Need a Private Cloud for using FREENAS cookbook the right way

Hello. I’m a consultant who would like to use NextCloud for myself and two of my staff. I’m new to NextCloud and looking for someone to point me in the right direction. I use FREENAS (dedicated NAS machine) in my house running version 9.10 Stable. My goal is to use next cloud as a FileShare accessible to me and my peers over the internet for a fileshare. There might be other requirements but this is my immediate requirement. My requirement is easy access, security and sync. I currently have installed NexCloud plugin on the FREENAS and setup as Local http. It is running but internally. Can some please point me into a area that can help me move forward with this project? I read somewhere that I might need to get a firewall past what I have with my ISP provided router which is builtin. Maybe pfSense? What is else is required which I have not considered? I would like to know where I go from here even just to build this sandbox. I’m open to other alternatives.
Thank you in advance,

These plugins are an easy start, however you depend on people providing these apps that they continue to ship updates:

In FreeBSD, you have jails for sandboxes. Not sure how easy it is to use in FreeNAS, but that could be a good idea.

If you want to access from outside, you can open a port at your home router. Some have included some basic firewall features, then it depends what the firewall should do. If you only want to allow port forwarding on port 80 and 443, the network router probably is enough. I haven’t seen any proposed rulesets

So mr numbers,

In order for you to setup NC safely you would need to work with certifications to get the connection encrypted.

this means you either go inside the plugin jail and add a new cert+key file in the certification path or
install certbot in this jail and edit the certification path file to the path file output of certbot

or you just make a reverse proxy with letsencrypt in a new jail and port forward this jail with your router,
and have the setup config point to your NC jail’s ip

First option
internet>router>NC jail with certs in it.

Second option internet>router>proxy with certs > NC jail

i recommend the second option, it gives you the freedom of just switching plugins by ip or even have multiple jails/plugins using the same cert and adress so when the plugin dies for whatever reason you can replace it in no time.
using a prxy gives you these options too

as for your PHP 5.5 problem, php in the plugin is php5.5 and needs to be upgraded however the maintainer of the freenasplugins is working at a snails pace…

so try and build your own NC jail with updated functionality if you need faster updates