this post was submitted on 09 Sep 2023
58 points (91.4% liked)

Selfhosted

39964 readers
408 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Says "Please type in the domain into the input field below that will be used for Nextcloud in order to create a new AIO instance."

I dont wanna unnecessarily spend money

top 31 comments
sorted by: hot top controversial new old
[–] socphoenix@midwest.social 20 points 1 year ago (2 children)

It can be an ip address, if you have a static ip. If you’re planning to host this on the open internet and have a dynamic ip (home internet is most likely for this), or static and don’t want to pay for a top level domain you can use a service like noip.com for a free address like “test.ddns.net”

You can also change this after the initial setup in Nextcloud’s config.php as well as as additional domain names/ip addresses that can reach the server.

[–] strawberry@artemis.camp 4 points 1 year ago (1 children)

alright then i think imma setup with a free one and then buy one, its only $10 a year

thank u :)

[–] LinuxSBC@lemm.ee 1 points 1 year ago

A .ovh domain is more like $3 a year. That's what I'm using.

[–] strawberry@artemis.camp 3 points 1 year ago (2 children)

and just to get this right, if i want to acess it outside of my lan, i cant use my ip? i dont think my ip changes, has been the same as long as i remember

[–] diminou@lemmy.zip 8 points 1 year ago (1 children)

Yes you can use your ip, a domain name is just way easier to remember! :-)

[–] strawberry@artemis.camp 3 points 1 year ago (1 children)

so then do I just put in my IP into that field? and I'm guessing this can just changed later? I'd like to finish setup without spending money, and get a domain later

[–] fraydabson@sopuli.xyz 3 points 1 year ago (2 children)

Yes that should be totally possible. Only thing I can think of is making sure your IP is white listed for next cloud.

[–] Jtee@lemmy.world 11 points 1 year ago

Better to use a DDNS service like no-ip, since MOST people won't have static IPs from their provider at home.

[–] strawberry@artemis.camp 2 points 1 year ago (2 children)

and how would i verify that?

[–] socphoenix@midwest.social 2 points 1 year ago* (last edited 1 year ago)

On FreeBSD the config is located in "/usr/local/www/nextcloud/config/config.php", I'm unsure about Linux I haven't set it up for that. But, in the config you will see a marker for "trusted domains," I've set mine up for local DNS, zero-tier and local IP setup and it looks like this:

`'trusted_domains' =>

array (

0 => 'fileserver.home.lan:9000',

1 => '192.168.50.30:9000',

2 => '10.144.117.148:9000',

3 => '10.1.1.7',

4 => 'fileserver.home.lan',

5 => '192.168.50.30',

), `

Edit: You can see here more info on the config file. Per that documentation on Linux it should be under "/var/www/nextcloud/config/config.php"

Also of note, for internal IP addresses you should set the server to a static IP on your router, that's how I know my server will always be 192.168.50.30. If you're using home internet (not a VPS or business line) you're pretty much guaranteed to have a dynamic IP for public facing connections. For that I like noip.com because they have an app that will auto-update this so you can use the free domain name without needing to know the IP address that will change every few days. Duckdns also does this if memory serves though I think they just had a bash script you ran for this.

[–] socphoenix@midwest.social 1 points 1 year ago

Find in your install the config.php it will listed trusted domains (or ips) and you can add as many as you want. I’ll find my config file here in a bit and paste that part of it as an example

[–] umami_wasbi@lemmy.ml 7 points 1 year ago* (last edited 1 year ago)

Just don't mix up public and private IP. You cant use private IP outside of your LAN if you want to access it when you on the go.

[–] diminou@lemmy.zip 12 points 1 year ago (1 children)

You can purchase one, or as a first step you can use duckdns.org which is entirely free! Then when you think you want your own domain name you could just switch :-)

[–] marci33@feddit.it 4 points 1 year ago (1 children)

Can't it just work locally with a locally assigned IP?

[–] socphoenix@midwest.social 3 points 1 year ago
[–] space@lemmy.dbzer0.com 8 points 1 year ago

If you only need nextcloud on your local network, a quick and dirty way of assigning hostnames to machines is the hosts file. Obviously, this has to be done on every computer from which you wish to access nextcloud. Also, nonrooted mobile OSs don't let you edit the hosts file.

Alternatively, you can set up a local DNS server. Pihole also has that capability (I personally had mixed results with Pihole, not sure if I did something wrong). Some routers may have that too.

If you need it public on the internet, yes, you need a domain name. Some providers offer free domains (but it will be a subdomain of the provider). Something to keep in mind is that your IP is probably dynamic. When you connect to the Internet, the ISP assigns you a random IP address from their pool of IPs. To keep the domain up to date, you will need to setup a dynamic DNS solution. This is a simple script/program that periodically checks your IP, and if it changes, updates that domain automatically.

[–] kristoff@infosec.pub 7 points 1 year ago* (last edited 1 year ago) (1 children)

Hi,

What is the reason you do not want a domain? it is not that DNS-domains are that expensive these days. The cheapest option I found is .ovh (which is one of the major cloud-providers in France), which is 3 euro / year (+VAT). You can then put as much hosts or subdomains under it, and it supports dynamic IP.

Agreed, .ovh is not the most "professional" looking domain, but it depends on what you want to do. If your goal is simply to have something for yourself / family / friends, then this is good enough.

BTW. Having your own domain for a nextcloud instance has additional advances: you can get a real https/tls certificate from letsencrypt, and -if you put a reverse proxy in front of your NC- it shields you from people who just scan the complete IP-space of the internet but who do not know your domain.

