Debian 12 bookworm as my main operating system I will be able to scale and add more features to my homelab in the future with the help of Proxmox as my Hypervisor and virtuilisation.

Ethos

Number One Priority

It has to be secure

I am willing to sacrifice some features of the software if it means that it will be more secure, this includes not letting people I know will be High-Risk users create an account and use this service

End to End encryption and valid certificates HAVE to be implimented if I want to open this service to the public internet. has deminstrated in my Windows 10 RDP Honeypot project even though I dont advertise my server to the open internet people still find it and try to break in.

No shortcuts

This is more of a Systems project that will serve as a baseplate for possible exspantion in the future. this means propper installation, good configurations with software and no installing random softwares onto the hosting machine.

Impliment Standards and Frameworks

These things in the real world help IT professionals develop a safe and good product for its users, by using these frameworks and internation and national standards I will ensure not only the security of the product but the usability and scailibility of it as well.

Layout

Checklist

Checklist:
- Install Debain 12
  - Full-Disk Encryption
  - Unlockable Remotely
  - Auto-decrypt & mount of backup drive
  - Install Proxmox
  - Configure firewall
  - Administrative accounts set-up
  - Backups enabled and working
- Install Proxmox
  - Configure User accounts
  - Enable auto-updates
  - Firewalls configured
  - Download container images
- Install NextCloud
  - Create Ubuntu server Container
  - Full update & upgrade
  - Install with NextCloud one-liner
- Configure NextCloud
  - Install encryption extention & enable
  - Configured user account policies
  - Configured SMTP server
    - Configure propper authentication
  - Installed SSL certificates for web access
- Configure Routing
  - Enable port-forwarding
  - Configure Cloudflare routing rules
  - Does it work?
- Customise nextcloud to liking!