NextCloud Without Port Forwarding via Cloudflare Tunnels
Рет қаралды 101,214
Күн бұрынToday's video is sponsored in part by Linode!
Sign up today and get a $100 60-day credit on your new Linode account, link is in the description.
🔗 dbte.ch/linode
/=========================================/
We're going to take a look at getting NextCloud up and running with Docker, Portainer, and Cloudflare Tunnels.
Here is the writting companion piece for this video:
dbt3ch.com/books/nextcloud-wi...
Uptime Kuma video: • Secure Your Domain wit...
Timestamps:
0:00 Intro
0:30 Ad
1:20 Intro Continued
4:02 Installing with Docker
9:50 First Login
11:03 Setting Up Cloudflare Tunnels
15:47 STOP GETTING ADS!
15:59 Modifying the Config.php File
20:03 Fixing Caldav
21:27 "Fixing" Uploads with .htaccess
24:26 Cron Jobs
28:34 Ad
29:31 Cron Jobs Continued
30:24 Wrap Up
/=========================================/
Another segment in this video is sponsored by Refurb Feed.
🔗 dbte.ch/refurbfeed
Use code: DBTECH for 10% off your next laptop purchase.
/=========================================/
Get early, ad-free access to new content by becoming a channel member, a Patron or signing up for the members' only website!
✅ / dbtech
✅ dbtech.fans/
✅ / @dbtechyt
/=========================================/
The hardware in my recording studio is:
✔ Custom PC w/ Ryzen 2600, 32GB RAM, RTX 2070, Assorted Storage
✔ Panasonic LUMIX G7 4K Digital Camera: amzn.to/3IGEOcb
✔ SAMSUNG 34-Inch SJ55W Ultrawide Monitor: amzn.to/395g9BZ
✔ LG 27UK650-W 27” UHD IPS Display with HDR 10: amzn.to/398pg4S
✔ WALI Premium Dual Monitor Stand: amzn.to/398AiqM
✔ Neewer Lights: amzn.to/3nZcoSX
✔ Light Power Supply:amzn.to/3Konpqf
✔ 55" Gaming Desk: amzn.to/3AkgHgw
✔ Sabrent USB-C Hub: amzn.to/3qFcwbV
✔ Das Keyboard 4 Professional: amzn.to/3G9rPxM
✔ Fuqido Big and Tall Gaming Chair: amzn.to/3IGegrq
/=========================================/
The hardware in my current home servers:
✔ Synology DS1621xs+ (provided by Synology): amzn.to/2ZwTMgl
✔ 6x8TB Seagate Exos Enterprise HDDs (provided by Synology): amzn.to/3auLdcb
✔ 16GB DDR4 ECC RAM (provided by Synology): amzn.to/3do7avd
✔ 2TB NVMe Caching Drive (provided by Sabrent): amzn.to/3dwPCxj
✔ TerraMaster F5-221 (provided by TerraMaster): amzn.to/3IfH2QD
✔ 5x6TB WD Red Plus NAS: amzn.to/3LnbPvC
✔ 8GB DDR3: amzn.to/3kfLTX3
✔ TerraMaster F4-423 (provided by TerraMaster): amzn.to/3kjUms5
✔ 2x8TB Seagate Barracuda Compute: amzn.to/3xBAO95
✔ 16GB TEAMGROUP Elite DDR4: amzn.to/3MzzFV9
✔ 512GB Silicon Power NVMe Caching Drive: amzn.to/3MzkBae
All amzn.to links are affiliate links.
/=========================================/
✨Find all my social accounts here:
✅ dbte.ch/
✨Ways to support DB Tech:
✅ / dbtech
✅ www.paypal.me/DBTechReviews
✅ ko-fi.com/dbtech
✅ Cashapp: cash.app/$dbtechyt
✅ Venmo: venmo.com/dbtechyt
✨Come chat in Discord:
✅ dbte.ch/discord
✨Join this channel to get access to perks:
✅ / @dbtechyt
✨Hardware (Affiliate Links):
✅ TinyPilot KVM: dbte.ch/tpkvm
✅ LattePanda Delta 432: dbte.ch/dfrobot
✅ Lotmaxx SC-10 Shark: dbte.ch/sc10shark
✅ EchoGear 10U Rack: dbte.ch/echogear10u
@ahyi9350 Жыл бұрын
Thank you so much for sharing this! You made my deployment way a lot easier. Appreciate your time and effort!
