Self-Hosted Personal Cloud: From Old Laptop to Fully Private Cloud

-


Assalamualaikum and greetings from Semenyih! This is your complete A-to-Z guide for turning an old laptop and a WD My Cloud NAS into a secure, self-hosted cloud server — fully under your control and accessible from anywhere in the world.

This journey combines the best of both worlds: the raw technical depth from my original build notes and a beginner-friendly, step-by-step flow. Whether you're here to learn the basics or to dive straight into Docker configs, you'll find what you need.

Why I Built This

Western Digital discontinued remote access support for older WD My Cloud devices, essentially turning them into local-only storage. Rather than letting mine gather dust, I built a replacement cloud service using Debian Linux, Docker, Nextcloud, and Nginx Proxy Manager — bringing back remote access and adding more privacy, flexibility, and control than the original ever had. Recently, I've also rebuilt my dead WD My Cloud hard drive by replacing the failed drive with a new one — here's how I did it.

What You'll Need

  • An old laptop (dedicated to this project) – This will act as your always-on home server, hosting Nextcloud and acting as the "middleman" between your WD My Cloud NAS and the internet. Tip: Even older laptops with at least 4GB RAM and a decent CPU can work well for this.
  • USB drive (≥ 4GB) to install the server OS – You'll use this to create a bootable installer for your Linux server operating system (e.g., Ubuntu Server). Note: Larger USB drives are fine, but 4GB is the minimum for most modern Linux server ISOs.
  • WD My Cloud NAS (or similar) on your local network – This is your existing network-attached storage device where your files live. We'll mount it to the server so Nextcloud can manage and serve those files securely over the internet.
  • A domain name + DNS access (like cPanel) – A domain makes it easier to access your server (e.g., cloud.example.com) instead of remembering an IP address. You'll need DNS control so you can point your domain/subdomain to your server's IP.
  • Basic Linux command-line knowledge – You should be comfortable running commands in the terminal (e.g., SSH, package installation, editing config files). You don't need to be an expert, but familiarity will save time and prevent mistakes.

Step 1: Install the Server OS (Debian 12)

  1. Download the Debian 12 "Bookworm" netinst ISO from debian.org/distrib.
  2. Create a bootable USB installer:
  3. Boot your laptop from the USB and start the Debian installation.
    • On the "Software selection" screen, uncheck "Debian desktop environment" and check only:
    • When prompted for a root password, leave it blank — the main user you create will have sudo privileges.

💡 Why 50 GB on the second drive?

In this setup, the operating system (Debian) will be installed on my 120 GB SSD for speed and reliability. My laptop also has a 500 GB HDD for bulk storage. I will dedicate 50 GB of that HDD to store Nextcloud's application data and configuration files. The remaining ~450 GB of the HDD will stay free, which I can later mount as my main NAS storage area.

This approach keeps your OS and Nextcloud separate:

  • If you ever reinstall Debian, your Nextcloud data is not wiped (as it lives on a different drive).
  • The OS runs from the faster SSD, while the larger HDD holds bulk files.

📏 Creating the 50 GB partition on /dev/sdb with parted

  1. After Debian is installed (or during install if you prefer manual partitioning), open a terminal and run: 
    sudo parted /dev/sdb
  2. Inside parted, set a GPT partition table (warning: erases all data on /dev/sdb): 
    (parted) mklabel gpt
  3. Create a new 50 GB primary partition at the start of the HDD: 
    (parted) mkpart primary ext4 1MiB 50GiB
  4. Optionally create another partition for the rest of the HDD: 
    (parted) mkpart primary ext4 50GiB 100%
  5. Check your work: 
    (parted) print
  6. Exit parted: 
    (parted) quit
  7. Format the 50 GB partition for Nextcloud: 
    sudo mkfs.ext4 /dev/sdb1

Later in this guide, we'll mount /dev/sdb1 to /media/nextcloud so Docker can store Nextcloud's files there.

