This project is still in very early development. There is no version that can be tested at this time.
Nextcloud Atomic is an easy-to-use, batteries-included system for running Nextcloud, that's optimized for robustness and security.
The promise of Nextcloud Atomic is, that you won't need to ever access a terminal to host your own Nextcloud instance, while still providing a deployment adhering to high security standards and best practices.
To achieve that, Nextcloud Atomic features a sane default configuration of Nextcloud all-in-one that "just works", along with custom web interfaces for initial activation (WIP) and administration (WIP).
Nextcloud Atomic wraps Nextcloud GmbH's official all-in-one setup which already provides the convenience of automatic updates, a number of additional services that can be enabled, etc. and adds it's own administration tools on top, like: disk management (WIP) and full disk encryption, TPM support, monitoring (WIP) and more - all accessible from it's custom web interface.
Nextcloud Atomic aims to provide you all the tools you need for hosting Nextcloud, whether you're a hobbyist or a company (as long as your needs can be covered by a single machine).
One of the core selling points of Nextcloud Atomic, is it's operating system layout. Everything related to the core system is contained in an immutable partition that gets replaced during updates which allows for painless OS updates that either fully succeed or fully fail (and are automatically rolled back) - there's no inbetween.
Apart from updates, this also enables a simple factory-reset feature (in- or excluding user data) which can be used to restore the system to a working state if something goes wrong.
The operating system uses debian as it's base, which is widely trusted as server operating system.
Nextcloud Atomic ensures strong system security by making heavy use of the built-in sandboxing features of Linux. Nextcloud (all-in-one) itself runs under its own non-privileged user using rootless podman and has very limited access to the host filesystem and network (WIP).
Secrets are not stored on disk in plaintext, wherever possible and instead provided as (tpm-)encrypted systemd credentials.
From September 2024 until February 2025, development of Nextcloud Atomic is being funded by the German Federal Ministry of Education and Research as part of the Prototype Fund by the Open Knowledge Foundation Germany.