@goddrago Жыл бұрын
Man! Thank you so much for this video and all your knowledge! I have like 3 weeks fighting with NGINX, firewalls, stacks, etc... and now finally with this solution everythong is working as intended! I'm already a Patreon but is nothing for all the stuffs you do and teach us! Thank you again! (Sorry for my english, is my second language).
@somedude5353 11 ай бұрын
Thanks for the guide, I got this one working over the other guide. Though it seems like: 1. You get this prompt about HSTS which wasn't discussed: The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds. For enhanced security, it is recommended to enable HSTS as described in the security tips ↗. 2. There are other issues that the redirects didn't resolve: - Your web server is not properly set up to resolve "/.well-known/webfinger". - Your web server is not properly set up to resolve "/.well-known/nodeinfo".
@aruu2933 10 ай бұрын
did you find a solution for it?
@gavination_domination 7 ай бұрын
Same here. For #1, I believe the HSTS issue isn't so much a problem, considering that Cloudflare Tunnel enforces HTTPS at their end, not on the client. My understanding (and I could be wrong) is that the way to resolve this is by generating a cert from let'sencrypt or somewhere and having that handshake happen on a reverse proxy manager's end, like NPM. I'm not 100%, but I inferred as much from a GitHub post.
@marcoantoniogonzalez4469 3 ай бұрын
Hi, Did you find any solution for that issues?, is not quite clear on the video this 2 points. Regards
@realMattGavin Жыл бұрын
I was just looking for this last night, and you posted this today. Crazy! Obliterating that like button! 😃
@noahwilliams8918 Жыл бұрын
I love that you made this video. It's a great practical demo of how to setup cloudflared tunnels! However, I would like to warn you as well as people reading the comments that those Apache settings are dangerous! They're basically enabling a slow-loris attack, a very simple and affective DOS wherein the attacker bogs down your server by choking it it with a few long-running bogus requests. If you wish to upload large files to your Nextcloud server, I recommend leaving the Apache settings as-is and using the desktop sync client, as it will break them intelligently into smaller chunks for upload. The browser client isn't setup to do this (AFAIK).
@JeanCFF Жыл бұрын
Thank you so much for the video, it helped me a lot. It's people like you that make the world a smarter place.
@lazaruspr23 Жыл бұрын
Man, you rock....have been messing with nextcloud for a while and though I like it, setup has always been hit or miss, this one finally has all the right markers and get to use it with tunnels. You are a champ as always.
@DBTechYT Жыл бұрын
Thanks!! I appreciate that and hope this is helpful for you!
@saisibi6708 Жыл бұрын
Wow dude. Thank you. I was struggling so much deploying this. And your guide helped me out so so much. Thanks a ton mate. I learnt a bit too.
@gerickolson2271 10 ай бұрын
Thanks for the video, I was struggling with this for an embarrassing amount of time. Thank you so much!
@kslim34 Жыл бұрын
Hi David, longtime viewer, love your videos. Have you ever tried maximizing next cloud storage capacity to use external storage like say an attached storage on your OMV setup or even a network attached drive on the network?
@darthkielbasa Жыл бұрын
I’m glad I watched enough of the video to hear this is a OMV video. I’ve been searching for this exact content. Thank you sir
@DBTechYT Жыл бұрын
Glad it was helpful!
@agilebarsfromtimebarsltd.4918 5 ай бұрын
This is a great video, thank you very much. I struggled for days to get this working the way you go through it (makes it look easy). But my setup, which I thought was similar to yours, really was not because my home lab did not have the DSL router in bridge mode. I am using the Bell HH4000 and the only way I could figure to get it into bridge mode was to buy a NetGear pfsense firewall and configure my HH4000 with the DMZ advanced mode. I am hoping my days of struggling and learning helps someone. I also forgot to open the UFW port 8080 on my host.
