Nextcloud - Tailscale (Dietpi-ddns - Duck DNS)

Hey guys,

I’m using Nextcloud, Tailscale and Duck DNS.

I was reading that if i turn of tailscale i’ll have a new IP.

before i continue and screw it all up:
Does the dietpi-ddns grab this new tailscale IP if i fill out the dynamic ddns info for duckdns?

thanks!

Tailscale adds a new IP to the system, which is by default however only used when you access other IPs from the same subnet. So it does not affect any other network connections, and it does not affect dietpi-ddns updates.

Also if anything unexpected happens, you can do

systemctl stop tailscaled

to stop Tailscale.

I’d like to keep tailscale on 100%, For Nextcloud, thus if it resets or changes IP for any reason I’d like my device to update duck DNS.

If I understand well, ddns update does not work with tailscale.

I guess a handmade script is the solution for now, or is there any workaround already existing?

Nope, usage of Tailscale has no effect on your DDNS/external provider IP.

Why? For what reason?

If the IP ever changes, I want it to auto update duck DNS, or does it stay stable forever?

Also I’m thinking of somehow automatically reading the devices connected and adding them to the Nextcloud .config if at all necessary or possible.

So far the magicDNS names wasn’t successful for me, I read somewhere it needs to be ‘name-name.tailnet’, instead of ‘name-name.ts.net’, correct?

If that works, no need, but it would still be cool to automatically add new tailscale connections to the ‘safe list’,

Honestly can you describe your use case more in detail. For what reason you use Tailscale and what do you plan to do with the DDNS? You don’t need to have a DDNS while using Tailscale.

It might be I need to learn more
Thank you for your patience.

I’m using tailscale because CGNAT doesn’t allow me to port forward.
I’m the using the tailscale IP via Duck DNS to assign a name to the nextcloud NAS server.
If my girlfriend uninstalls or resets tailscale, she’ll get a new IP. I want her to be able to reconnect to her photos without me getting involved to set things straight.

I’m not sure if the written IPs works (magic DNS? ), at least for now, picking up the installation tomorrow as I’m on holidays.

It seems I need to turn on “Use tailscale DNS” on my Android to make it work.

I now understand I don’t need Duck DNS at all for my use case.

Indeed. If your Nextcloud instance can/shall be available through Tailscale only, you can just choose an appropriate hostname within your Tailscale network and use it for DNS at the clients. DDNS is not required at all in that case, as Tailscale manages everything.

How to do that would be actually nice to have in our docs: VPN Software Options - DietPi.com Docs
Might differ from platform to platform, but at least for the most important ones, or for Linux systems, we might want to add a docs tab. Are you open to write down the needed steps, probably even contributing it to the code directly? DietPi-Docs/docs/software/vpn.md at 259255c5c4f86d27c5808b72a1242403e8c39b53 · MichaIng/DietPi-Docs · GitHub

It would be an honor, making no promises.
I have managed to set it up for multiplatform, Linux, Android, Windows 11
I cannot promise on the coding either, because I use “the unspoken” for everything

PS: I would like first to finish the Cloud-NAS setup with automated reduncy backups.

I finished setting up an automatic redundancy backup for my cloud storage with rsync

And the icing on the cake
Cron activates the backup script weekly and is sending me, and my Family, an update by Gmail with the info:

• at what time it started the backup and ended the backup
• how much space used and how much is available on disk 1 and disk 2
• how much MB/GB were removed from disk 2
• how much MB/GB was backed up to disk 2
• how much space was on the disk 2 before the backup and how much is now on disk 2 after the backup
• how much space each user is using

And an rsync summary

Awesome

Hey guys,

wondering, I have successfully set up the secure connection through 443, but now I can no longer locally enter through my local IP.

is there a way to benefit from; both the secure connection through the https internet->home, and the convenience of http home->home?

PS: because I must now have my Tailscale running on my devices and it drains slightly more power on my phones

Depends if you enable automatically redirect from http to https. And some more information would be needed what address you are using at home. Is it that the same you use while outside your home?

I’m hoping that this would help a lot
Let me know if you need to see more

port 80
&
port 443

<VirtualHost *:80>
   ServerName dietpidevice.name-name.ts.net
   Redirect permanent / https://dietpidevice.name-name.ts.net/
</VirtualHost>

Are you able to resolve dietpidevice.name-name.ts.net at home? And did you tried using ip address?

I turned of Tailscale:

• 192.168.111.99 brings me to https://dietpidevice.name-name.ts.net with Apache2 Debian Default Page
• 192.168.111.99/nextcloud/ brings me to https://dietpidevice.name-name.ts.net/nextcloud with Apache2 Debian Default Page
• https://dietpidevice.name-name.ts.net/ brings me to Apache2 Debian Default Page
• https://dietpidevice.name-name.ts.net/nextcloud brings me to Apache2 Debian Default Page

PS: On my Androids I could go through some warnings whether i trust the page, dietpidevice.name-name.ts.net or not, and it did work.
However, on my Window 11 this is still like above.

This is indicating a problem with the client if it is working on one device but not on the other

Thanks Joulinar!

Gave me an idea, I tried https://192.168.111.99/nextcloud/, thus specifying with https://, and also on Windows i received the unsafe warning, but I got through and it works

I guess the certificate has been created manually