Advice Wanted: Nextcloud Security/VPNSamba/SFTP/WebDav

Hi all,
Seeking some strategy/advise.
I’ve just installed Nextcloud on my Odroid. I’ve yet to populate it with any data as it isn’t secured with Certbot & Fail2Ban or nothing else. The security aspect troubles me. One question I have is whether it would be any more secure if I hosted it on a VPS rather than at home.
I was looking through all the Nextcloud “apps” and realised that I don’t really need or want to run the vast majority of them. I use Fastmail for email, my wife and I are sharing calendars & contacts via iOS/macOS and I don’t even want to suggest that she changes anything. She doesn’t care how or why something works but I’d rather her blame Apple over me if something doesn’t work.
What I really need most is access to my documents and files (lots of reference material), over LAN and WAN, on my mac laptop and iPhone as well as a way to host shared files (bank statements etc) with wifey (and her Windows machine) without having to sync the weight of it to my laptop or phone.
So Nextcloud’s web browser access is perfect for that. I can pull down or view whatever I need at the time without having to sync entire folders.
Then I realised maybe I don’t need Nextcloud, maybe I just need some shares set up, securely, so I can access remotely.
I have pihole running and was about to set up piVPN so I could access the pinhole from outside the network. Would this make Nextcloud secure too? Would this interfere with my wife’s work VPN?
I must admit I find the concept of VPNs confusing.
Would a paid VPN be better?
And if I ditch Nextcloud for shares should I go with Samba, SFTP or Webdav?
Help me, please



you could install a VPN server on your system. This will allow you to access your local network from outside world on a secure and easy way. I’m personally using WireGuard. All my Clients (Win, iOS and Android) are able to access my network share without issues, if needed. Next to this my mobile devises are able to continue using PiHole to block ads, even if I’m not at home.

I presume you mean VPN. Would a VPN also make access to my Nextcloud instance secure?

I have just finished reading this, and it seems like an easy solution. Is it basically a VPN?

Well I don’t know if I would trust a 3rd party like ZeroTier. Therefore I would recommend your own VPN server on your own DietPi device. If you have established VPN connection from your client, you can access all application on your local network same way as you would be at home.

Thanks Joulinar
Preference between PiVPN, Wireguard, OpenVPN etc?


PiVPN is not an own VPN, it’s a tool to manage Wireguard or OpenVPN.

Personally I prefer Wireguard. I’m using it since the beginning and I’m quite happy with performance as it is much faster than OpenVPN. As well it’s easy to manage.

But at the end it depends on your own preferences.

Hi again Joulinar ,
I cannot find the forum page for Wireguard for help on setting up & configuring.
Can you help?

there you go