Step 2: Install Docker & Docker Compose

  1. Log in to your server via SSH
    If you're not already on your Debian server, connect from another machine using: 
    ssh your_username@SERVER_IP
    Replace your_username with the user you created during Debian installation, and SERVER_IP with your server's IP address.
    Tip: You can find the server's IP by running ip a directly on the machine.
  2. Update all existing packages
    Run: 
    sudo apt update && sudo apt upgrade -y
    - sudo apt update fetches the latest package lists from Debian repositories.
    - sudo apt upgrade -y upgrades all installed software to their latest versions without asking for confirmation.
    Keeping your system updated before installing Docker helps prevent compatibility issues.
  3. Install Docker
    The official convenience script from Docker makes installation easier: 
    curl -fsSL https://get.docker.com -o get-docker.sh && sudo sh get-docker.sh
    - curl -fsSL downloads the script securely.
    - -o get-docker.sh saves it as a file named get-docker.sh.
    - sudo sh get-docker.sh runs it with administrator privileges.
    This will install both the Docker Engine and the Docker CLI on your Debian system.
  4. Add your user to the Docker group
    By default, Docker commands require sudo. To run them without typing sudo every time, add your user to the Docker group: 
    sudo usermod -aG docker your_username
    - -aG appends your user to the specified group without removing other group memberships.
    Important: You must log out and log back in (or reboot) for this change to take effect.
  5. Verify Docker installation
    After logging back in, test Docker by running: 
    docker run hello-world
    If it prints a welcome message, Docker is installed and working correctly.
  6. Install Docker Compose (v2)
    Docker Compose lets you run multi-container setups like Nextcloud + database. On modern Docker installations, Docker Compose v2 is included as a plugin, so you can check with: 
    docker compose version
    If it shows a version number, you're ready to go. If not, you can install it via: 
    sudo apt install docker-compose-plugin

Step 3: Point Your Domain Name

Before you can securely access your Nextcloud from anywhere, you'll need to connect your server to a domain name. This step ensures that instead of typing your server's numeric IP address, you can simply type something easy like cloud.yourdomain.com in your browser.

  1. Find your public IP address:
    Your public IP is the internet-facing address of your home or server. Run: 
    curl -4 ifconfig.me

    This will return a number like 123.45.67.89. Write this down, because you'll need it in the next step.

  2. Point your domain to your server:
    Log in to your hosting control panel (for example, cPanel). Go to Zone Editor (or DNS Manager) and create a new A record:
    • Name: 
      cloud
      — this means your Nextcloud will be at 
      cloud.yourdomain.com
    • Address: your public IP address from step 1

    Once saved, DNS changes usually take between 5 minutes and 1 hour to propagate globally, but can sometimes take up to 24 hours.

  3. If your ISP uses a dynamic IP address:
    Some ISPs change your public IP address periodically. If that happens, your domain will stop pointing to your server unless you update it each time. To avoid this hassle, you can use a Dynamic DNS (DDNS) service that automatically updates your domain when your IP changes.
  4. Optional (Free DDNS option):
    If you don't have a domain name, you can register for a free DDNS service and point it directly to your home IP. I recommend No-IP — using my referral link gives me $5 No-IP Credit which help me in some ways, and your will get 20% OFF any new service with coupon code REFER20.

    With No-IP, you could get a hostname like myawesomecloud.ddns.net for free, which will automatically stay linked to your changing IP address.

Why this step matters: Without linking a domain (or DDNS) to your IP, you would have to remember a long number that may even change over time. Using a domain name makes your cloud setup user-friendly, professional-looking, and easier to secure with HTTPS.

Step 4: Create the Docker Environment

In this step, we will set up the Nextcloud server, a database, and a reverse proxy using Docker Compose. This setup will run three separate containers:

  • Nextcloud – The main application for your personal cloud storage.
  • MariaDB – A reliable database engine used by Nextcloud to store data.
  • Nginx Proxy Manager – A simple interface to manage HTTPS certificates and domain routing.
  1. Create the project directory (this keeps all your config files together): 
    mkdir ~/nextcloud-stack && cd ~/nextcloud-stack
  2. Create the 
    docker-compose.yml
    file (this file tells Docker how to run the containers): 
    version: '3.8' //This is deprecated, remove this
services:
  nextcloud:
    image: nextcloud:latest
    restart: unless-stopped
    volumes:
      - ./nextcloud_config:/var/www/html/config
      - /mnt/nextcloud_data:/var/www/html/data
      - /mnt/nas_share:/media/nas
    environment:
      - MYSQL_HOST=db
      - MYSQL_USER=nextcloud
      - MYSQL_PASSWORD=your_strong_db_password
      - MYSQL_DATABASE=nextcloud
    depends_on:
      - db

  db:
    image: mariadb:10.6
    restart: unless-stopped
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
    volumes:
      - ./mariadb_data:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=your_strong_root_password
      - MYSQL_PASSWORD=your_strong_db_password
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud

  proxy:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      - '80:80'   # HTTP
      - '443:443' # HTTPS
      - '81:81'   # Nginx Proxy Manager Admin UI
    volumes:
      - ./npm_data:/data
      - ./npm_letsencrypt:/etc/letsencrypt

    Note: Replace your_strong_root_password and your_strong_db_password with long, random passwords for better security.

