nshibj

joined 7 months ago
[–] nshibj 10 points 5 months ago (3 children)

I recently set up a small home server and started trying to self host stuff. I found it pretty hard to get started. People have been very helpful on this community and other public forums, but I'm afraid it's often not enough. They give me advice in trying this or that, doing this and avoiding that... but I still don't understand more than half of the concepts that they use. I consider myself tech literate above the average user: I recently switched to Linux (after years on MacOS, using the command line, and even building a couple of programs from source), I also installed a custom ROM on my phone. I feel comfortable learning and doing these things... but still felt very very lost when trying to self host a few services. At the moment I settled for a local-only network where I run Jellyfin, Navidrome and Syncthing on OpenMediaVault. I'm lost with what I'd need to do to access my server from outside my local network, and terrified of doing something wrong and leaving a hole open so any hacker can access my server. I'd like to do it some day, but I'd rather have a safe local network than screw and get my data stolen or deleted.

So, in my opinion, we would need good tutorials or a MOOC to explain the basics from scratch.

[–] nshibj 4 points 6 months ago* (last edited 6 months ago) (2 children)

I am not sure about this and cannot check myself because my server died last night :( but... I know that you can restrict certain functions for different users (log in as admin and go to Settings/Users). You could check if it's possible to disable x265 playback for a user, then create a new user that you use exclusively to log in on that device.

[–] nshibj 1 points 6 months ago

Thank you! That's exactly what I was looking for. I am familiar with Little Snitch for macOS, so this looks perfect.

For anyone interested: https://github.com/evilsocket/opensnitch

[–] nshibj 1 points 7 months ago* (last edited 7 months ago) (2 children)

If you're on windows run glass wire or OSX run little snitch. I used to know a Linux alternative for those

Would you happen to know the name of a similar tool for Linux? I was just yesterday searching myself but I couldn't find anything

[–] nshibj 1 points 7 months ago (1 children)

Thank you for this new tip, I think we found the problem: ports 80 and 443 are not open. After I installed nmap (which was surprisingly not present in my Raspbian installation), the output of nmap localhost reads:

Not shown: 997 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
53/tcp  open  domain
631/tcp open  ipp

I guess I did something wrong when following the tutorial (or the tutorial had some mistake, but I'd me more inclined to think the mistake was mine). I will try to clear this installation on docker and start all over again, then I will check nmap localhost again to see if it works fine then.

Thank you very much for your support. I still feel quite lost, but I finally found out why this is not working and I can repeat the steps and pay special attention... or look for a different method (someone here suggested using Nextcloud All-In-One).

[–] nshibj 3 points 7 months ago (4 children)

Thanks for your answer. I am indeed getting no warning on my browser, just "Unable to connect" on LibreWolf and "This site can't be reached" on Chromium. I tried the same format (https://192.168.50.30:80) with ports 80, 8080 and 443. The only difference is it was always https:// (since I think my browsers are configured to force https everywhere).

The out put of docker container ls looks like this:

CONTAINER ID   IMAGE              COMMAND                  CREATED        STATUS                                  PORTS     NAMES
95a71b3ce4f6   nextcloud:apache   "/entrypoint.sh apac…"   24 hours ago   Restarting (1) 30 seconds ago                     nextcloud-app-1
590b07333fa1   nextcloud:apache   "/cron.sh"               24 hours ago   Restarting (1) Less than a second ago             nextcloud-cron-1
337fd48a72e8   nextcloud-proxy    "/app/docker-entrypo…"   24 hours ago   Restarting (1) 17 seconds ago                     nextcloud-proxy-1
401d57a50ec8   mariadb:10.6       "docker-entrypoint.s…"   24 hours ago   Restarting (1) 57 seconds ago                     nextcloud-db-1
c6093edc9f71   redis:alpine       "docker-entrypoint.s…"   24 hours ago   Restarting (1) 9 seconds ago                      nextcloud-redis-1

I notice that the "PORTS" column is empty. I am running Raspbian GNU/Linux 11 (bullseye) on my Raspberry Pi, yes.

