Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

Manually deploying Nextcloud on a Yandex Compute Cloud VM or in a VM group, integrated with Yandex Object Storage

Written by
Updated at November 27, 2025

In this tutorial, you will connect an Object Storage bucket to a Nextcloud solution deployed on a Compute Cloud VM instance with a database in a Yandex Managed Service for MySQL® cluster. To ensure fault tolerance and redundancy of your Nextcloud infrastructure, you will scale Nextcloud across an instance group and implement L7 load balancing with Yandex Application Load Balancer. In the fault-tolerant configuration, Nextcloud will be available via a domain name, for which a TLS certificate will be issued in Yandex Certificate Manager.

Note

To implement a fault-tolerant Nextcloud configuration, you will need a domain for the L7 load balancer.

Fault-tolerant solution diagram:

Where:

  • example.com: Your domain for which a certificate is issued in Yandex Certificate Manager, connected to the L7 load balancer.
  • nextcloud-alb: L7 load balancer to evenly distribute incoming user traffic across instance group hosts.
  • nextcloud-instance-group: Instance group with hosts the Nextcloud solution is deployed on.
  • nextcloud-db-cluster: Yandex Managed Service for MySQL® cluster with the Nextcloud service database.
  • my-nextcloud-bucket: Yandex Object Storage bucket connected to the Nextcloud solution.

To deploy Nextcloud in Yandex Cloud and connect an Object Storage bucket:

  1. Get your cloud ready.

  2. Deploy Nextcloud in a basic configuration:

    1. Create and set up a cloud network.
    2. Create a service account and static access key.
    3. Create an Object Storage bucket.
    4. Create a VM.
    5. Create a Managed Service for MySQL® cluster.
    6. Install and configure Nextcloud on the VM.
    7. Test the solution in the basic configuration.

  3. Deploy Nextcloud in a fault-tolerant configuration:

    1. Scale the Managed Service for MySQL® cluster.
    2. Complete Nextcloud setup and create a VM disk snapshot.
    3. Add a TLS certificate to Yandex Certificate Manager.
    4. Deploy an instance group.
    5. Create an L7 load balancer.
    6. Create an A resource record in your domain’s public DNS zone.
    7. Test the solution in the fault-tolerant configuration.

If you no longer need the resources you created, delete them.

Getting started

Sign up for Yandex Cloud and create a billing account:

  1. Navigate to the management console and log in to Yandex Cloud or create a new account.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one and link a cloud to it.

If you have an active billing account, you can navigate to the cloud page to create or select a folder for your infrastructure.

Learn more about clouds and folders here.

The cost of the proposed solution includes:

Deploy Nextcloud in a basic configuration

You will deploy the basic Nextcloud configuration on a single VM with the Nextcloud service database created in a single-host Managed Service for MySQL® cluster or directly on the Nexcloud VM.

Set up a cloud network

  1. Create a cloud network and subnets for your new cloud infrastructure:

    1. In the management console, select the folder where you are going to create your infrastructure.
    2. In the list of services, select Virtual Private Cloud.
    3. In the top-right corner, click Create network.
    4. In the Name field, enter a name for the network: nextcloud-network.
    5. Make sure the Create subnets option is enabled and click Create network.

  2. Create a security group that allows the traffic required for your Nextcloud infrastructure:

    1. In the management console, select the folder where you are deploying your infrastructure.

    2. In the list of services, select Virtual Private Cloud.

    3. In the left-hand panel, select Security groups.

    4. Click Create security group.

    5. In the Name field, enter nextcloud-sg for name.

    6. In the Network field, select nextcloud-network you created earlier.

    7. Under Rules, create the following traffic management rules:

      Traffic
      direction      		 Description Port range Protocol Source /
      Destination name      		 CIDR blocks /
      Security group
      Inbound http 80 TCP CIDR 0.0.0.0/0
      Inbound https 443 TCP CIDR 0.0.0.0/0
      Inbound ssh 22 TCP CIDR 0.0.0.0/0
      Inbound self All Any Security group Current
      Inbound healthchecks All Any Load balancer healthchecks
      Outbound any All Any CIDR 0.0.0.0/0

    8. Click Create.

  3. Create a NAT gateway:

    Your VMs need internet access to connect to Object Storage buckets. To avoid assigning public IP addresses to VM instances in the group, use a NAT gateway to enable internet access.

