TLDR: I have a specific question I’d like to ask - I am planning to run a NextCloud on Raspberry Pi 4 with JBOD. To access from outside my home network, I will be using a DynDNS system and portforwarding to SSL. Before, I portforwarded a random high-range port to http internally, but SSL through letsencrypt will not certify this way, sadly. This seems only mediocrely secure, even in my book. Is there some smart solution to make this more secure? I am wondering whether I should set up a VPN on a different machine and only make the NextCloud accessible when accessed through the VPN, but that would make it a hassle to be accessible for project partners. Is there a way to make an SSL system a bit more secure? Sure: long passwords, but other than that?
Thanks for any thoughts!
The backstory: Two months into my Office 365 experience, I have pulled the plug on trying to warm up to OneDrive (for business). While there is one good feature (having unsynced stuff show up locally) in theory, there are also many cumbersome characteristics (e.g., not being able to simply share a folder with someone, but the need to be signed up on the other Office tenant as a guest user and so on). Suffices to say: I can imagine this to be useful for corporate users, alas - I am not a corporate user. The amount of update emails and configuration sites simply was a tad too much.
So back to NextCloud I come, this time a bit more educated. I bought a Yottamaster 5-bay harddrive enclosure for my JBOD assortment, simply to have it tidied up a bit. Seems to be working nicely and looks better than my wild cable-and-devices-bunch before.