NextCloud on Ubuntu 24.04 LTS by Acay Software LLC

This is a repackaged open source software product wherein additional charges apply for professional support, enterprise security hardening, automated deployment configuration, performance optimization, and ongoing maintenance services provided by Acay Software LLC.

WHAT YOU ARE PAYING FOR

• Professional AMI configuration and optimization for AWS EC2
• Enterprise-grade security hardening with SSH and UFW firewall
• Automated first-boot initialization with unique credential generation
• Performance tuning for cloud workloads
• Technical support for deployment and configuration questions

ABOUT NEXTCLOUD

Nextcloud is the world's most deployed self-hosted file sync and share platform, trusted by millions of users and thousands of organizations worldwide. Nextcloud Hub brings together files, talk, groupware, and office tools in a single, privacy-respecting platform that keeps your data under your complete control. Organizations choose Nextcloud as a sovereign alternative to Google Drive, Dropbox, and Microsoft OneDrive - with no vendor lock-in, no third-party data access, and full compliance with data sovereignty requirements including GDPR.

TECHNICAL SPECIFICATIONS

Complete production-ready stack:

• Nextcloud 33.0.3 (Latest Stable - Hub 26 Winter)
• Ubuntu 24.04 LTS with long-term security support until 2029
• Apache 2.4 with mod_rewrite, headers, and SSL support
• PHP 8.3 with OPcache, APCu, ImageMagick, and all required extensions
• MySQL 8.0 with security hardening and localhost-only binding
• Certbot pre-installed for free SSL/TLS certificates via Let's Encrypt

AUTOMATED FIRST-BOOT DEPLOYMENT

Every instance launched from this AMI goes through a one-time automated initialization:

• MySQL database user created with a unique randomly generated password
• Nextcloud configuration updated with instance-specific credentials
• Trusted domain automatically set to the instance public IP
• Administrator account created with unique username and password
• All credentials written to ~/credentials.txt (owner-only permissions)
• System fully operational within 2-3 minutes of instance launch

ENTERPRISE SECURITY HARDENING

• UFW firewall configured for ports 22, 80, and 443 only
• SSH root login permanently disabled
• Password-based SSH authentication disabled - key pair required
• MySQL bound to localhost only - no external DB access
• Apache server tokens set to production mode
• No default or shared credentials - every instance gets unique secrets
• IMDSv2 enforced for instance metadata access

GETTING STARTED

1. Launch an EC2 instance from this AMI with an SSH key pair
2. Open ports 22, 80, and 443 in your security group
3. Wait 2-3 minutes for first-boot initialization to complete
4. SSH into the instance: ssh -i your-key.pem ubuntu@YOUR_IP
5. Retrieve your credentials: cat ~/credentials.txt
6. Open your browser and navigate to: http://YOUR_IP
7. Log in with the username and password from credentials.txt

RECOMMENDED INSTANCE TYPES

Personal use and small teams:

• t3.small or t3.medium (2 vCPU, 2-4 GB RAM)

Small to medium organizations:

• t3.large or t3.xlarge (2-4 vCPU, 8-16 GB RAM)

Large deployments with many concurrent users:

• t3.2xlarge or larger

SSL AND CUSTOM DOMAIN SETUP

After pointing your domain to the instance Elastic IP: sudo certbot --apache -d yourdomain.com HTTPS will be configured automatically with auto-renewal enabled.

SYSTEM REQUIREMENTS AND DEPENDENCIES

• Minimum recommended instance type: t3.small (2 vCPU, 2 GB RAM)
• Minimum storage: 20 GB EBS volume (larger recommended for file storage)
• An EC2 key pair is required for SSH access
• Ports 22, 80, and 443 must be open in the security group
• IMDSv2 is used during first-boot to retrieve instance metadata
• No external packages or dependencies are downloaded at launch time

PRODUCT LIMITATIONS

• Single-node deployment - high availability and clustering not included by default
• HTTPS is not pre-configured - an SSL certificate must be installed post-launch
• Email notifications not pre-configured - SMTP must be set up in Nextcloud admin
• Automatic OS and application updates are the responsibility of the customer
• An Elastic IP is recommended for production to maintain a stable IP address
• This AMI is designed for single-region deployment in us-east-1

SUPPORT

Contact: info@acaysoftwarellc.com  Website: https://acaysoftwarellc.com 

ABOUT ACAY SOFTWARE LLC

Acay Software LLC delivers production-grade cloud deployment solutions on AWS, specializing in hardened AMIs with enterprise security configurations, automated initialization systems, and professional support services.

NEXTCLOUD LICENSE

Nextcloud is free and open-source software licensed under the GNU Affero General Public License v3.0 (AGPL-3.0). The software itself carries no license fee. Charges on this listing apply exclusively to the professional AMI configuration, security hardening, automated deployment infrastructure, and support services provided by Acay Software LLC.