    Note

    You can also configure VM access to the bucket using service connections.

    This feature is in the Preview stage.

    1. In the management console, select the folder where you are deploying your infrastructure.
    2. In the list of services, select Virtual Private Cloud.
    3. In the left-hand panel, select Gateways and click Create gateway.
    4. In the Name field, specify nextcloud-gateway as the gateway name.
    5. In the Type field, select Egress NAT and click Save.

  4. Create a route table:

    1. In the management console, select the folder where you are deploying your infrastructure.

    2. In the list of services, select Virtual Private Cloud.

    3. In the left-hand panel, select Routing tables and click Create routing table.

    4. In the Name field, specify nextcloud-rt-table.

    5. In the Network field, select nextcloud-network.

    6. Click Add, and in the window that opens:

      1. In the Next hop field, select Gateway.
      2. In the Gateway field, select the NAT gateway you created. The destination prefix will apply automatically.
      3. Click Add.

    7. Click Create routing table.

  5. Link the route table to all subnets in nextcloud-network to route their outgoing traffic via the NAT gateway:

    1. In the management console, select the folder where you are deploying your infrastructure.
    2. In the list of services, select Virtual Private Cloud.
    3. In the left-hand panel, select Subnets.
    4. In the subnet row, click and select Link routing table in the context menu.
    5. In the window that opens, select the route table you created in the previous step and click Link.

    Make sure the Routing table field for each listed subnet displays the name of the route table linked to it.

Create a service account and static access key

To enable access from Nextcloud to the Object Storage bucket, create a service account and static access key.

  1. Create a service account:

    1. In the management console, select the folder where you are deploying your infrastructure.
    2. In the list of services, select Identity and Access Management.
    3. Click Create service account.
    4. Enter a name for the service account: nextcloud-sa.
    5. Click Add role and select editor.
    6. Click Create.

  2. Create a static access key:

    1. In the management console, select the folder where you are deploying your infrastructure.

    2. In the list of services, select Identity and Access Management.

    3. In the left-hand panel, select Service accounts and select the nextcloud-sa service account you created earlier.

    4. In the top panel, click Create new key and select Create static access key.

    5. Click Create.

    6. Save the ID and secret key.

      Alert

      After you close this dialog, the key value will no longer be available.

Create an Object Storage bucket

Create the Object Storage bucket you will connect to Nextcloud:

  1. In the management console, select the folder where you are deploying your infrastructure.
  2. In the list of services, select Object Storage.
  3. At the top right, click Create bucket.
  4. In the ** Name** field, enter a name for the bucket, e.g., my-nextcloud-bucket. The bucket name must be unique within Yandex Object Storage.
  5. In the Max size field, specify the bucket size you need or enable No limit.
  6. Leave all the other parameters unchanged and click Create bucket.

Create a VM

Create the VM to deploy Nextcloud on:

  1. In the management console, select the folder to create the infrastructure in.

  2. In the list of services, select Compute Cloud.

  3. In the left-hand panel, select Virtual machines and click Create virtual machine.

  4. Under Boot disk image, in the Product search field, type Ubuntu 24.04 LTS and select a public Ubuntu 24.04 LTS image.

  5. Under Location, select the ru-central1-a availability zone.

  6. Under Computing resources, select the 2 vCPU 4 GB RAM configuration.

  7. Under Network settings:

    • In the Subnet field, select nextcloud-network and the subnet in the VM availability zone, nextcloud-network-ru-central1-a.
    • In the Public IP address field, leave the Auto value to assign the VM a random public IP address from the Yandex Cloud pool.
    • In the Security groups field, select nextcloud-sg.

  8. Under Access, select SSH key and specify the VM access credentials:

    • In the Login field, enter a username, e.g., yc-user. Do not use root or other reserved usernames. To perform operations requiring root privileges, use the sudo command.

    • In the SSH key field, select the SSH key saved in your organization user profile.

      If there are no SSH keys in your profile or you want to add a new key:

      1. Click Add key.

      2. Enter a name for the SSH key.

      3. Select one of the following:

        • Enter manually: Paste the contents of the public SSH key. You need to create an SSH key pair on your own.