  3. Create the storage directories for Nextcloud data and NAS mount point: 
    sudo mkdir /mnt/nextcloud_data /mnt/nas_share

    /mnt/nextcloud_data will store uploaded files from Nextcloud.
    /mnt/nas_share will be the mount point for your NAS drive.

  4. (Optional but recommended) Set correct permissions so Docker containers can access the storage: 
    sudo chown -R 33:33 /mnt/nextcloud_data

    UID/GID 33:33 is the default www-data user in the Nextcloud container.

  5. Start the environment: 
    docker compose up -d

    This will download the necessary images and run them in the background.

  6. Verify all containers are running: 
    docker ps

    You should see three containers: nextcloud, db, and proxy.

Security Tip: Store your passwords in a secure password manager. Avoid hardcoding them in public repositories.

Step 5: Mount Your WD My Cloud NAS and 50GB Local Partition

  1. Install CIFS tools (for NAS access):
    sudo apt install cifs-utils
  2. Create credentials file for NAS:
    sudo nano /etc/samba/credentials

    Add:
    username=your_nas_username
password=your_nas_password
    Secure it:
    sudo chmod 600 /etc/samba/credentials
  3. Find UUIDs for your drives:
    sudo blkid

    Look for the 50GB partition (likely /dev/sdX) and note its UUID.
  4. Edit 
    /etc/fstab
    to include both NAS and local 50GB partition:
    # Mount NAS for Nextcloud External Storage
//192.168.1.120/YOUR_FILE /mnt/nas_share cifs credentials=/etc/samba/credentials,uid=33,gid=33,iocharset=utf8,vers=2.0,dir_mode=0770,file_mode=0660,_netdev 0 0

# Primary Nextcloud Data on local 50GB drive
UUID=YOUR_50GB_UUID_HERE /mnt/nextcloud_data ext4 defaults,errors=remount-ro 0 2
    Replace YOUR_50GB_UUID_HERE with the UUID from the blkid output.
  5. Create mount points (if they don't already exist):
    sudo mkdir -p /mnt/nas_share /mnt/nextcloud_data
  6. Mount everything:
    sudo mount -a

Step 6: Initial Nextcloud Setup

  1. Start all Docker containers:
    In your project directory (where your docker-compose.yml file is located), run:
    docker compose up -d
    This will pull the necessary images (if not already downloaded) and start the containers for Nextcloud, the database, and Nginx Proxy Manager in the background.
  2. Configure Nginx Proxy Manager (NPM):
    1. Open your web browser and go to: 
      http://SERVER_IP:81
      Replace SERVER_IP with your server's LAN IP address (e.g., 192.168.1.150).
    2. Log in using the default credentials (if first time): 
      Email: admin@example.com
Password: changeme
      You will be prompted to set a new email and password.
    3. Go to Hosts → Proxy Hosts → Add Proxy Host.
    4. Fill in:
      • Domain Names: 
        cloud.yourdomain.com
      • Scheme: 
        http
      • Forward Hostname / IP: 
        nextcloud
      • Forward Port: 
        80
    5. Under the SSL tab:
      • Select Request a new SSL certificate.
      • Tick Force SSL, HTTP/2 Support, and HSTS Enabled.
      • Choose Let's Encrypt and enter a valid email for certificate registration.
    6. Click Save. Nginx Proxy Manager will now route all HTTPS traffic for 
      cloud.yourdomain.com
      to your Nextcloud container.
  3. Complete Nextcloud's installation:
    1. In your browser, visit: 
      https://cloud.yourdomain.com
    2. Create an admin account by entering:
      • Username: Choose your Nextcloud admin username, e.g.: 
        admin
      • Password: Choose a strong password.
    3. Set the Data folder to your mounted storage directory 
      /mnt/nextcloud_data
    4. Click Finish Setup. Nextcloud will initialize its database, create necessary directories, and start your personal cloud environment.

Step 7: Add NAS as External Storage

  1. Enable "External Storage Support" in Nextcloud Apps

    By default, Nextcloud has an optional app called External Storage Support that allows you to mount local directories, other network shares (SMB/CIFS, FTP, S3, etc.), and present them to users inside Nextcloud. This is what we'll use to connect our NAS.

