I installed the latest version of DietPi from the official dietpi vm. I am using VMWare Workstation Pro.
The install of Nextcloud was incredibly easy and painless, however I cannot get HTTPS to work
What does work:
h-t-t-p://ip.address [brings up the Apache2 webpage]
h-t-tp://ip.address/nextcloud [brings up nextcloud http]
What doesn’t work
h-t-t-p-s://ip.address/nextcloud [ error: Not Found The requested URL was not found on this server]
Different web-browsers show there IS a self signed cert, but every time I click accept it takes me an error page which leaves me to believe that the webserver isn’t configured correctly and I have no idea how to configure it such that h-t-t-p-s : // ip.address/nextcloud will work or show up
I’ve see a lot of guides but they all involve opening ports in my router and I don’t have any need for that
I realize that encryption may not really be necessary because I’m at home, but I’d still like to undertake this exercise and see it through
You need to generate SSL certificates to be able to activate HTTPS. This is not working by default. For this you have 2 options.
create an official certificate issued by letsencrypt. There you need to open port 80/443 on your router. Otherwise letsencrypt will not be able to verify your DDNS.
create a self-signed certificate. This is working without port forwarding. However, every modern web browser will complain about invalid certificates.
Anyway, if you don’t plan any external access, no HTTPS configuration needed. You can stay with plain HTTP.
This has nothing to do with traditional SSL configuration. It will not setup HTTPS on your system.
This Cloudfare solution is basically a completely different method connecting your home network to the internet. You will run a 3rd party app on your system, establishing a permanent connection to Cloudfare cloud. And your mobile client will contact Cloudflare cloud first before connecting to your system. Cloudflare Tunnel · Cloudflare Zero Trust docs
@Joulinar Thanks for explanation about Cloudfare. I had taken a quick look on their site, saw that they required client s/w and saw reference to getting a .pem file, so thought they might provide specific certs with their app.
Cloudflare handled the request and the certs…when someone goes to your url, it is pointed at their dns servers. they then handled all the certs and redirects thru the tunnel app running behind your firewall, it punches a hole thru establishing a connection…no ports needed to be port forwarded
Exactly…a good VPN inside your network is the most secure because you connect to the VPN then into your home network encrypted and trusted…it makes it hard to get to outside your network…but that is the point
I had no idea CloudFlare tunnels were a thing. It honestly feels like a game changer for the self-hosted community, and solve all of my NextCloud problems
My vaultwarden is 100% operational secure thru https end 2 end
Should work just as well with Nextcloud and synthing and the like, as long as it has a https login screen and not just go straight into the webpage (but there is a way to secure that too but takes much more configuring)
It does take more configuring and setting up and actual domain name, but ultimately it makes it easier to setup
Not sure if this is a game changer, because you need to connect your system to a 3rd party cloud permanently. Wich is basically the opposite of self-hosting idea, to get independent from global cloud provider.