        • Load from file: Upload the public part of the SSH key. You need to create an SSH key pair on your own.

        • Generate key: Automatically create an SSH key pair.

          When adding a new SSH key, an archive containing the key pair will be created and downloaded. In Linux or macOS-based operating systems, unpack the archive to the /home/<user_name>/.ssh directory. In Windows, unpack the archive to the C:\Users\<user_name>/.ssh directory. You do not need additionally enter the public key in the management console.

      4. Click Add.

      The system will add the SSH key to your organization user profile. If the organization has disabled the ability for users to add SSH keys to their profiles, the added public SSH key will only be saved in the user profile inside the newly created resource.

  9. Under General information, specify the VM name: nextcloud-vm.

  10. Click Create VM.

Create a Managed Service for MySQL® cluster

Nextcloud uses a MySQL® database to store service information. In this tutorial, you will deploy the Nextcloud database in a Yandex Managed Service for MySQL® cluster.

Note

You can create the MySQL® database on the same host as Nextcloud, but this is less reliable and does not provide fault tolerance. If you are not intending to deploy a fault-tolerant configuration, you may skip the cluster creation step and create the database later on the Nextcloud host.

To create a Managed Service for MySQL® cluster:

  1. In the management console, select the folder where you are deploying your infrastructure.

  2. In the list of services, select Managed Service for MySQL and click Create cluster.

  3. In the Cluster name field, enter nextcloud-db-cluster.

  4. Under Database:

    • In the DB name field, enter nextcloud.
    • In the Username field, enter user.
    • In the Password field, select Enter manually and enter a password you will use to access the database.

  5. Under Network settings, select nextcloud-network and the nextcloud-sg security group.

  6. Under Hosts, make sure the cluster is going to have one host within the same availability zone you created the VM in.

    Note

    To test Nextcloud in its basic configuration, a single-host cluster would be enough. Later, when deploying a fault-tolerant configuration, you will scale the cluster you created across the remaining availability zones.

  7. Under DBMS settings, click Settings, and in the window that opens:

    1. In the character_set_server field, select utf8mb4.
    2. In the collation_server field, select utf8mb4_general_ci.
    3. Leave all the other parameters unchanged and click Save.

  8. Click Create cluster.

It may take a few minutes to create a cluster.

Install and configure Nextcloud on the VM

  1. Install Nextcloud on nextcloud-vm:

    1. Connect to nextcloud-vm over SSH.

    2. Upgrade the versions of the packages installed on the VM:

      sudo apt update && sudo apt upgrade

    3. Install the required software packages and dependencies:

      sudo apt install \
  apache2 mariadb-server libapache2-mod-php php-gd php-mysql php-curl php-mbstring \
  php-intl php-gmp php-bcmath php-xml php-imagick php-zip php-fpm unzip

    4. Optionally, if you want to create the database on the same host as Nextcloud:

      If you did not create a MySQL® cluster and are not intending to deploy a fault-tolerant solution:

      1. Run MySQL:

        sudo mysql

      2. Run these commands to create the database and user and grant the user the permissions to work with the database:

        CREATE USER 'user'@'localhost' IDENTIFIED BY '<password>';
CREATE DATABASE IF NOT EXISTS nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
GRANT ALL PRIVILEGES ON nextcloud.* TO 'user'@'localhost';
FLUSH PRIVILEGES;
quit;

        Where <password> is the password you will use to access the database.

    5. Download the archive with the latest Nextcloud version:

      wget https://download.nextcloud.com/server/releases/latest.zip

    6. Unpack the archive to the /var/www directory:

      sudo unzip latest.zip -d /var/www

    7. Edit access permissions for the Nextcloud directory:

      sudo chown -R www-data:www-data /var/www/nextcloud
sudo chmod -R 755 /var/www/nextcloud/

    8. Configure the default virtual host:

      1. Open the configuration file of the default virtual host:

        sudo nano /etc/apache2/sites-available/000-default.conf

      2. Replace the contents of 000-default.conf with the following:

        <VirtualHost *:80>
    DocumentRoot /var/www/nextcloud/

    <Directory /var/www/nextcloud/>
    Require all granted
    AllowOverride All
    Options FollowSymLinks MultiViews

    <IfModule mod_dav.c>
    Dav off
    </IfModule>
    </Directory>
    </VirtualHost>

    9. Enable the required Apache web server modules:

      sudo a2enmod rewrite
sudo a2enmod headers
a2enmod env
a2enmod dir
a2enmod mime

    10. Increase the amount of RAM available to the PHP interpreter for processing requests to Nextcloud to 512 MB.

      1. Open the .htaccess file in the Nextcloud installation directory:

        sudo nano /var/www/nextcloud/.htaccess

      2. Add the following line to the end of the file:

        php_value memory_limit 512M

        Make sure to save your changes.