@Public_Potato 9 ай бұрын
Super great tutorial, I setup with just docker instead of portainer with it and still found this super helpful. Thanks!
@migii3127 9 ай бұрын
hey, how did you do the steps that involved portainer? (ex: editing the config file) since I'm running into issues when adding the overwriteprotocol and etc. did you add any mysql info when setting up nextcloud and how? (I used the docker route and was wondering if mysql needed setting up or something)
@Public_Potato 9 ай бұрын
@@migii3127 I didnt use portainer or mysql at all since my deployment is for small personal use
@LouDog0102 Жыл бұрын
This video was super helpful in getting my NextCloud setup with access through Cloudflare tunnels. Liked and tip sent.
@DBTechYT Жыл бұрын
Cool, thanks!
@simonreidis Жыл бұрын
You don't actually need to redeploy the container to change the restart policy. Just go into the container, find the restart policies section and change it, then hit update. For me, so far, this has always worked. But thanks for this great info, helped me out immensely!
@bassjmr Жыл бұрын
I can confirm the 100mb limitation is there. For some reason if you upload via web interface it works but if you use the nextcloud client or WebDAV it stops as soon as the file hits 100mb. More investigation is needed. P.s. I confirmed with cloudflare documentation. All HTTP POST request size is limited to 100mb on the free plan..So if you use the desktop client ( WebDAV based) or any other WebDAV client , and need to upload large files this method is not for you. If you only use the web interface you should be fine !
@michaelmoloney4080 Жыл бұрын
yep, nginx proxy manager with lets encrypt doesnt have this issue.
@zlatizlatev8632 Жыл бұрын
Hey David, thanks for this video. Can you please explain the "fixing caldav" part? I didn't understand what you do on this part. Thank you in advance.
@Greycg Жыл бұрын
Thank you David. This video helped me a lot.
@zakafx Жыл бұрын
thanks for the info as always. how do you go about resolving the webfinger/nodeinfo redirects afterwards?
@TapiTapiTap Жыл бұрын
Thank you for the video , has fixed some of my older problems . for some reason the background jobs are not executing and uptimekoma is runnning and up
@hakank.560 Жыл бұрын
keep it up with these docker image tutorials!!!!!
@VinodBaliga Жыл бұрын
Wow! I wasn't even aware that there is something called cloudflare tunnel. Seems like a great solution compared to port forwarding and lesser headaches! Thanks as always.
@DBTechYT Жыл бұрын
Glad it helped!
@raylab77 Жыл бұрын
@@DBTechYT will Cloudflare tunnel fix double nat issues?
@oevilberto Жыл бұрын
@@raylab77 Yes. I'm CGNATed, and Cloudlflare tunnelling gets around it (via a domain name).
@PanFilux 11 ай бұрын
@@raylab77 yes
@vpee Жыл бұрын
Hi! Thanks for this video. Will all the customisations done to the container remain after image update?
@Billyfelicianojp Жыл бұрын
Do you have an example of what it looks like or to setup the docker volume share path? Example I would want to use my NAS. Thank you for your videos.
@xordoom8467 2 ай бұрын
Very helpful, thank you very much!!
@TheAwesomeGuy101 Жыл бұрын
Hey Thanks for this tutorial. Followed it but I still have some warnings. 1. Strict Transport Security HTTP header is not set to at least "15552000" seconds 2. Your web server is not properly set up to resolve "/.well-known/webfinger" 3. Your web server is not properly set up to resolve "/.well-known/nodeinfo" I don't know why it's throwing out this issue, I saw the right commands on the config.php file and when you visit the url it works.
@johnnyvvlog Жыл бұрын
Get the same errors. Have you ever been able to solve them?
@sunnysamantara Жыл бұрын
Did u get the solution for problems 2 and 3 ?
