this post was submitted on 15 Jun 2023
6 points (100.0% liked)

Selfhosted

40329 readers
365 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hi. I want to start selfhosting my data. I already have a jellyfin server running. I'd like to add a nextcloud instance. The setup of nextcloud says I should open up port 443 for using my own domain. Sadly I am not able to open up this port properly. It is open however when I visit jellyfin.mydomaim.com it is rerouted to the config of my router. To circumvent this problem I have set up a reverse proxy that accepts port 8443 instead of 443. For my jellyfin this seems to work. I can visit it with jellyfin.my domain.com:8443. I don't know how I can get this to work for nextcloud as it only accepts 443. Any advice on my setup is welcome! BTW I am running Debian on an old PC.
Thanks in advance for the help!

top 22 comments
sorted by: hot top controversial new old

Look into using a reverse proxy that owns 443 and serves your other applications.

[–] r0ckr@lemmy.world 3 points 1 year ago* (last edited 1 year ago) (1 children)

There seems to be a bit of a misunderstanding of what a reverse proxy does.

The proxy should accept requests on port 80 and 443 and on the basis of the requested website route you to the correct adress:

  1. Request for jellyfin.mydomain.com comes in
  2. Reverse proxy checks where it should reroute it -> host.of.jellyfin:8443

So your client thinks its talking to your jellyfin-instance over port 443 but in actuality your proxy reroutes the traffic to wherever your jellyfin needs it to arrive..

/Edit: Ah just saw that it redirects 443 requests to your router. Can you configure a DNS override on its config somewhere?

[–] encode8062@lemmy.one 1 points 1 year ago

I get a 302 "temporary redirect" response, I do not know why my router does this. I'll check its config again. I have added a port mapping so that external 443 is mapped to my internal server 443

[–] hello_world@feddit.uk 3 points 1 year ago (1 children)

I have nextcloud running just fine (with Apache) on a non-443 port. What issue are you seeing exactly? Once your webserver is listening on your port of choice, Nextcloud will show an "untrusted domain" warning if the domain/port have not been set in config.php properly. After that is done, it works perfectly for me.

[–] encode8062@lemmy.one 1 points 1 year ago (1 children)

I was running nextcloud in a docker (and was maybe thinking of running it in snap), how can i change the default 443 port. I have no experience with the docker from nextcloud

[–] LordChaos82@fosstodon.org 1 points 1 year ago (2 children)

@encode8062 @hello_world Please try to avoid using nextcloud in snap. I started with nextcloud in snap and came a long way before I realized the performance and upgrade issues when using snap version of nextcloud. For me it was too late but now I try to ask people to avoid it at all costs.

[–] encode8062@lemmy.one 1 points 1 year ago

Thanks you so much for the warning. I was already doubting if that would be a smart choice.

[–] hello_world@feddit.uk 1 points 1 year ago (1 children)

Not using Nextcloud in snap and not sure where I said I was using it inside snap? What installation method are you using at the moment?

[–] LordChaos82@fosstodon.org 1 points 1 year ago (1 children)

@hello_world Sorry, my reply was meant for @encode8062 . Not sure how you got tagged.
If the question was for me, I am stuck with using it in snap as my family and I have too much invested in Nextcloud to try to attempt a migration to a non snap instance.

[–] hello_world@feddit.uk 1 points 1 year ago (1 children)

No worries :) Let me rephrase the question though - what installation method would you be using if you could?

So far I'm reasonably happy with a baremetal installation, but considering moving it into some kind of VM.

[–] LordChaos82@fosstodon.org 1 points 1 year ago (1 children)

@hello_world I would be using it in a VM or bare metal if I could. I have heard good things about Nextcloud in docker but we are power users on Nextcloud in my house so not sure if docker instance of nextcloud could handle the load.

[–] hello_world@feddit.uk 2 points 1 year ago (1 children)

I'd hope for the exact same performance with Docker (or KVM) as on a baremetal host, unless you're doing userspace networking for ultra-low latency Nextcloud :D (and even that I suppose you could PCI-passthrough the network card?)

[–] LordChaos82@fosstodon.org 0 points 1 year ago (1 children)

@hello_world I would agree. We have around 2 TB of data hosted on our snap nextcloud instance so I would not even know where to start if I ever wanted to migrate it to a separate instance on docker, VM or bare metal :(

[–] hello_world@feddit.uk 1 points 1 year ago

My condolences! Copying the data around may be reasonably straightforward if you can get it out of the snap (it's just a directory, after all), but I have no idea how the database is setup for it. Good luck nevertheless!

[–] dudeami0@lemmy.dudeami.win 3 points 1 year ago (1 children)

To me this seems like a routing issue. Some things to check:

  • Can a port checking service (like canyouseeme) see 443?
  • Can you connect to 443 from the internet (use a VPN or separate network)?
  • Can you edit your hosts file to point jellyfin.mydomain.com to your jellyfin server's LAN IP?
  • After doing this, can you connect to jellyfin.mydomain.com on the LAN?

My guess is the router is routing traffic to it's external IP from the LAN back to itself, without following port forwarding rules. Good luck figuring it out though!

[–] encode8062@lemmy.one 1 points 1 year ago (2 children)
  • Yes!
  • yes but it is 307 temporary redirect to router config page
  • i am not sure what you mean

Is it normal i cannot access the jellyfin service from the internal network using the Jellyfin.domain.om

[–] dudeami0@lemmy.dudeami.win 2 points 1 year ago

If you are seeing your routers config page, and you are sure you are connecting from outside your network, it sounds like the router's 443 page is overriding the port forwarding. Otherwise, it's like @fixmycode@feddit.cl said and you just need a local DNS that points to the right spot locally, and let your public DNS point for external connections.

As for the hosts file, you can see a guide here for windows/linux/mac. Basically this is a override of any DNS entries. Here you can point jellyfin.domain.com to your jellyfin servers LAN IP and test the connection works.

[–] fixmycode@feddit.cl 2 points 1 year ago

I feel you can't access because your router doesn't loop back connections to your own IP. To fix that you might need to run a local dns that routes traffic to that domain to your local machine, you can do that running a service like dnsmasq and pointing your router to that service instead of the default dns (and always set a secondary DNS in case your service fails)

[–] eddie@fig.systems 3 points 1 year ago (1 children)

If vising jellyfin.mydomain.com presents you with your routers config that means you don't have port forwarding working correctly for ports 443. You should google your router's name + "port forwarding".

[–] encode8062@lemmy.one 1 points 1 year ago (1 children)
[–] eddie@fig.systems 2 points 1 year ago* (last edited 1 year ago) (1 children)

I'd make sure you're forwarding http (port 80) to that same internal host too. I'm assuming thats your jellyfin server. Your browser might not be appending https to your domain and connecting to your router port 80. You can test this by going to both https:// and http://.

On your local network, does going to https://192.168.1.4 present you with what you actually want?

[–] encode8062@lemmy.one 2 points 1 year ago

port 80 is also forwarded. I am not at home now, ill test tomorrow

load more comments
view more: next ›