Install Nextcloud on AWS EC2 and using S3 storage

December 07, 2019

I want more privacy, so I decided to minimize the use of Google products. I can replace Chrome with Firefox, replace Gmail with ProtonMail and replace Google Drive with Nextcloud. Nextcloud allows me to self-host of cloud storage and gives me control over my own data. Here are the steps to install it on AWS:

40e01 0vtolobxit5uqf74

  1. Install nextcloud with snap package manager

    sudo snap install nextcloud

  2. Create admin user account

    sudo nextcloud.manual-install <admin_username> <admin_password>

  3. Adding your trusted domain

    sudo nextcloud.occ config:system:set trusted_domains 1 —value=

  4. Using Route 53, create A record to the IP address of your nextcloud server

  5. Setting up SSL certificate with let’s encrypt, enter your email and domain after:

    sudo nextcloud.enable-https lets-encrypt

1e3b0 0pgy6vjiagq31qwdr

  1. Go to the your domain and you can now login to your nextcloud:

b4390 0yfzy f0q7rap8l4c

6b8a8 0 w7ugojnsxat24b0

  1. Click on Apps and enable “Default encryption mode” and “External Storage Support mode”

  2. Open IAM (Identity and Access Management) in AWS, create a new user with programmatic access.

  3. Create new policy with JSON below, replace your NAMEOFYOURBUCKET with your s3 bucket name. Attached the policy to the new user created above.

8482f 0spcfdpt3qgs x5zy

    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": [
                    "s3:GetBucketLocation",
                    "s3:ListAllMyBuckets"
                ],
                "Resource": "arn:aws:s3:::*"
            },
            {
                "Effect": "Allow",
                "Action": "s3:*",
                "Resource": [
                    "arn:aws:s3:::NAMEOFYOURBUCKET",
                    "arn:aws:s3:::NAMEOFYOURBUCKET*"
                ]
            }
        ]
    }
  1. Go to nextcloud setting and select External storage. Fill in the Bucket with NAMEOFYOURBUCKET, checked enable SSL, enable Path Style and fill in the information with credentials of your newly created user.

  2. Done. Now go to your d3 folder, and you should be able to upload your file.

15950 0nece4bfydfgvdd3


Originally published at https://victorleungtw.com on December 7, 2019.


Profile picture

Experience in software development, application architecture, and deploying cloud solutions for enterprise customers. Strong hands-on skills with a Master's degree in Computer Science and business acumen with a master of business administration (MBA) in Finance. Certified in Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, Kubernetes (CKA, CKAD, CKS, KCNA) and Scrum (PSM, PSPO) with experience in building banking products from scratch. Connect on Linkedin

© 2022, @victorleungtw