Since the summer of 2018, I’ve been running a personal Nextcloud instance on a Raspberry Pi 3B+. Thanks to NextCloudPi, it took almost no time to get a fully functional Dropbox replacement running and over a year later I couldn’t be happier with it.

NextCloudPi is great, and I certainly recommend it. That being said, there is value in setting up an instance from scratch, not least because it means when things break (and things will break), you know better what the issue may be.

For that reason I went ahead and put together my own Nextcloud instance from scratch. This post will explain some of the technological choices and changes I made.

nginx replaces Apache

Quoting them, “NGINX was written specifically to address the performance limitations of Apache web servers”. In general, online discussion on the topic seemed to back this statement up (and nobody claimed the opposite), so I thought I may as well try it.

PostgreSQL replaces MariaDB

For a mostly single-user, sometimes multi-user instance of Nextcloud, this change really is not very substantive (indeed, arguably none of these changes are). That being said I was encouraged to check PostgreSQL out online for its community as well as its detailed documentation.

Arch Linux ARM replaces Raspbian

This is a bigger change. Arch Linux may seem like a strange choice for a server, but there are a few reasons this change makes sense for me.

Architecture

As mentioned earlier, my Raspberry Pi is a model 3B+. Its BCM2837B0 chip brings support for the ARMv8 instruction set architecture, which includes 64-bit operating system capabilities (AArch64). NextCloudPi is essentially a Raspbian 10 Buster image, with most of the prerequisites for Nextcloud already set up. Raspbian (along with most other distributions that are usually installed on a Raspberry Pi) is still a 32-bit OS, and for good reason – the Pi only has 1GiB RAM, and so it’s not worth investing the extra resources to maintain an entire separate branch for changes which wouldn’t be noticeable most of the time. That being said, it’s unlikely it’d run worse with a 64-bit OS, and Arch Linux ARM is one of the few projects which offer such an image for the 3B+.

btw, I use Arch

Having used Linux as my primary OS for a few years now, I’ve already gained experience breaking and fixing things here and there. Most of that knowledge is, of course, transferable between Linux distributions, but I don’t know any distribution as well as I know Arch.

Full disk encryption

One of the limitations with NextCloudPi is that since it’s a ready to go image you simply flash onto the SD card, you can’t set up something like full-disk encryption. Some of the specifics are a little different versus the usually setup with cryptsetup; I found this guide very useful.

Everything now runs in Docker containers

I didn’t actually plan to do this at first, but when I was reading the Arch Wiki nginx install instructions, a chroot based install is recommended for added security.

chroot has its uses, but it seemed clear after a little research that Docker is a more fully-featured product designed for what I’m trying to do here, so I began looking into Docker.

Nextcloud already have a git repository containing examples of possible setups. As mentioned before I’m using nginx; this is done with their php-fpm image. At first I used the Let’s Encrypt helpers Nextcloud include in their docker-compose examples, but I’ve since moved to using Cloudflare for SSL.

Caveat: Compiling One of The Helpers

Note that part of their setup uses jrcs/docker-letsencrypt-nginx-proxy-companion, which doesn’t have Arm images on Docker Hub (related discussion can be found here).

Instead, you can follow the instructions here. Some adaptations are then required in the initial docker-compose file.

Conclusion

Overall, this was a fun experience and I learned a lot from it. I’m very interested in using my other Raspberry Pi 3B+ in tandem with my current set up, as well as hosting more services… stay tuned!