    11. Restart the web server:

      sudo systemctl restart apache2

  2. Configure Nextcloud in the GUI:

    1. Open your local computer browser and enter the following in the address bar:

      http://<VM_public_IP_address>

      You can look up the VM's public IP address in the management console by checking the Network section's Public IPv4 address field on the VM information page.

    2. In the Create an admin account form that opens:

      1. In the New admin account name and New admin password fields, set the Nextcloud administrator credentials you will use to log in to the system.

      2. In the Database account field, enter user, i.e., the database user name you specified when creating the MySQL® cluster or local database.

      3. In the Database password field, enter the database user password you specified when creating the MySQL® cluster or local database.

      4. In the Database name field, enter nextcloud, i.e., the database name you specified when creating the MySQL® cluster or local database.

      5. In the Database host field, specify the FQDN of the cluster's current master host and port in this format:

        c-<cluster_ID>.rw.mdb.yandexcloud.net:3306

        You can look up the cluster ID in the management console by checking the ID field on the cluster information page.

        Note

        If it is not your intention to deploy a fault-tolerant solution and you did not create a MySQL® cluster but created a database on nextcloud-vm instead, leave localhost in the Database host field.

      6. Click Install.

        This will start the deployment of the Nextcloud database. Wait for this process to complete.

    3. After the installation is over, you will see a window with recommended apps. Click Skip. You can get back to installing the applications you need at a later time.

    4. Close the window with information on updates in the current Nextcloud version.

    5. Open the application management menu. To do this, click the user icon in the top-right corner of the screen and select Apps from the context menu.

    6. In the window that opens, select Your apps in the left-hand panel.

    7. In the list that opens, find the External storage support application and click Enable in the row with it.

      If needed, enter your Nextcloud administrator password in the pop-up window to confirm the operation.

    8. Open the main settings menu. To do this, click the user icon in the top-right corner of the screen and select Administration settings from the context menu.

    9. In the window that opens, select External storage in the left-hand panel under Administration and specify the Object Storage integration settings under External storage in the window that opens:

      1. In the External storage section, select Amazon S3.

      2. In the Authentication section, select Access key.

      3. In the Configuration section:

        • In the Bucket field, enter the name of the bucket you created earlier, e.g., my-nextcloud-bucket.
        • In the Hostname field, specify storage.yandexcloud.net.
        • In the Port field, specify 443.
        • In the Access key field, paste the static access key ID you got earlier.
        • In the Secret key field, paste the static access key's secret key you got earlier.

      4. Under Available for, enable All people.

      5. On the right side of the section you are editing, click the icon to save your changes.

        Enter your Nextcloud administrator password in the pop-up window to confirm the operation.

Test the solution in the basic configuration

To test Yandex Object Storage integration with Nextcloud on a single host:

  1. Open your local computer browser and enter the public IPv4 address of the Nextcloud VM in the address bar:

    http://<VM_public_IP_address>

  2. Get authenticated in Nextcloud using the login and password created when configuring the solution in the previous step.

  3. In the left pane of the top menu, select Files.

  4. In the left-hand menu, select External storage and then AmazonS3.

  5. Click New and select Upload files to upload a file from your local computer to the storage.

  6. Select a file on your local computer and upload it to the storage.

    The uploaded file will now appear in the Nextcloud storage named AmazonS3.

  7. In Yandex Object Storage, make sure the file was uploaded to the bucket.

The deployment of the Nextcloud basic configuration is now complete. If you used a MySQL® cluster in the basic configuration, you can now proceed to deploy a fault-tolerant configuration.

