Client Area

How to Set Up Self-Hosted Nextcloud on Hong Kong VPS: Private Cloud Storage for Asia (2026)

Nextcloud is the most widely deployed self-hosted cloud storage and collaboration platform — a privacy-respecting alternative to Google Drive, OneDrive, and Dropbox that runs entirely on your own infrastructure. Deploying Nextcloud on a Hong Kong VPS solves a specific problem for Asia-Pacific users: Google Drive and Dropbox are blocked or unreliable in mainland China, while a self-hosted Nextcloud on a Hong Kong server provides fast, accessible cloud storage from both Chinese and international locations via CN2 GIA routing.

This guide covers Docker-based Nextcloud deployment with production performance tuning — Redis object caching, APCu memory caching, Nginx configuration, and mobile client setup.

Prerequisites

  • A Hong Kong VPS with at least 2 vCPU and 4 GB RAM
  • Storage: minimum 40 GB for Nextcloud itself; plan additional storage for user files
  • Docker and docker-compose installed
  • A domain with DNS pointing to your VPS

Step 1: Create the Docker Compose Stack

mkdir -p /home/deploy/nextcloud
cd /home/deploy/nextcloud
nano docker-compose.yml
version: '3.8'

services:
  db:
    image: mariadb:10.11
    container_name: nextcloud_db
    restart: unless-stopped
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed
    volumes:
      - db_data:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_PASSWORD=${MYSQL_PASSWORD}

  redis:
    image: redis:7-alpine
    container_name: nextcloud_redis
    restart: unless-stopped
    command: redis-server --requirepass ${REDIS_PASSWORD}
    volumes:
      - redis_data:/data

  nextcloud:
    image: nextcloud:28-apache
    container_name: nextcloud
    restart: unless-stopped
    ports:
      - "127.0.0.1:8080:80"
    volumes:
      - nextcloud_data:/var/www/html
      - /mnt/storage:/var/www/html/data    # User data on external mount
    environment:
      - MYSQL_HOST=db
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_PASSWORD=${MYSQL_PASSWORD}
      - NEXTCLOUD_ADMIN_USER=admin
      - NEXTCLOUD_ADMIN_PASSWORD=${ADMIN_PASSWORD}
      - NEXTCLOUD_TRUSTED_DOMAINS=cloud.yourdomain.com
      - REDIS_HOST=redis
      - REDIS_HOST_PASSWORD=${REDIS_PASSWORD}
      - PHP_MEMORY_LIMIT=1024M
      - PHP_UPLOAD_LIMIT=10G
    depends_on:
      - db
      - redis

  cron:
    image: nextcloud:28-apache
    container_name: nextcloud_cron
    restart: unless-stopped
    volumes:
      - nextcloud_data:/var/www/html
      - /mnt/storage:/var/www/html/data
    entrypoint: /cron.sh
    depends_on:
      - db
      - redis

volumes:
  db_data:
  redis_data:
  nextcloud_data:
nano .env
MYSQL_ROOT_PASSWORD=strong_root_password
MYSQL_PASSWORD=strong_db_password
REDIS_PASSWORD=strong_redis_password
ADMIN_PASSWORD=strong_admin_password
chmod 600 .env
docker compose up -d
docker compose logs -f nextcloud

Step 2: Configure Nginx Reverse Proxy

nano /etc/nginx/sites-available/nextcloud
upstream nextcloud_backend {
    server 127.0.0.1:8080;
    keepalive 16;
}

server {
    listen 80;
    server_name cloud.yourdomain.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    server_name cloud.yourdomain.com;

    ssl_certificate /etc/letsencrypt/live/cloud.yourdomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/cloud.yourdomain.com/privkey.pem;
    ssl_protocols TLSv1.2 TLSv1.3;

    # Security headers required by Nextcloud
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
    add_header Referrer-Policy "no-referrer" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-Download-Options "noopen" always;
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Permitted-Cross-Domain-Policies "none" always;
    add_header X-Robots-Tag "noindex, nofollow" always;
    add_header X-XSS-Protection "1; mode=block" always;

    # Remove X-Powered-By header
    fastcgi_hide_header X-Powered-By;

    # Large file upload support
    client_max_body_size 10G;
    client_body_timeout 300s;

    # Nextcloud requires these for CalDAV/CardDAV
    location = /.well-known/carddav {
        return 301 $scheme://$host/remote.php/dav;
    }
    location = /.well-known/caldav {
        return 301 $scheme://$host/remote.php/dav;
    }

    location / {
        proxy_pass http://nextcloud_backend;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_read_timeout 300s;
        proxy_send_timeout 300s;
        proxy_buffering off;

