this post was submitted on 03 Apr 2024

22 points (95.8% liked)

Selfhosted

39964 readers

395 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago

MODERATORS

[email protected]

Install Nextcloud with reverse Proxy (programming.dev)

submitted 7 months ago by [email protected] to c/[email protected]

10 comments fedilink hide all child comments

hey guys

I'm pretty new to this web-stuff

i got a vps where i'd like to install nextcloud. i want it to be reachable via cloud.example.com

i also have a homeserver with octoprint and stuff on it. i'd love to be able to access that with octoprint.example.com

that's what you pros use a reverse proxy for, right? but how do i do that?

install nextcloud with appache and use nginx as the proxy? i guess i could also use haproxy for that as well? what would you recomend as setup?

sadly nginx proxy manager is no option. but is there another easy to config method?

top 10 comments

sorted by: hot top controversial new old

[–] [email protected] 5 points 7 months ago* (last edited 7 months ago) (1 children)

I use Caddy V2 (running in Docker/Podman). Configuration can be even simpler than the below. It automatically sorts out the SSL certs from Let's Encrypt for you. If you use Cloudflare DNS challenge like I do, you can get SSL without the server having to be exposed to the internet.

cloud.example.com {
  encode zstd gzip
  tls {
    dns cloudflare {$CLOUDFLARE_API_TOKEN}
    resolvers 1.1.1.1 1.0.0.1
  }
  reverse_proxy nextcloud.my.local.domain:80
}

If you want it exposed then you can just use the default HTTP challenge.

cloud.example.com {
  encode zstd gzip
  reverse_proxy nextcloud.my.local.domain:80
}

And yes you can add any number of sites on subdomains like this and it will reverse proxy them to the correct server based on the domain name.

[–] [email protected] 2 points 7 months ago

that looks promising.

guess i'll take a look at caddy.

thank you very much.

[–] [email protected] 3 points 7 months ago

I used docker to get nextcloud and nginx conf to reverse proxy to it. It works well and is not difficult to set up by following their guide on github. It works pretty much out of the box.

[–] [email protected] 3 points 7 months ago* (last edited 7 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters	More Letters
DNS	Domain Name Service/System
HTTP	Hypertext Transfer Protocol, the Web
SSL	Secure Sockets Layer, for transparent encryption
nginx	Popular HTTP server

4 acronyms in this thread; the most compressed thread commented on today has 6 acronyms.

[Thread #652 for this sub, first seen 3rd Apr 2024, 11:35] [FAQ] [Full list] [Contact] [Source code]

[–] [email protected] 2 points 7 months ago

I'd install it via podman (or docker) compose.

I use nginx proxy manager but traefik or caddy should be recommended I guess

[–] [email protected] 2 points 7 months ago

From the Nextcloud docs : https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html

[–] [email protected] 2 points 7 months ago (1 children)

I would keep octopi off the Internet (local network only). There's too much risk that if somebody did get access they could heat your hot-end up to 300C and just leave it there or something.. Setup a vpn if you want remote access to it.

[–] [email protected] 2 points 7 months ago

good point

but octoprint was more of an example. not the best, for sure

[–] [email protected] 1 points 7 months ago

I use both nginx and haproxy, and nginx is much easier to configure. That being said, haproxy has more features, like working as a load balancer with traffic shaping/shifting. But it sounds like you don’t need those features.

[–] [email protected] 1 points 7 months ago

Nginx is pretty easy to set up. Look up "nginx virtual hosts". You might want to use certbot/acme if you don't have SSL certificates for your domain names. You need either a wildcard certificate (*.example.com), a certificate with SAN (Subject Alternative Name) containing the second subdomain, or two certificates (one for each subdomain). Note that subdomains can be found more easily than path based websites, if you allow connections from the whole WAN.