[–] strawberry@artemis.camp 1 points 1 year ago (1 children)

didnt want one bc i gotta pay, but its fine, and especially since i can get those certificates

[–] kristoff@infosec.pub 1 points 1 year ago* (last edited 1 year ago)

Hi,

Good idea!

And once you have you domainname, you can do the following:

  • set up a reverse reverse proxy (apache, nginx) in front of nextcloud
  • in the configuration of apache/bginx use virtual hosts.
  • make sure that the default virtualhost (in apache, that is the the one that does not have "ServerName") first in the configuration. Point that to a local website with just an empty directory
  • then, AFTER the default virtual host, add the reverse-proxy configuration of your nextcloud instance.

What this does, is that if somebody addresses your website with a URL that does not contain the exact hostname of your nextcloud, the webquery will go to the empty website and simply return a 404. A hacker who does a webrequest to "https://your-ip-address/login" will just get a "404 not found" and not reach your nextcloud instance.

This keeps people who just scan the internet for vulnerable systems and try out all kind of URLs to try to get in out of your nextcloud.

Of course, this only works if you keep the full hostname of your instance to yourself and do not post it somewhere (including social media, mailing-lists, ...)

Good luck with your nextcloud server

[–] umami_wasbi@lemmy.ml 7 points 1 year ago

You can also use Tailscale Tunnel which will give you an subdomain to access for free.

Or full hardcore and use Tor .onion domain. Completely free with additional privacy.

Depending on what you are trying to do, not necessarily. NextCloud itself doesn’t really care, as far as I know, as long as it’s address doesn’t change. AIO on the other hand is setup in such a way that it needs a resolvable domain name and a valid certificate for https.

This could be done by spinning up your own certificate authority and dns server, but that is a lot of extra work and would be local network access only.

Another way would be to use a free domain and a free certificate from let’s encrypt. The downside here is that the domain authority could yank your domain at any time, for any reason (as happened to all of the free .ml domains recently). At which point your certificate would also stop working resulting in a situation where you may have to nuke and pave.

If you want to be local access only, I would pick an install path other than AIO. If you want to be able to access NextCloud remotely, purchase a domain name.

A VPN, such as TailScale would be considered local network in this situation.

[–] Im1Random@lemm.ee 5 points 1 year ago

You don't need to especially not in your local network, but if you want to expose it to the internet then it would definitely make sense since you need a domain in order to use SSL encryption.

[–] giddy@aussie.zone 4 points 1 year ago

Plenty of free hostname providers. I use Dynu

[–] deleted@lemmy.world 4 points 1 year ago* (last edited 1 year ago)

Don’t go with AIO then

You can use this with tailscale or local only.

https://hub.docker.com/r/linuxserver/nextcloud/

version: "2.1" services: nextcloud: image: lscr.io/linuxserver/nextcloud:latest container_name: nextcloud environment: - PUID=1000 - PGID=1000 - TZ=Etc/UTC volumes: - /path/to/appdata:/config - /path/to/data:/data ports: - 443:443 restart: unless-stopped

[–] HeavyRaptor@lemmy.zip 4 points 1 year ago

I'm not very familiar with NextCloud but you can use something like duckDns to direct traffic to your ip for free. Still an actual domain is a bit nicer if you want to share the URL.

[–] Ennon@lemmy.world 2 points 1 year ago

Just buy a real domain name from Cloudflare. They’re incredibly cheap dude. And you can use cloudflare’s dns stuff for free

[–] pe1uca@lemmy.pe1uca.dev 2 points 1 year ago (1 children)

I'm not sure how nextcloud handles it, but as long as you can resolve the domain then you can put whatever you want.
You usually purchase a domain so it appears in the internet with the major DNS', but if you only have the site in your internal network then you can put whatever you want as long as you update your internal DNS.

Usually you can do this by manually updating the hosts file in your machines.
But a better way is to have something like PiHole, in which you can set your local DNS to resolve to your own IP.
After that the only annoyance are the SSL certificates which will be selfsigned since browsers show a warning but some services don't have a way to work with them.

[–] kristoff@infosec.pub 2 points 1 year ago

for the nextcloud instance on my local LAN , I use the .local domain (multicast DNS). Just enable avahi on your server and you can use hostname.local on your network without having to deal with local DNS on your router and so on.

[–] rambos@lemm.ee 2 points 1 year ago

Someone linked linuxserver.io docker image that you can use with local IP. Then if you want nextcloud for yourself or just a few family members, you can setup VPN and still use local IP from anywhere. No need to buy a domain, but you need some (free) service like duckdns that tracks your public IP so you can connect to your home network anytime. You can also set your custom domain using reverse proxy (made up domain name for local use, still not payed one), but you will have to allow it in your nextcloud config

Buying domain and setting up certificates is what Im going to do just to get rid of cert warnings in a browser on my phone

[–] Decronym@lemmy.decronym.xyz 1 points 1 year ago* (last edited 1 year ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
DNS Domain Name Service/System
HTTP Hypertext Transfer Protocol, the Web
IP Internet Protocol
PiHole Network-wide ad-blocker (DNS sinkhole)
SSL Secure Sockets Layer, for transparent encryption
VPN Virtual Private Network
VPS Virtual Private Server (opposed to shared hosting)
nginx Popular HTTP server

7 acronyms in this thread; the most compressed thread commented on today has 5 acronyms.

[Thread #123 for this sub, first seen 10th Sep 2023, 00:15] [FAQ] [Full list] [Contact] [Source code]

[–] gamma@programming.dev 0 points 1 year ago

I run my Nextcloud behind Tailscale, and Caddy handles theTailscale https certs.