Hello guys.I have been reading the forum for a long time,but now I need advice/help- will be very kind of you.So,shortly, I am on my final project (Uni) and decided to build a Nextcloud on Raspberry pi4.So far, already installed Dietpi, Nextcloud and used Duckdns( DNS service), installed Let’s Encrypt and everything working fine.Will add a storage as default one, but was thinking about VPN. So,here I am a bit confused - if the VPN is on my server part(pi4) ,do I need additional VPN’s on other devices shared Nextcloud’s resources? Maybe I can’t understand how VPN works- if I covered pi4, probably my connection between my phone (for example) and server will be protected?(am I wrong).The main idea is to create a server with maximum protection, right?And,I saw , VPN is already exist in dietpi-software menu(need to install it,of course)-can I use it this one?Hope I have explained my doubts:) Thanks!
Welcome to our community.
If I understood correctly, you already have a working HTTPS web server connection and you are able to reach NextCloud from outside of your network. Correct?
The question regarding the VPN depends on your use case. If there is no other need to connect to other apps, you should be fine using the setup as is.
Of course, using privat VPN could increase security as nobody else can access your NetxCloud. And yes, you would need a VPN client on each device that like to connect. Means some initial effort would be needed to set it up. In general, if you access NextCloud via VPN only, there would be no need for any HTTPS / Let’s Encrypt and you could remove port forwarding from your router for port 80/443.
In general, you need to make yourself clear on what you like to do. Are you the only one that access NextCloud or are there other, like family mates?
Hello again and thank for the efforts to answer my questions on your best way-much appreciate,mate! So, straight on the problem - this is a project , doing for my Uni and my assumption is to be used for a small company (like 2-3 guys). And,Yes- I have got working HTTPS, but was thinking - is this is enough protection for my small community (these 2-3 guys), or better to use a VPN on shared devices? In case of “Yes” answer - can you advise me which one I can choose (some free or cheap clients)?
P.S. : I have been Windows user for a long time,but Dietpi changes everything - I love it:)
Using HTTPS should be fine to access Nextcloud. There you are quite flexible on the used devices and not bound to where you have installed a VPN client on.
If you more in favour of a VPN, have a look to Wireguard. It’s offering clients on all platforms.
Thanks again for your time ,spending to answer my questions!I am fully satisfied , but in case I jump into VPN , will come back to you for more clarification:) Thanks again and take care!
Recommend having a reverse proxy on the exposed 80,443 ports
nginx reverse proxy works well, so does traefik
tons of howto’s on YT and on the web on how to set those up
On a system, just running Nextcloud, it totally doesn’t make an sense to install NPM. It’s just an additional layer without any benefit.