Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

Deploying Nextcloud on a Yandex Compute Cloud VM from a Container Optimized Image image, integrated with Yandex Object Storage

Written by
Updated at November 27, 2025

In this tutorial, you will deploy Nextcloud on a Compute Cloud VM from a Container Optimized Image and connect an Object Storage bucket to it. To implement this solution, you will need a domain name for accessing resources in Nextcloud.

To deploy Nextcloud integrated with an Object Storage bucket on a VM from a Container Optimized Image image, do the following:

  1. Get your cloud ready.
  2. Create and set up a cloud network.
  3. Create a service account and static access key.
  4. Create an Object Storage bucket.
  5. Create a VM.
  6. Create an A resource record in your domain’s public DNS zone.
  7. Configure Nextcloud on the VM.
  8. Test the solution.

If you no longer need the resources you created, delete them.

Getting started

Sign up for Yandex Cloud and create a billing account:

  1. Navigate to the management console and log in to Yandex Cloud or create a new account.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one and link a cloud to it.

If you have an active billing account, you can navigate to the cloud page to create or select a folder for your infrastructure.

Learn more about clouds and folders here.

The cost of the proposed solution includes:

Set up a cloud network

  1. Create a cloud network and subnets for your new cloud infrastructure:

    1. In the management console, select the folder where you are going to create your infrastructure.
    2. In the list of services, select Virtual Private Cloud.
    3. In the top-right corner, click Create network.
    4. In the Name field, enter a name for the network: nextcloud-network.
    5. Make sure the Create subnets option is enabled and click Create network.

  2. Create a security group that allows the traffic required for your Nextcloud infrastructure:

    1. In the management console, select the folder where you are deploying your infrastructure.

    2. In the list of services, select Virtual Private Cloud.

    3. In the left-hand panel, select Security groups.

    4. Click Create security group.

    5. In the Name field, enter nextcloud-sg for name.

    6. In the Network field, select nextcloud-network you created earlier.

    7. Under Rules, create the following traffic management rules:

      Traffic
      direction      		 Description Port range Protocol Source /
      Destination name      		 CIDR blocks
      Inbound http 8080 TCP CIDR 0.0.0.0/0
      Inbound https 443 TCP CIDR 0.0.0.0/0
      Inbound ssh 22 TCP CIDR 0.0.0.0/0
      Egress any All Any CIDR 0.0.0.0/0

    8. Click Create.

Create a service account and static access key

To enable access from Nextcloud to the Object Storage bucket, create a service account and static access key.

  1. Create a service account:

    1. In the management console, select the folder where you are deploying your infrastructure.
    2. In the list of services, select Identity and Access Management.
    3. Click Create service account.
    4. Enter a name for the service account: nextcloud-sa.
    5. Click Add role and select editor.
    6. Click Create.

  2. Create a static access key:

    1. In the management console, select the folder where you are deploying your infrastructure.

    2. In the list of services, select Identity and Access Management.

    3. In the left-hand panel, select Service accounts and select the nextcloud-sa service account you created earlier.

    4. In the top panel, click Create new key and select Create static access key.

    5. Click Create.

    6. Save the ID and secret key.

      Alert

      After you close this dialog, the key value will no longer be available.

Create an Object Storage bucket

Create the Object Storage bucket you will connect to Nextcloud:

  1. In the management console, select the folder where you are deploying your infrastructure.
  2. In the list of services, select Object Storage.
  3. At the top right, click Create bucket.
  4. In the ** Name** field, enter a name for the bucket, e.g., my-nextcloud-bucket. The bucket name must be unique within Yandex Object Storage.
  5. In the Max size field, specify the bucket size you need or enable No limit.
  6. Leave all the other parameters unchanged and click Create bucket.

Create a VM

Create the VM to deploy Nextcloud on:

  1. In the management console, select the folder to create the infrastructure in.

  2. In the list of services, select Compute Cloud.

  3. In the left-hand panel, select Virtual machines and click Create virtual machine.

  4. Under Boot disk image, navigate to the Container Solution tab and click Configure. In the window that opens:

    1. Navigate to the Docker Compose tab and copy the compose.yaml docker compose specification from the official Nextcloud repository on GitHub into the field that opens.
    2. Click Apply.

  5. Under Location, select an availability zone for your VM.

  6. Under Disks and file storages, set a disk size of at least 40 GB.

  7. Under Computing resources, select the 2 vCPU 4 GB RAM configuration.

    This configuration will be enough to accommodate simultaneous operations by up to 10 users. If there are more active users, provide more available resources for the VM.

  8. Under Network settings:

    • In the Subnet field, select nextcloud-network and the subnet in your new VM's availability zone.
    • In the Public IP address field, leave the Auto value to assign the VM a random public IP address from the Yandex Cloud pool.
    • In the Security groups field, select nextcloud-sg.

  9. Under Access, select SSH key and specify the VM access credentials:

    • In the Login field, enter a username, e.g., yc-user. Do not use root or other reserved usernames. To perform operations requiring root privileges, use the sudo command.

    • In the SSH key field, select the SSH key saved in your organization user profile.

      If there are no SSH keys in your profile or you want to add a new key:

      1. Click Add key.

      2. Enter a name for the SSH key.

      3. Select one of the following:

        • Enter manually: Paste the contents of the public SSH key. You need to create an SSH key pair on your own.

        • Load from file: Upload the public part of the SSH key. You need to create an SSH key pair on your own.

        • Generate key: Automatically create an SSH key pair.

          When adding a new SSH key, an archive containing the key pair will be created and downloaded. In Linux or macOS-based operating systems, unpack the archive to the /home/<user_name>/.ssh directory. In Windows, unpack the archive to the C:\Users\<user_name>/.ssh directory. You do not need additionally enter the public key in the management console.