Deploy Nextcloud in a fault-tolerant configuration

You will deploy a fault-tolerant Nextcloud configuration in a group of three VMs, the load on Nextcloud hosts distributed with the help of an L7 Yandex Application Load Balancer. The service database will reside in a three-host MySQL® cluster. Hosts of the instance group, load balancer, and MySQL® cluster will be evenly distributed across three availability zones. Nextcloud will be available via the domain name, for which a TLS certificate will be issued in Certificate Manager.

Scale the Managed Service for MySQL® cluster

To add more hosts to a Managed Service for MySQL® cluster:

  1. In the management console, select the folder where you are deploying your infrastructure.

  2. In the list of services, select Managed Service for MySQL and then select nextcloud-db-cluster.

  3. In the left-hand menu, select Hosts.

  4. Use the Create host button to add more hosts to have three hosts in the cluster, one per availability zone.

    Do not enable Public access when creating hosts.

    Warning

    Before adding the third host, wait until the second one goes ALIVE. You cannot add a new host to the cluster until the operation of adding the previous one is over.

Complete Nextcloud setup and create a VM disk snapshot

Before you create a VM snapshot to proceed with the instance group deployment, add your domain to the list of trusted addresses and Nextcloud domains:

  1. Connect to nextcloud-vm over SSH.

  2. Add your domain to the array of trusted addresses and Nextcloud domains:

    1. In the VM terminal, open the Nextcloud configuration file:

      sudo nano /var/www/nextcloud/config/config.php

    2. In the trusted_domains array, replace the host IP address with your domain name.

      Here is an example:

      'trusted_domains' =>
array (
  0 => 'example.com',
),

      The trusted_domains array allows you to restrict the range of IP addresses and/or domains you can use to access Nextcloud and ensures additional protection from unauthorized access. You can specify multiple addresses and/or domains, and you can also reduce or remove this restriction using wildcard characters:

      'trusted_domains' =>
array (
  0 => '*.example.com',
  1 => '198.168.*.*',
),

      In this example, access is allowed from any subdomains of the example.com domain and the IP addresses of the 192.168.0.0 - 192.168.255.255 range.

      'trusted_domains' =>
array (
  0 => '*',
),

      In this example, access is allowed from any domains and IP addresses.

    3. Delete the 'overwrite.cli.url' => 'http://<VM_IP_address>', line.

    4. Save the changes and close the nano editor.

  3. Stop the nextcloud-vm virtual machine.

  4. After the VM stops, create a snapshot of its disk:

    1. In the management console, select the folder to create the infrastructure in.

    2. In the list of services, select Compute Cloud.

    3. In the left-hand panel, select Disks.

    4. In the line with the disk, click and select Create snapshot.

    5. In the Name field, specify nextcloud-vm-snapshot as the snapshot name.

    6. Click Create.

    7. Wait until the snapshot creation process is over.

      To track the snapshot status, select Snapshots in the left-hand panel.

Add a TLS certificate to Yandex Certificate Manager

To enable access to Nextcloud over HTTPS, issue a TLS certificate for your domain:

  1. Add a Let's Encrypt® certificate for your domain to Certificate Manager:

    1. In the management console, select the folder where you are deploying your infrastructure.
    2. In the list of services, select Certificate Manager.
    3. Click Add certificate and select Let's Encrypt certificate.
    4. In the window that opens, specify mymanagedcert in the Name field.
    5. In the Domains field, enter a name for your domain, e.g., example.com.
    6. In the Check type field, select DNS and click Create.

    A new certificate with the Validating status will appear in the certificate list. This status means that a Let's Encrypt® certificate was requested and you need to pass a domain ownership check for the request to be successfully processed.

  2. For the certificate to be issued successfully, pass a domain ownership check:

    1. In the management console, select the folder where you are deploying your infrastructure.

    2. In the list of services, select Certificate Manager.

    3. From the list of certificates, select mymanagedcert.

    4. In the window that opens, under Check rights for domains, select CNAME record.

    5. Add a CNAME record required for the domain ownership check to your domain’s public DNS zone. This step's further actions will depend on whether your domain is managed by Yandex Cloud DNS or a third-party DNS provider:

      Under Check rights for domains, in the CNAME record section, click Create record. In the window that opens:

      1. If the current folder contains an appropriate DNS zone, it will be automatically inserted into the Zone field. If there is no appropriate DNS zone, click Create zone and set its parameters to create a new zone.
      2. Click Create.