@mszura1898 Жыл бұрын
Hi Are you planning for updating this for Nextcloud All in One? It is quite different than this version and it is recommended installation method. Thanks for your videos
@kshitijkadlag Жыл бұрын
Hey! I've followed the steps in this video to setup a Nextcloud instance using Docker and Portainer. I'm using Cloudflare Tunnel to access it on the internet, but I'm unable to use video calls in Nextcloud Talk because it needs a Turn Server. Could you please make a video on how to set that up in Docker using Portainer?
@beta-wc6zz Жыл бұрын
Thank you every time!
@sososleepie863 Жыл бұрын
9:46 When you installed recommended app, will it make nextcloud container same as nextcloud/all-in-one docker images?
@afbanales Жыл бұрын
you are very smart, and have a lot of information, unfortunately your communication is tailored to "other" people that are not me, i've seen and re-seen your videos and still do not understand what your doing. thanks for sharing, and hopefully one day i can understand what you are saying
@mrcolo. Жыл бұрын
You are the best!! Thanksss
@it-expat-china Жыл бұрын
That 'overwriteprotocol' setting saved my day, many thanks, sir!
@benjavides Жыл бұрын
Thanks for the great video! I'm kind of new to all this and was wondering why you don't need to specify PUID and PGID in the docker compose? I've seen in all the linuxserver docker stacks that they use 1000 for "easy user mappings"
@noahwilliams8918 Жыл бұрын
It defaults to UID & GID 33 on most Linux systems for the default `www-data` user used by apache2
@ParagOak 2 ай бұрын
So if I follow all these steps mentioned in the video, I should able to to access my nextcloud setup on mobile app outside my home network? is cloudflare is same like twingate?
@jeytis72 Жыл бұрын
If I got it right you can use a cloudflare tunnel not only to access your services running on a server with their own domain without opening ports, but you can also get access to your own Home LAN to use, i.g, RDP, to fetch your files as you would do via a VPN like Wireguard and OpenVPN. It seems that you need such a WARP app and set another service on your cloudflare account. Any chance to get a new video tutorial about that? Thanks
@thebatu89 Жыл бұрын
Hi, would there be any issues with cloudflare tunnel t&c if I mainly used nextcloud to backup photos & videos?
@nicosyaif556 8 ай бұрын
Thanks for the tutorial.
@Traveler-kl6fr Жыл бұрын
Any chance this video can be rebuilt for NextCloud All in One? The docker compose file isn't the same and it runs an https validation before component install. Also, once NextCloud is up and running, how do you add more storage after the fact?
@Rohambili 20 күн бұрын
Thank you! But how about the 100mb cloudflare size limit? Can i do anything on server side? To upload big files with browser...? Instead of using nextcloud client and set chunksizes ...
@pacificape2469 11 ай бұрын
Excellent video, only one thing, I did everything but I still got the HTTPS warning, even though I can access my site via a domain, the Nextcloud App stills marks it as insecure and somehow I'm unable to get the menu to display...
@linuxbasics7060 Жыл бұрын
Hi David, great tutorial How does this work with Navidrome, inparticular the app I have on my phone (symphonium). Or would I need to specify different rules specific to navidrome whic hallows the apps to connect?
@msdosfx Жыл бұрын
Streaming is a violation of TOS for Cloudflare Tunnels. Symphonium will work great with Tailscale on your phone and media server, as long as you're not running a different VPN on your phone at the same time, which I think is not possible. Tailscale is also way easier to set up and connect than cloudflare tunnels. Just use the IP created in Tailscale for your server and add port for Navidrome as a media source in Symphonium.
@Tiaguituh05 Жыл бұрын
I'm facing an issue, my public hostname gets me no where and just times out. My setup is: nextcloud running as a plugin on truenas. Installed the cloudflare agent on a VM running docker inside the truenas. Any ideias? I have tried everything
@60plustv23 Жыл бұрын
Any idea how to make Nextckoud Office or OpenOffice to work with this setup ? "Collabora Online - Built-in CODE Serve" or "Community Document Server " refuse to work.
