Making Nextcloud AIO available only via VPN or in local network

Hey, got I problem trying to understand how should I install nextcloud AIO. I have home server (ofc) and ‘white IP’. My target is make my nextcloud available by local IP 192.168.x.x (or domain name using e.g. pi-hole - nexctloud.home.lan) and also by VPN from anywhere.
So. I have VPS with wg-easy installed, I’ve read docs several times, but can’t get how to do that. As far as I understood I need WG + e.g. nginx proxy manager installed on my VPS and pi-hole+nextcloud in my local network, am I right? And what manual should I use for local installation or reverse proxy installation?

Hi, see all-in-one/ at main · nextcloud/all-in-one · GitHub

Ok, so I have next questions:

  1. Set up your domain correctly to point to your home network

I used no-ip for it, so I’ve got

  1. Set up a reverse proxy by following the reverse proxy documentation but only open port 80 (which is needed for the ACME challenge to work - however no real traffic will use this port).

I have to install it on server where nextcloud is installed or on VPS?

  1. Set up a local DNS-server like a pi-hole and configure it to be your local DNS-server for the whole network. Then in the Pi-hole interface, add a custom DNS-record for your domain and overwrite the A-record (and possibly the AAAA-record, too) to point to the private ip-address of your reverse proxy

Does it mean that in my pi-hole settings I should point to local ip of my nextcloud server?