      1. Under Check rights for domains, in the CNAME record section, check out the record value for the domain in the Value field.

      2. Add a CNAME record to your DNS provider or to your own DNS server to delegate management privileges to the DNS zone used for the check:

        _acme-challenge.example.com CNAME <value>

        The <value> string is formatted as follows: <certificate_ID>.cm.yandexcloud.net.

      Note

      For a successful DNS domain rights check based on a CNAME record, make sure the _acme-challenge subdomain of the domain name you are checking has no other resource records except CNAME. For example, for the _acme-challenge.example.com. domain name, there should only be a CNAME record and no TXT record.

      The domain ownership check may take from a few minutes to a few days. Wait until it is complete. As a result, the certificate will be issued and get the Issued status.

Deploy an instance group

For a fault-tolerant Nextcloud solution, scale it across an instance group:

  1. In the management console, select the folder to create the infrastructure in.

  2. In the list of services, select Compute Cloud.

  3. In the left-hand panel, select Instance groups.

  4. Click Create group of virtual machines.

  5. In the Name field, specify nextcloud-instance-group as the group name.

  6. In the Service account field, select the nextcloud-sa service account.

  7. Under Allocation, select all availability zones for maximum fault tolerance.

  8. Under Instance template, click Define and in the form that opens:

    1. Under Boot disk image, navigate to the Custom tab and click Select.

      In the window that opens, select the nextcloud-vm-snapshot snapshot you created earlier and click Add disk.

    2. Under Computing resources, select the 2 vCPU 4 GB RAM configuration.

    3. Under Network settings:

      1. In the Network field, select nextcloud-network.
      2. In the Public address field, select No address.
      3. In the Security groups field, select nextcloud-sg.

    4. Under Access, select SSH key and specify the VM access credentials:

      • In the Login field, enter a username, e.g., yc-user. Do not use root or other reserved usernames. To perform operations requiring root privileges, use the sudo command.

      • In the SSH key field, select the SSH key saved in your organization user profile.

        If there are no SSH keys in your profile or you want to add a new key:

        1. Click Add key.

        2. Enter a name for the SSH key.

        3. Select one of the following:

          • Enter manually: Paste the contents of the public SSH key. You need to create an SSH key pair on your own.

          • Load from file: Upload the public part of the SSH key. You need to create an SSH key pair on your own.

          • Generate key: Automatically create an SSH key pair.

            When adding a new SSH key, an archive containing the key pair will be created and downloaded. In Linux or macOS-based operating systems, unpack the archive to the /home/<user_name>/.ssh directory. In Windows, unpack the archive to the C:\Users\<user_name>/.ssh directory. You do not need additionally enter the public key in the management console.

        4. Click Add.

        The system will add the SSH key to your organization user profile. If the organization has disabled the ability for users to add SSH keys to their profiles, the added public SSH key will only be saved in the user profile inside the newly created resource.

    5. Click Save.

  9. Under Scaling, specify 3 in the Size field.

  10. Under Integration with Application Load Balancer, enable Create target group and specify nextcloud-target-group in the Name of the target group field that appears.

  11. Under Health checks:

    1. Enable Activate.
    2. In the Type field, select TCP.

  12. Click Create and wait for the instance group to be created and started.

Create an L7 load balancer

Create an application-level load balancer for traffic distribution between the hosts of the future Nextcloud instance group:

  1. Create a backend group:

    1. In the management console, select the folder where you are deploying your infrastructure.

    2. In the list of services, select Application Load Balancer.

    3. In the left-hand panel, select Backend groups and click Create backend group.

    4. In the Name field, enter a name for the group: nextcloud-bg.

    5. Enable Session affinity and select By IP address in the Affinity mode field that appears.

    6. Under Backends, click Add and do the following in the New backend form that opens:

      1. In the Name field, specify nextcloud-backend.
      2. In the Target groups field, select the nextcloud-target-group target group you created earlier.
      3. Expand the Load balancing settings section and select MAGLEV_HASH in the Balancing mode field.
      4. In the HTTP health check, click and select Delete.