        # WebDAV support
        proxy_set_header Destination $http_destination;
    }

    # Static file caching
    location ~* \.(?:css|js|woff|svg|gif|png|html|ttf|ico|jpg|jpeg)$ {
        proxy_pass http://nextcloud_backend;
        proxy_set_header Host $host;
        expires 30d;
        add_header Cache-Control "public, immutable";
    }
}
ln -s /etc/nginx/sites-available/nextcloud /etc/nginx/sites-enabled/
certbot --nginx -d cloud.yourdomain.com --email your@email.com --agree-tos --no-eff-email
nginx -t && systemctl reload nginx

Step 3: Performance Tuning with APCu and Redis

Nextcloud’s performance depends heavily on PHP memory caching (APCu) and distributed object caching (Redis). Configure both:

# Access Nextcloud container
docker compose exec nextcloud bash

# Edit Nextcloud config
nano /var/www/html/config/config.php

Add these settings inside the config array:

'memcache.local' => '\OC\Memcache\APCu',
'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => [
    'host' => 'redis',
    'port' => 6379,
    'password' => 'your_redis_password',
],
'default_phone_region' => 'HK',
'overwrite.cli.url' => 'https://cloud.yourdomain.com',
'overwriteprotocol' => 'https',
'trusted_proxies' => ['172.16.0.0/12'],  // Docker network range

Step 4: Storage Expansion Options

Option A: Additional VPS disk volume

Mount an additional volume at /mnt/storage (as referenced in the docker-compose volume mapping). Most VPS providers allow attaching additional block storage volumes.

Option B: S3-compatible object storage (Cloudflare R2)

# In Nextcloud admin panel:
# Apps → External Storage → Enable
# Settings → External Storage → Add storage
# Type: Amazon S3
# Bucket: your-r2-bucket-name
# Hostname: YOUR_ACCOUNT_ID.r2.cloudflarestorage.com
# Access Key: R2 Access Key
# Secret Key: R2 Secret Key
# Enable SSL: yes

Cloudflare R2 provides zero-egress-fee S3-compatible storage — ideal for Nextcloud as a scalable backend without bandwidth costs as user file collections grow.

Step 5: Mobile Client Configuration

Install the official Nextcloud app on iOS or Android. Configuration:

  • Server address: https://cloud.yourdomain.com
  • Username: admin (or your user account)
  • Password: your Nextcloud user password

Enable auto-upload for photos and camera roll — photos upload to your self-hosted Nextcloud automatically, accessible from any device without cloud provider lock-in.

For desktop sync, install Nextcloud Desktop Client on macOS, Windows, or Linux — same server URL and credentials.

Step 6: Nextcloud Maintenance Commands

# Run Nextcloud cron manually (if the cron container has issues)
docker compose exec nextcloud php /var/www/html/cron.php

# Scan for new files added directly to storage
docker compose exec nextcloud php /var/www/html/occ files:scan --all

# Update Nextcloud to latest version
docker compose pull nextcloud
docker compose up -d nextcloud

# Check system status
docker compose exec nextcloud php /var/www/html/occ status

# Add a new user
docker compose exec nextcloud php /var/www/html/occ user:add username

# Set storage quota for a user
docker compose exec nextcloud php /var/www/html/occ user:setting username files quota 50GB

Conclusion

Self-hosted Nextcloud on a Hong Kong VPS provides a private cloud storage solution accessible from mainland China (via CN2 GIA routing), fully under your control, with no monthly per-user SaaS fees and no data shared with third-party cloud providers. For teams, families, and businesses needing cloud storage that works reliably across China and internationally, this setup delivers what Google Drive and Dropbox cannot.

Deploy your private cloud on Server.HK’s Hong Kong VPS plans — NVMe SSD storage for fast file access and CN2 GIA routing for reliable Chinese user connectivity.

Frequently Asked Questions

Is Nextcloud accessible from mainland China on a Hong Kong VPS?

Yes. Nextcloud hosted on a Hong Kong VPS is accessible from mainland China without VPN. CN2 GIA routing provides 20–35 ms latency to major Chinese cities — file sync and uploads from China work reliably. Nextcloud mobile and desktop clients maintain persistent sync connections that recover automatically from brief network interruptions.

How much storage can I use on a Hong Kong VPS for Nextcloud?

VPS disk storage is typically limited to 30–200 GB depending on the plan. For larger Nextcloud deployments, use Cloudflare R2 or S3-compatible object storage as an external primary storage backend — this provides effectively unlimited capacity with zero egress fees, while the VPS handles only application logic and metadata.

Is self-hosted Nextcloud more secure than Google Drive or Dropbox?

Self-hosting means your data is under your direct control — no third-party cloud provider has access to your files. Security depends entirely on your server configuration: keep Nextcloud updated, use strong passwords, enable 2FA for all accounts, and apply the security hardening from our VPS security checklist. A well-maintained self-hosted Nextcloud provides excellent privacy and security; a poorly maintained one is less secure than managed cloud storage.

Leave a Reply