@Slstang2005 2 ай бұрын
Great job, even in 2024 this is still relevant. Worked perfect with all the latest versions. Can you explain how one would add my unraid shares, array or even a pool disk? I have a large doc file already on my array and would like to access them from nextcloud. Thanks again.
@DBTechYT 2 ай бұрын
Glad this video was helpful. Unfortunately I've got no experience with Unraid, so I'm unable to help with that :(
@derekpearce2491 5 ай бұрын
Just found this amazing video but my issue is that I can now access my Nextcloud through Cloudflare tunnel, but the desktop and mobile app cannot. Do you know why that would be case?
@pablordgz Жыл бұрын
Hi, nice tutorial, only have one problem, I set everything up and it works fine but upload speeds are terrible, it uploads everything, no matter the size, at less than 50 KB/s, the thing is that only happens if I use it through cloudflare tunnels, if I open my ports to access it directly (which I only did for testing, it's not something I'd like doing), the upload speeds are much higher, just what they should be, any ideas?
@Jamprince25 Жыл бұрын
Hi David love the tutorial... I have more questions than answers... I noticed that you had 2 instances of next-cloud running, of which they did not have the standard portainer IP schema. Did you use a MAC Vlan or did you just create a new IP schema for your docker containers. I'm asking because i have followed your instructions to the "T" and i am unable to get my cloud flare tunnel to successfully connect to my next-cloud. It works for a few of my other containers like grafana, and i IOT device i use to monitor the temp in my network room. I even went as far as changing my port from 8443 to 8080 and still the same error. Bad Request Your browser sent a request that this server could not understand. Reason: You're speaking plain HTTP to an SSL-enabled server port. Instead use the HTTPS scheme to access this URL, please.
@xa-xii9338 5 ай бұрын
Having a similar issue did you ever find a fix?
@noorberty Жыл бұрын
I have a similar setting with cloudflare tunnel, but I can not get the real IP addresses when someone tries to logging into my cloud. So it's a security issue. There is a way to fix it without reverseproxymanager?
@flahiker Жыл бұрын
Thanks for the great content again David. I took this a step forward and added the cloud flare tunnel as a container in my stack using the same network. here is the snippet that I got working with leantime as an app: version: '3.3' services: leantime_tunnel: container_name: leantime_tunnel image: 'cloudflare/cloudflared:latest' restart: unless-stopped command: tunnel run networks: - leantime-net environment: - TUNNEL_TOKEN=XXXXXX networks: leantime-net: external: false
@DBTechYT Жыл бұрын
This looks great! Something to keep in mind is that you can use a single Tunnel for multiple applications, so you don't need to deploy a tunnel for each application. I plan on making a video about this soon!
@flahiker Жыл бұрын
@@DBTechYT Thanks David! I experimented with this a bit with some of my self-hosted domains and I found that in Cloudflare tunnel configuration, for public hostnames, you can use the name of the container that hosts the target service instead of the server's IP! So in essence if you setup a docker-compose file and use a network, the container names will resolve in the tunnel for the hostname services. This is very helpful in the case you have a cluster (Swarm or Kubernetes) and your containers are spread across multiple nodes. I do agree that you can use a single tunnel for multiple apps. I am going to use a tunnel for each domain I self-host as they are a stack in portainer today. Keep up the great work. I learned a lot from your channel!
@CozyTek Жыл бұрын
@@DBTechYT nice. yes I myself have one tunnel running with access to 6 apps so far and growing. This video finally got my nextcloud working but with one extra error than you that I am still working on so thank you. now I just need the exact same style video as this for home assistant and I'm golden! Thank you again!!
@CozyTek Жыл бұрын
that one tunnel even gives me access to my synology NAS. ;)
@martingerlach_1990 Жыл бұрын
I have a question. You live in USA and you edit the config file with default_phone_region=US. What should you do, if you don't live in US, e.g.: default_phone_region=AT for Austria or default_phone_region=DE for Germany?
@DBTechYT Жыл бұрын
Change it match your region
@PhillPriceUK Жыл бұрын
Cool, exactly what I was looking to learn today. Please tell me the mail passwords have been amended since this from config.php though?