    7. Click Create.

  2. Create an HTTP router:

    1. In the management console, select the folder where you are deploying your infrastructure.

    2. In the list of services, select Application Load Balancer.

    3. In the left-hand panel, select HTTP routers and click Create HTTP router.

    4. In the Name field, enter a name for the HTTP router: nextcloud-router.

    5. Under Virtual hosts, click Add virtual host and do the following in the New virtual host form that opens:

      1. In the Name field, enter nextcloud-vh for the virtual host's name and click Add route.
      2. In the New route form that opens, enter nextcloud-route as the route's name in the Name field.
      3. In the Backend group field, select the nextcloud-bg backend group created in the previous step.
      4. Leave all the other parameters unchanged and click Create at the bottom of the page.

  3. Create an L7 load balancer:

    1. In the management console, select the folder where you are deploying your infrastructure.

    2. In the list of services, select Application Load Balancer.

    3. Click Create L7 load balancer and select Manual.

    4. In the Name field, enter a name for the load balancer: nextcloud-alb.

    5. In the Network field, select nextcloud-network.

    6. In the Security groups field, select From list and then the nextcloud-sg security group from the list that opens.

    7. Under Allocation, make sure all availability zones are selected.

    8. If you do not want load balancer logs saved to a log group, disable Write logs.

    9. In the Listeners section, click Add listener and do the following in the form that opens:

      1. In the Name field, enter a name for the listener: nextcloud-listener.
      2. In the Protocol field, select HTTPS.
      3. In the Certificates field, select the mymanagedcert certificate you created earlier.
      4. In the HTTP router field, select the nextcloud-router HTTP router you created earlier.

    10. Leave all the other parameters unchanged and click Create at the bottom of the page.

    Wait for the load balancer status to change to Active and copy its IP address from the IP addresses field.

Create an A resource record in your domain’s public DNS zone

To route your domain's incoming requests to an L7 load balancer, in your DNS zone, create an A resource record pointing to the load balancer's IP address you got in the previous step. Further steps to follow will depend on whether your domain is managed by Yandex Cloud DNS or a third-party DNS provider.

If your domain is managed by Yandex Cloud DNS

  1. In the management console, select the folder where you are deploying your infrastructure.

  2. In the list of services, select Cloud DNS.

  3. Select the DNS zone you need, click Create record, and do the following in the window that opens:

    1. In the Name field, select Matches zone name (@).
    2. In the Type field, select A.
    3. In the Data field, specify the load balancer IP address you saved in the previous step.
    4. Leave other parameters as they are and click Create.
If your domain is managed by an external DNS provider

Add an A resource record with the following properties to your DNS provider or your own DNS server:

  • Host: @
  • Type: A
  • Value: <load_balancer_IP_address>

Test the solution in the fault-tolerant configuration

To test Yandex Object Storage integration with Nextcloud in a fault-tolerant configuration:

  1. Open your local computer browser and enter your domain name in the address bar, e.g.:

    https://example.com

  2. Get authenticated in Nextcloud using the login and password created when configuring the solution.

  3. In the left pane of the top menu, select Files.

  4. In the left-hand menu, select External storage and then AmazonS3.

  5. Make sure you see the file uploaded in the previous step.

  6. Download the file you uploaded earlier. Do this by clicking and selecting Download in the line with the filename.

  7. Delete the file. Do this by clicking and selecting Delete file in the line with the filename.

  8. In Yandex Object Storage, make sure the file was deleted from the bucket.

How to delete the resources you created

  1. If you had created an L7 load balancer, delete it and then delete the HTTP router, backend group, and the load balancer's target group one by one.
  2. If you had created an instance group, delete it.
  3. If you had created resource records, delete them in Yandex Cloud DNS or in your domain registrar’s account.
  4. If you created a DNS zone, delete it in Yandex Cloud DNS or in your domain registrar's account.
  5. If you had left the L7 load balancer logging feature on, delete the log group.
  6. Delete the VM.
  7. Delete the MySQL® cluster database.
  8. Delete the objects you created in the bucket, then delete the bucket itself.
  9. Delete the disk snapshot.
  10. Delete the service account.
  11. Delete the subnets, security group, route table, NAT gateway, and cloud network one by one.
  12. Optionally, delete the TLS certificate if you created one.

See also

Previous
Deploying Nextcloud on a VM from a Container Optimized Image
Next
Deploying Nextcloud on a VM or VM group using Terraform