Inject Nextcloud secrets via environment variables
Few know that you can also configure Nextcloud via environment variables. With this possibility you can save the storage of passwords in the Nextcloud config.php.
Sandbox Systemd Units
What many do not know is that SystemD offers the possibility to restrict services and very easily displays the exposure level.