    1. Log in to your Nextcloud instance as an administrator.
    2. Click your profile icon in the top-right corner → Apps.
    3. In the left sidebar, select Disabled apps or use the search bar to look for 
      External storage support
    4. Click Enable. (This app is officially maintained by Nextcloud, so it's safe to enable.)
  2. Configure NAS as Local External Storage

    Now that the app is active, we'll tell Nextcloud where the NAS data is mounted inside the Docker container, in our case: 

    /media/nas
    1. Go to Settings (via the profile menu).
    2. In the left-hand sidebar under Administration, click External storage.
    3. At the bottom of the list, add a new mount point:
      • Storage type: Local
      • Folder name: 
        NAS
        (This is the name users will see in their file list.)
      • Configuration: 
        /media/nas
        (This is the bind mount path from the Docker volumes: section in Step 4.)
      • Available for: leave blank to make it global, or select specific users/groups.
    4. If you see a green circle icon next to the entry, it means the mount is detected and accessible by Nextcloud.
    5. If you see a red square, check:
      • The mount path exists inside the container.
      • Correct permissions: 
        sudo chown -R 33:33 /mnt/nas_share
        (33:33 is the www-data UID:GID used by Nextcloud.)
  3. Scan Files to Populate the File Index

    Nextcloud maintains an internal database of files. Since we're adding an external directory, we need to scan it so files appear in the web UI immediately.

    docker compose exec --user www-data nextcloud php occ files:scan --all
    • --user www-data
      ensures the command runs with Nextcloud's web server permissions. 
    • --all
      scans all users' storages. You can target a single user with: 
      php occ files:scan username
    • The scan time depends on the number of files on the NAS.

    Once the scan completes, the NAS files should now be visible in the NAS folder in Nextcloud.

Troubleshooting Tips

  • Permission errors: If Nextcloud cannot read or write files, check ownership of your data directory. The 
    www-data
    user (UID 33, GID 33 in Debian/Ubuntu-based systems) should own all Nextcloud data. Run: 
    sudo chown -R 33:33 /mnt/nextcloud_data
    This ensures Nextcloud can manage uploads, previews, and file syncing without hitting permission-denied errors. For external mounts (like NAS shares), ensure the mount point itself is accessible to 
    www-data
    and that any underlying filesystem supports required permissions.
  • Mount errors (Error 95): If you encounter "mount error(95): Operation not supported" when mounting SMB/CIFS shares, the SMB protocol version may be incompatible. Update your /etc/fstab entry to try different vers values: vers=3.0 If that fails, try vers=2.0. Some older NAS devices (like WD My Cloud) may only work with vers=2.0, but note this is less secure. After editing, remount with: 
    sudo mount -a
  • DNS not working: If your custom domain (e.g., cloud.example.com) does not resolve, it may be due to slow or incomplete DNS propagation. Use tools like dnschecker.org to verify your domain's A/AAAA records have propagated globally. If they have not, wait up to 48 hours, or check your registrar's DNS settings for typos or missing records.
  • Static IP: Assigning a static local IP to your Nextcloud server prevents connectivity issues after router restarts. Use your router's admin interface to set a DHCP reservation for your server's MAC address. This ensures port forwarding, SSL, and reverse proxy rules always point to the correct device.
  • Reverse proxy errors: If you're using Nginx Proxy Manager (NPM) or similar, verify:
    • Your domain is pointing to your public IP.
    • Port forwarding for HTTP (80) and HTTPS (443) is enabled on your router to your proxy host.
    • SSL certificates are valid and not expired.
    • For websocket or long-polling support, enable proxy buffering adjustments in NPM.
    Incorrect reverse proxy settings often cause login loops or resource loading failures.
  • Content Security Policy (CSP) form-action login issue: If you see an error like: Refused to send form data to 'https://cloud.example.com/index.php/login' because it violates the following Content Security Policy directive: "form-action 'self'". This usually means your proxy or Nextcloud's CSP headers are blocking cross-domain form submissions.
    • Ensure you are accessing Nextcloud from the exact same URL configured in config/config.php under 'trusted_domains' and 'overwrite.cli.url'.
    • If using Nginx Proxy Manager, remove any conflicting CSP settings in the "Advanced" tab for that host.
    • Inside Nextcloud's container or installation, check .htaccess and config/config.php for hardcoded CSP rules.
    • If you have custom headers in your reverse proxy, ensure form-action includes your full domain (e.g., form-action 'self' https://cloud.example.com).
    Once CSP rules are aligned between the application and proxy, login forms should submit without being blocked.

