The Project’s Mission My goal was to convert a laptop with a Core i3 processor, 16GB of RAM, a 120GB SSD, and a 1TB HDD into a home server that could:

Act as a personal cloud and NAS-style storage using Nextcloud. Serve as a testing ground for web development projects with Laravel. Be securely accessible from anywhere in the world, without opening any ports, by leveraging the power of Cloudflare Tunnels. Part 1: The Foundation - Laying Down Debian 12 The heart of any good server is a lightweight, stable, and powerful operating system.

The OS of Choice: I chose Debian 12 “Bookworm” for its legendary stability and incredibly low resource consumption. The Installation: I used the network installation image (netinst) to get started. A Crucial Security Step: During the setup, I intentionally left the “root” password blank. On Debian, this is a key step that automatically adds your primary user to the sudo group, which is essential for secure system administration.

A Strategic Approach to Disk Partitioning To guarantee fast performance, the 120GB SSD was dedicated to the operating system and applications. I partitioned it as follows:

/boot/efi: The EFI boot partition. /: The root filesystem for the OS and all programs. /home: The user’s personal directory. swap: The swap space. The massive 1TB HDD was set aside purely for data storage. I left it unformatted during the main installation so I could prepare it manually later.

For software, I kept it minimal: I selected only an SSH Server (for remote management) and the standard system utilities.

Part 2: Initial Server Configuration With Debian installed, it was time for the initial setup from the command line.

Connecting Remotely: I used PuTTY on my Windows machine to SSH into the server’s local IP, making for a much more comfortable admin experience. Fixing sudo Permissions: I hit a snag where my user couldn’t execute sudo commands. The fix was to log in as root (su -) and manually add my user to the sudo group with the command: usermod -aG sudo dylontech.

Prepping the 1TB Storage Drive: I wiped the old Windows partitions from the drive using sudo fdisk /dev/sda. I created a single new partition that spanned the entire disk. I formatted this new partition with the standard Linux ext4 filesystem: sudo mkfs.ext4 /dev/sda1. I created a mount point, which is just an empty folder, for the drive: sudo mkdir /mnt/storage. Making the Mount Permanent: To ensure the 1TB drive connects automatically every time the server reboots, I edited the /etc/fstab file. Using the disk’s unique ID (which you can get with sudo blkid /dev/sda1) is crucial to prevent errors. I added the following line: UUID=THE_CORRESPONDING_UUID /mnt/storage ext4 defaults 0 2

Part 3: Building the Engine - The LAMP Stack To serve web applications, I needed a “LAMP” stack, which stands for Linux, Apache, MariaDB, and PHP.

MariaDB (The Database): I installed the database server with sudo apt install mariadb-server and immediately ran the security script: sudo mysql_secure_installation. PHP: I installed PHP along with all the necessary extensions required by both Nextcloud and Laravel in a single, powerful command. Part 4: The Crown Jewel - Deploying My Nextcloud Personal Cloud With the server foundation ready, it was time to install Nextcloud.

Database Setup: I jumped into the MariaDB console to create a dedicated database and user specifically for Nextcloud. Nextcloud Files: I downloaded the latest version from the official website, unzipped it into /var/www/nextcloud, and assigned the correct file permissions to the web server’s user (www-data). Apache Configuration: I created a nextcloud.conf virtual host file in /etc/apache2/sites-available/ to tell Apache how to serve the Nextcloud site. Web Installer: I finished the setup by navigating to the server’s local IP in a web browser. Here, I provided the new admin user details and the database credentials.

The Most Important Step: I configured the Nextcloud data directory to be /mnt/storage. This ensures that all user files are saved on the spacious 1TB hard drive, not the smaller SSD. Part 5: The Magic Trick - Secure Remote Access with Cloudflare Tunnels This was the most complex but rewarding phase. My internet provider uses CGNAT, which makes traditional port forwarding impossible. Cloudflare Tunnels were the perfect solution.

Get a Domain: A personal domain is a prerequisite for using Cloudflare. I purchased dylontech.com from GoDaddy. Configure Cloudflare: I created a free account, added my new domain , and then performed the critical step: changing the nameservers in GoDaddy to point to Cloudflare’s. This gives Cloudflare control over my domain’s DNS.

Install the Connector (cloudflared): This turned into a challenge. The apt package manager couldn’t find the cloudflared package. After a lot of debugging (including fixing my /etc/apt/sources.list), I opted to download and install the cloudflared software manually, which solved the problem instantly.

Create the Tunnel: Using the Cloudflare Zero Trust dashboard, I navigated to Networks -> Tunnels and created a new tunnel named nextcloud-tunnel. Cloudflare provided an installation token. Running sudo cloudflared service install on the server permanently linked it to my Cloudflare account.

Route the Traffic: In the tunnel’s “Public Hostname” tab, I set up a route to direct all traffic from nextcloud.dylontech.com to my local server at http://localhost:80. Final Troubleshooting DNS Woes (NXDOMAIN): After setting everything up, my domain wasn’t working. After checking with tools like whatsmydns.net , I discovered the root cause was a conflict with DNSSEC, which I had to disable for the propagation to complete.

Apache Default Page: My domain was showing the default Apache page instead of Nextcloud. Disabling the default site with sudo a2dissite 000-default.conf fixed it. Nextcloud Untrusted Domain: The final error was from Nextcloud itself. I solved it by adding nextcloud.dylontech.com to the trusted_domains array in Nextcloud’s config.php file. Part 6: Expanding Horizons - Hosting More Sites With the core system working, I proved its versatility.

Test Static Site (test.dylontech.com): I created a new folder in /var/www/sitio-estatico , made a new Apache configuration file for it , and simply added a new Public Hostname to my existing Cloudflare tunnel.

Secure Remote Terminal (SSH): I added a third route to the tunnel, this time of type SSH, for the subdomain ssh.dylontech.com, pointing to localhost:22. This allows me to get a secure shell connection from anywhere in the world without ever exposing port 22 directly.

What’s Next? Laravel! The next goal is to set up the environment for my Laravel projects. The pattern will be the same:

Install Composer and other PHP dependencies. Create the project in a new folder under /var/www/. Create a new database. Set up a new Apache Virtual Host. Add a new route to the Cloudflare tunnel. Conclusion I successfully built a robust, secure, and extremely versatile system. This document captures the incredible journey and the wide range of skills put into practice. It’s a testament to what you can do with a little bit of old hardware and a lot of determination.