The scope here concerns use of VPN (Virtual Private Network) to gain secure access from the public network to a local private network. It relates to private secure access and use from the public network. It does not consider public VPNs setup for public use.
There have been considered 3 different levels of access as described by the applications used:
These applications and their scope are described further below.
Nextcloud is an open source content collaboration platform. At its core is file-sharing, but it has many other core functions as well as extensibility with additional installed applications. While Nextcloud can securely share files it is not focused as a simple, public, and secure file-sharing platform.
I have been using Nextcloud and before that Owncloud from which Nextcloud was forked since circa 2013. My server setup is described here:
I previously successfully setup wireguard on my router. This was installed on “bare metal” as was the nftable based router firewall. I later installed Bind9 DNS and Kea DHCP programs in Docker containers. I always run Docker in a VM to prevent Docker's packet filtering from affecting the bare metal firewall rules. I did not move Wireguard to a Docker container as I did not have the need at the time.