Fixing Nextcloud Admin Dashboard Warnings

Here's how you can fix each of those Security & Setup warnings from your Nextcloud admin dashboard. These can all be done inside your Docker Nextcloud setup.

  1. Trusted proxies setting not correctly set: 
    # Enter container
docker exec -it nextcloud-stack-nextcloud-1 bash

# Edit config.php
vi /var/www/html/config/config.php

# Add:

'trusted_proxies' => 
  array (
    0 => 'nextcloud-stack-proxy-1', // Remove this
    0 => '172.18.0.3', // Replace with your proxy container's internal Docker IP
  ),


# Get proxy container IP
docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' nextcloud-stack-proxy-1

# Restart Nextcloud
docker restart nextcloud-stack-nextcloud-1
  2. No maintenance window configured: 
    docker exec -u www-data -it nextcloud-stack-nextcloud-1 php occ config:system:set maintenance_window_start --type=integer --value=1
# Value is hour in UTC (0–23)
  3. Mimetype migrations available: 
    docker exec -u www-data -it nextcloud-stack-nextcloud-1 php occ maintenance:repair --include-expensive
  4. HSTS header not set:

    In Nginx Proxy Manager → Edit Proxy Host → Advanced tab, add:

    add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;

    In Nginx Proxy Manager → Edit Proxy Host → SSL tab:

    Toggle HSTS Enabled and HSTS Subdomains on

    Then restart Nginx Proxy Manager.

  5. Default phone region not set: 
    'default_phone_region' => 'MY', // Example: MY for Malaysia, US for USA

    Full ISO codes: List of country codes

  6. Email server not configured:

    In Nextcloud: Settings → Basic settings → Email server → set SMTP or sendmail → Send email to verify.

✅ After all changes:

docker restart nextcloud-stack-nextcloud-1

Then refresh the admin page to confirm warnings are gone.

Congratulations — you now have a fully functional, secure, self-hosted cloud. With this setup, your old laptop gets a new life, your WD My Cloud regains remote access, and your data sovereignty is fully restored.


Support My Work

If this blog post helped you, please consider a small donation. Your support helps keep this content free and accessible for everyone. Thank you!

Donate with PayPal

The easiest way to support me is by buying me a coffee through PayPal. It's quick, secure, and uses a trusted platform.

Buy Me a Coffee! or a new Macbook!

Donate with Crypto

You can also support me with cryptocurrency. Just copy the address of your preferred coin below.

Bitcoin
31kpUFfNo8SSq5jidTY9Eihyb9qJS4FPP2
Ethereum
0x32fB1E082EB566bBbca3137a5a17a92db9C880F7
XRP
rsRy14FvipgqudiGmptJBhr1RtpsgfzKMM
XRP Tag
3802858062

Comments

Post a Comment

Popular posts from this blog

How to Download AnyFlip Books as PDFs with Anyflip Downloader

-
Image
Have you ever needed an offline copy of a digital flipbook from AnyFlip for research, archiving, or easy reading on any device? While the platform is great for online viewing, saving content locally can be a challenge. Introducing anyflip-downloader , a powerful and efficient open-source command-line tool from developer Lofter1 , available on GitHub . It's designed to download any AnyFlip book and convert it into a single, high-quality PDF file. This guide will walk you through everything you need to know, from installation to advanced usage, to get the most out of this handy utility. Important Disclaimer This tool is provided for educational and personal use only. You should only use it to download books that you have the right to, or where the publisher officially allows PDF downloads. Please respect copyright laws and the terms of service of AnyFlip. Key Features Simple to Use: Works with a single command. ...
Read more

Mastering WordPress Multisite in cPanel: A Complete Guide

-
Image
Mastering WordPress Multisite in cPanel: A Complete Guide WordPress Multisite is a powerful feature that allows you to run a "network" of multiple websites from a single WordPress installation. For users managing their hosting through cPanel, this setup offers an efficient way to manage themes, plugins, and core updates for dozens or even hundreds of sites simultaneously. Whether you are building a university network, a franchise system, or a personal blog collection, understanding how this architecture works is the first step toward better web management. How Multisite Works Under the Hood Unlike a standard installation, a Multisite network shares its core PHP files and a single database. When you add a new site to the network, WordPress doesn't create a new folder on your server; instead, it creates unique tables within the existing database (e.g., wp_2_posts) and organizes media files into si...
Read more