The way to an own clowd

Over the past few months, I have been deeply engaged with the topic of digital sovereignty—not least because recent events have shown just how dependent we really are on major hyperscalers from overseas.

I’ve been aware for some time that many of our digital services run on platforms like Google, Amazon, or Microsoft. But in recent weeks, I decided to actively change something about this: step by step, I want to make myself more independent and regain more control over my data and digital tools.

In this article series, “The way to an own clowd” I’d like to share my experiences. My goal is to show that it’s not that complicated to build your own digital infrastructure—even without a huge IT budget or years of experience.

What have I done so far?

• Installed my own Linux server
• Set up my own cloud storage with various office apps
• Created my own wiki
• Installed a password manager
• …and more

You should have some basic knowledge of computers and Linux—but as you’ll see: with a bit of motivation and the right instructions, it’s really not rocket science.

Of course, more personal responsibility also means you have to take care of quite a few things yourself. But I will show you how you can keep the effort minimal and maintain an overview with the right settings and a bit of monitoring.

Starting today, there will be a new part every Monday and Thursday here on my blog.

Happy reading!

Part 1 – Your own server

Choosing the right hardware

Before you embark on digital independence, you first need a server—virtual or physical. The right choice will save you nerves, electricity, and money.

Physical or virtual?

• Physical servers are perfect if you want maximum control and independence. The simplest solution is, for example, a Raspberry Pi: https://www.raspberrypi.com
• Virtual servers are simple, quick, and often rentable starting from just a few euros per month (e.g., Hetzner, Netcup, Strato, or IONOS). Ideal for starting out or if you don’t have the space or power for hardware. An alternative for testing and experimenting is VirtualBox: https://www.virtualbox.org/

What should you pay attention to?

• Processor: For most applications here, 2-4 CPU cores are usually sufficient.
• RAM: At least 8 GB, better 16 GB or more (especially for Nextcloud and databases).
• Hard drive: SSDs with at least 500 GB, better >= 1 TB.
• Network connection: For private use at home, a simple line is usually enough. For hosting in the cloud, watch out for unlimited or sufficiently large traffic packages!

Quick & Dirty – Summary:

• Min. 2-4 CPU cores
• At least 8 GB RAM, ideally 16 GB+
• SSD, at least 500 GB, better 1 TB+
• Constant internet connection
• For hosters: watch for traffic limits!

Operating System Installation

I chose Debian: it’s as free as it gets and very widely used. Many Linux distributions, like Ubuntu, Mint, or Raspbian, are based on it.

First, only the essentials are installed: no graphical interface, no bloat—just the basic system and tools you really need.

The following describes how to install Debian on a physical server. If it’s a virtual server, you can usually select Debian during setup and skip the next steps:

1. Download the current Debian version from https://www.debian.org/distrib/ and transfer the ISO image to a CD or USB stick.
2. For Windows, Rufus is especially good to write the ISO to a USB stick. For macOS, you can use balenaEtcher.
3. On Linux, this works via the terminal. Run: sudo dd if=debian-12.x.x-amd64-netinst.iso of=/dev/sdX bs=4M status=progress and sync (where the values of if and of are to be replaced by the corresponding, correct paths).
4. Configure the server to boot from USB stick (or CD). You can usually set this in the boot menu (often via F12 or F10 right after powering on).
5. After booting from the USB stick, choose between “Install” and “Graphical Install” and follow the installation steps. Important: For software selection, only select “standard system utilities.” Everything else can be installed later without issue.
6. After successful installation and first boot, log in with your user or directly as root via

sudo su

The first step is to find out the server’s IP address:

sudo ip a

Ideally, you should set the server’s IP address statically in your network, if possible and necessary … for virtual servers, this is usually already the case.

To avoid sitting at the device every time, it’s advisable to install an SSH server that you can access from “anywhere”:

sudo apt update && sudo apt upgrade -y && sudo apt install openssh-server -y

For security reasons, it’s highly recommended to change the default port 22 to any value greater than or equal to 1024.

In a Linux/UNIX terminal, you can, for example, run:

echo $(( RANDOM % 64512 + 1024 ))

to generate a random number between 1024 and 65535.

Remember this value and enter it in

sudo nano /etc/ssh/sshd_config

in the server configuration. Look for

#Port 22

and change it to

Port <NEW-PORT>

(without the leading #).

A new port doesn’t guarantee 100% protection, but it does make scanning for open ports and services much harder.

Finally, your server absolutely needs a firewall. Just run the following commands:

# Install firewall
sudo apt update && sudo apt upgrade && sudo apt install ufw -y

# Deny all incoming by default
sudo ufw default deny incoming
sudo ufw default allow outgoing

# Allow SSH on your custom port
sudo ufw allow <NEW-SSH-SERVER-PORT>

# Enable the firewall
sudo ufw enable

Then reboot the server with

sudo reboot

and try connecting via PuTTy (https://www.putty.org) or

ssh username@IP-ADDRESS -p <NEW-PORT>

TIP: The system should be updated once a week:

# 1-2) update software
# 2-4) clean up
# 5) reboot
sudo apt update && sudo apt upgrade && sudo apt autoremove && sudo apt clean && sudo reboot

Quick & Dirty – Summary:

If physical server:

• Download Debian ISO https://www.debian.org/distrib/ and write to USB stick
• Boot server from USB stick and choose Install or Graphical Install

Then for both kind of servers:

• First login after installation as user or directly as admin (sudo su)
• Find IP address: sudo ip a
• Install SSH server: sudo apt update && sudo apt upgrade -y && sudo apt install openssh-server -y
• Change #Port 22 in /etc/ssh/sshd_config to a random value >= 1024 and remove the #
• Install firewall: sudo apt update && sudo apt upgrade && sudo apt install ufw -y && sudo ufw default deny incoming && sudo ufw default allow outgoing && sudo ufw allow <NEW-SSH-SERVER-PORT> && sudo ufw enable
• Reboot server and test SSH: connect via PuTTy (https://www.putty.org) or ssh username@IP-ADDRESS -p PORT
• Create a calendar entry to update system once a week: sudo apt update && sudo apt upgrade && sudo apt autoremove && sudo apt clean && sudo reboot

Conclusion

By installing a minimal Debian system, you lay the foundation for your own independent cloud infrastructure.

With this guide, you have a secure, lean, and perfectly prepared server on which you can build your own services step by step.

You can see: The effort is manageable, and the result is maximum control.

In the next part, coming Thursday, I’ll show you how to make your services permanently accessible online for the future.

Until then, I’m looking forward to your feedback and reposts :-)