      4. Click Add.

      The system will add the SSH key to your organization user profile. If the organization has disabled the ability for users to add SSH keys to their profiles, the added public SSH key will only be saved in the user profile inside the newly created resource.

  10. Under General information, specify the VM name: nextcloud-vm.

  11. Click Create VM.

Tip

To ensure that your new VM's public IP address does not change in the future if the VM is stopped, make that address static.

Create an A resource record in your domain’s public DNS zone

To complete this step, you will need a registered domain name, e.g., example.com.

To route your domain's incoming requests to the VM you created earlier, in your public DNS zone, create an A resource record pointing to the VM's public IP address. Further steps to follow will depend on whether your domain is managed by Yandex Cloud DNS or a third-party DNS provider.

If your domain is managed by Yandex Cloud DNS

  1. In the management console, select the folder where you are deploying your infrastructure.

  2. In the list of services, select Cloud DNS.

  3. Select the DNS zone you need, click Create record, and do the following in the window that opens:

    Note

    If you do not have a public DNS zone for the required domain name yet, create one.

    1. In the Name field, select Create subdomain and enter nextcloud to create a subdomain, e.g., nextcloud.example.com, in your domain zone.

    2. In the Type field, select A.

    3. In the Data field, specify the VM's public IP address.

      You can look up the VM's public IP address in the management console by checking the Network section's Public IPv4 address field on the VM information page.

    4. Keep the other settings unchanged and click Create.

If your domain is managed by an external DNS provider

Add an A resource record with the following properties to your DNS provider or your own DNS server:

  • Host: nextcloud.<your_domain_name>.
  • Type: A
  • Value: <VM_IP_address>

Configure Nextcloud on a VM

Follow this tutorial to perform the initial setup of your Nextcloud instance and integrate an Object Storage bucket into Nextcloud.

Perform basic Nextcloud setup

Configure the Nextcloud solution on your new VM using the Nextcloud web interface:

  1. In your browser, enter the subdomain you registered earlier with port 8080, e.g., https://nextcloud.example.com:8080.

    You will see a warning about an insecure connection, as your Nextcloud instance does not have a configured TLS certificate yet. Proceed to the page despite the warning; Nextcloud will later automatically set up a certificate for your instance.

  2. In the window that opens, copy the passphrase from the Passphrase field.

    Warning

    Displayed only once, this passphrase cannot be retrieved again. Without it, you will not be able to get the administrator password or complete your Nextcloud setup.

  3. Click Open Nextcloud AIO login.

  4. In the Nextcloud AIO Login window, paste the passphrase you copied and click Log in.

  5. In the New AIO instance section of the next window, enter the domain name used to access your Nextcloud instance (e.g., nextcloud.example.com) and click Submit Domain.

  6. In the Optional containers section of the next window, disable Nextcloud Talk and click Save changes.

    For this tutorial, this module is optional. You can install it later via the Nextcloud admin interface if needed.

  7. Click Download and start containers.

    The download and startup of the required containers may take several minutes. Wait for this process to complete.

  8. Once all containers are running, the browser window will display the admin password for your Nextcloud instance in the Initial Nextcloud password: field. Save this password, then click Open your Nextcloud.

  9. On the authentication screen, enter admin as the username and the password you got in the previous step, then click Log in.

Set up integration with your Object Storage bucket

  1. Open the application management menu. To do this, click the user icon in the top-right corner of the screen and select Apps from the context menu.

  2. In the window that opens, select Your apps in the left-hand panel.

  3. In the list that opens, find the External storage support application and click Enable in the row with it.

    If needed, enter your Nextcloud administrator password in the pop-up window to confirm the operation.

  4. Open the main settings menu. To do this, click the user icon in the top-right corner of the screen and select Administration settings from the context menu.

  5. In the window that opens, select External storage in the left-hand panel under Administration and specify the Object Storage integration settings under External storage in the window that opens:

    1. In the External storage section, select Amazon S3.

    2. In the Authentication section, select Access key.

    3. In the Configuration section:

      • In the Bucket field, enter the name of the bucket you created earlier, e.g., my-nextcloud-bucket.
      • In the Hostname field, specify storage.yandexcloud.net.
      • In the Port field, specify 443.
      • In the Access key field, paste the ID of the static access key you created earlier.
      • In the Secret key field, paste the secret key of the static access key you created earlier.

    4. Under Available for, enable All people.

    5. On the right side of the section you are editing, click the icon to save your changes.

      Enter your Nextcloud administrator password in the pop-up window to confirm the operation.

Test the solution

To test Object Storage integration with Nextcloud, do the following:

  1. On your local computer, open a browser and enter the domain name of your deployed Nextcloud instance in the address bar:

    https://nextcloud.example.com

  2. Log in to Nextcloud using the admin username and the saved administrator password.

  3. In the left pane of the top menu, select Files.

  4. In the left-hand menu, select External storage and then AmazonS3.

  5. Click New and select Upload files to upload a file from your local computer to the storage.

  6. Select a file on your local computer and upload it to the storage.

    The uploaded file will now appear in the Nextcloud storage named AmazonS3.

  7. In Yandex Object Storage, make sure the file was uploaded to the bucket.

This completes the deployment of the Nextcloud instance and its integration with Object Storage storage.

How to delete the resources you created

  1. Delete the resource record in Yandex Cloud DNS or in your domain registrar's account.
  2. If you created a public DNS zone, delete it in Yandex Cloud DNS or in your domain registrar's account.
  3. Delete the VM.
  4. Delete the objects you created in the bucket, then delete the bucket itself.
  5. Delete the service account.
  6. Delete the subnets, security group, and cloud network one by one.

See also

Previous
Overview
Next
Manually deploying Nextcloud on a VM or VM group