Nextcloud as Tor Hidden Service: Anonymous Cloud Storage Setup

Commercial cloud storage (Dropbox, Google Drive, iCloud) maintains access logs linking file access to user IP addresses. These logs are subpoenable, subject to data breaches, and used by the provider for analytics. For users storing sensitive materials - journalists' source documents, activists' organizing materials, researchers' sensitive data, or private individuals who simply value privacy - IP-linked access logs represent a significant privacy risk. A self-hosted Nextcloud accessible only through Tor eliminates the IP metadata exposure while providing the convenience of cloud storage and sharing.

Install Nextcloud on a VPS using the official installation guide (Nextcloud All-in-One Docker image or manual installation). Configure Nextcloud with HTTPS (even for .onion access - Tor provides transport security but HTTPS ensures the server's certificate is verified). Configure a Tor hidden service pointing to Nextcloud's web interface (port 443). Add the .onion address to Nextcloud's trusted domains in config/config.php: $CONFIG['trusted_domains'][] = 'your_address.onion'. Update Nextcloud's base URL to the .onion address if it will be accessed exclusively through Tor. Enable full-disk encryption in Nextcloud for file contents at rest.

Nextcloud is a PHP application with significant assets and API calls. Performance optimization for Tor access: enable PHP OPcache and APCu for application-level caching, enable Nextcloud's server-side file preview generation (reduces client-side processing), compress all static assets (Gzip/Brotli in Nginx), disable unused Nextcloud apps to reduce page weight, configure Redis or Memcached for session and transactional caching. The Nextcloud desktop sync client can be configured to use SOCKS5 proxy (Tor) for sync operations - users can sync files without exposing their IP to the server. Note that Tor's latency makes large file uploads slow - optimize for document-sized files rather than media.

Nextcloud supports anonymous link sharing - files can be shared via token-based links that do not require login. For fully anonymous usage, provide users with pre-created accounts (no email required, username only) accessed over Tor. Disable user enumeration (prevent attackers from determining valid usernames through the login error messages). Configure 2FA with TOTP (not SMS, which requires a phone number) for account security without requiring identity. For organizational deployments with known users, LDAP integration allows existing directory-based authentication.

Nextcloud's server-side encryption protects files at rest on the server but the server can decrypt them (it manages the encryption keys). For stronger security, use client-side end-to-end encryption: Nextcloud's E2EE feature (in active development) encrypts files before they leave the client device, with keys stored only on the client. The Nextcloud server stores encrypted blobs that it cannot read. Cryptomator is an alternative client-side encryption tool that creates encrypted vaults in any Nextcloud folder. For maximum security of sensitive materials, client-side encryption before storage is essential regardless of Tor hiding the access IP.