[–] nshibj 2 points 7 months ago (2 children)

Thank you for your answer. I will look into getting a domain, but I want to try to fight with this a bit more, mainly as a learning experience. I will also look for easier projects for a beginner, like the dokuwiki you recommended.

[–] nshibj 1 points 7 months ago

Thanks, the tip for Nextcloud All-In-One is actually a very good one. I want to try to make my current setup work, as I said mainly as a learning experience. But I will definitely consider that option once I'm done with this experiment. I guess I will also get a domain.

[–] nshibj 2 points 7 months ago

Thank you for your reply. I think I will look into getting a domain, however I still want to try this, to use it as a learning experience. Try to make it work like this, then keep learning and probably switch to a domain, which seems to be the common thing.

[–] nshibj 2 points 7 months ago

Thanks for your reply. I am not sure about this. Following the tutorial I created a compose.yaml file that had proxy settings:

  proxy:
    ports:
      - 80:80
      - 443:443

so I would assume that already takes care of the ports?

I will have a look at dedyn.io and the tutorial you shared once I manage to reach NextCloud locally via the IP address. Thanks

[–] nshibj 2 points 7 months ago* (last edited 7 months ago) (7 children)

Thank you, the ip a command helped me get the IP clear, however I am still not sure about the port. I tried with :80, :8080 and :443 (because 80 and 443 are the ones mentioned in the compose.yaml file, and I saw online that 8080 is also a common one?) but none of them worked :(.

I think I will try zerotier, but first I need to be able to access NextCloud from my home network via the IP, which I'm currently unable to do. The tutorial I followed says

The other option is to use a self-signed certificate. This certificate is signed by your own server and won’t be verifiable by any web browser unless you manually install the certificate.

However, it doesn't explain where that certificate will be stored nor how I can manually install it in the browser I want to use to access NextCloud. Could that help with my issue?

 

TL,DR: beginner tries to set up NextCloud via docker components without having a domain. Trying to access via IP doesn’t work. Probably made a few mistakes/missed some important stuff along the way

Hi everyone,

I am completely new to self hosting. Like many others I want to move away from Google, Apple, Microsoft... for my Calendar, Tasks and Contacts, and I thought I would try self hosting all that in NextCloud. I have already tried a 3rd-party hosted NextCloud instance and I feel comfortable with it, so now I want to do the next step and host it myself on a RaspBerry Pi 4 (4GB) that I recently purchased.

I have read around and searched for tutorials, and although I am still a bit lost I decided I would start working on it and see what problems I find along the way, and learn from this. Once I’m done I hope to have learned properly, and I plan to wipe everything and do it again, this time knowing better what I’m doing.

So, to begin with I decided to do it using Docker Compose, as I’ve read it makes setup and troubleshooting easier. I found 2 tutorials that looked good to me: tutorial 1 and tutorial 2, but going through them I see the most frequent case they require that I have my own domain (tutorial 1 has only that option, tutorial 2 offers that option or using an IP address). Do I need to have my own domain to have NextCloud calendar, tasks and contacts shared between my computer and my smartphone? If both options are possible, is one of them more secure than the other? is there some strong reason to avoid one of them?

Since I don’t have a domain (I’m completely new to this), I opted to try tutorial 2 with IP address, but I got stuck in the end, where I am supposed to access my NextCloud Web Interface. Tutorial 2 suggests getting my Raspberry Pi IP address with hostname -I (step 17), but this way I get five different IP addresses (4 IPv4 and one IPv6), not just one. When I try any of those IPs on a browser (step 18) none of them work. I guess I am missing something basic here, so I’d be grateful if someone can point me in the right direction.

Searching for an answer I found a comment on reddit saying that I can skip getting a domain and host locally (no domain) and set up a VPN.

Would it be necessary in my case to get a domain? If I skip the domain, what steps am I missing to be able to access my current NextCloud docker installation? What mistakes have I made so far, and what resources can I use to learn about what I’m missing? Do you have any other tips for an absolute beginner (who is comfortable around the linux command line)?

view more: next ›