@DBTechYT Жыл бұрын
Great to hear!! And, yes, the passwords have been revoked/changed :)
@antonh4179 19 күн бұрын
Thank you!
@OfficialMikeJ Жыл бұрын
Which volume do I want for storage ?. I want to direct the storage to my 2TB drive but not sure which volume that would be for the stack ?. I see there's this volume directory: /home/docker/nextcloud/db:/var/lib/mysql then there's a bunch of other ones but I would guess you don't want to mess with those ?.
@DBTechYT Жыл бұрын
You're going to have to mount the 2TB drive on your system. I don't know what you're using, so you're going to have to sort that part first. Once you have the drive mounted, you can mount the volumes to that drive in whatever folder you want
@rtyler1869 Жыл бұрын
Thanks for this. Quick question. I have set next cloud up on my TruNas Scale server. Would the cloud flare tunnel access work for this.
@DBTechYT Жыл бұрын
It should
@rtyler1869 Жыл бұрын
@@DBTechYT thanks David. I will give this a go when I get home from work toaday
@geozapata3865 Жыл бұрын
THANK YOU !!!! I was googling for hours on how to address the "trusted _domains" issue. Love you content David
@ChrisDePasqualeNJ Жыл бұрын
First - Excellent KZbin Channel. Did you really quick your day job to do KZbin? Kudos to your vidio editor too. 🙂 My question is. I currently expose a random port on my firewall and then use Cloudflare Origin rule to rewrite 443 to the random rule that I have open on my firewall - then port Forward from random port to 443 to my Nginx proxy server. And now for the question. With CloudflarD Tunnels, do I still need Nginx? Cuz the last two times I installed this on my Docker it broke my RPI. Thank you and keep up the good work. Chris
@DBTechYT Жыл бұрын
Hey Chris! So..I didn't quit my day job so much as a medical incident in 2016 made is very difficult for me to go back to a "normal" job. So I started doing KZbin in hopes to bring in an income. I'm just a one-man-show who work in a little corner of the house, coming up with video ideas, recording them, and then editing. To answer your question about port forwarding, Nginx Proxy Manager (NPM), CloudFlare tunnels, etc., I'm actually releasing a video about this tomorrow, but, to give a quick answer, you can use NPM with CloudFlare tunnels if you want to, but I've completely removed NPM from my homelab and use CloudFlare tunnels exclusively.
@TheHenmistro Жыл бұрын
Hello, just on this I have no issue getting your set up however I cant get this working with the app? It says theres a malformed server config, I dont knnow what that refers to althoguh
@haydenc2742 Жыл бұрын
Will those setting stay persistent if you update your NextCloud container??
@user-be9go5rh6t 10 ай бұрын
Can you get talk working while using a Cloudflare tunnel on NextCloud? I mean it works but no audio or video can make it off the network. I can not seem to find any docs on this.
@andientronven Жыл бұрын
do you have video for the update with nextcloud aio docker compose?
@AlejodelosReyes Жыл бұрын
Hello! Thanks so much for the tutorial! About the passwords, it sort of concerns me to have the mariadb key also printed on the dockercompose file. Is it possible to do it in a safer way? I guess if someone gets to peek my portainer/docker settings could hack into my db... or am I being too paranoid?
@DBTechYT Жыл бұрын
The likelihood of someone hacking into your portainer is pretty low unless your security is REALLY bad and you've made enemies with hacker types. That said, you could use a secrets file to hide all of your sensitive data
@AlejodelosReyes Жыл бұрын
@@DBTechYT Thanks for replying. I was googling for this when I saw you replied. I'm a noob and just want to set up a nexctloud server but exposing it to public internet is freaking me out a little bit.
@DGiyenko Жыл бұрын
How do you deal with cloudflare shutting down your account for violating the ToS? The user agreement specifically states that cloudflare is to be used to host web pages etc. and file transfer, as well as streaming via cloudflare will result in them suspending your account.
@cicievie 11 ай бұрын
they removed that ToS..
@ExcaliburAMV Жыл бұрын
Hey! Greate video, I have loved watching clouflare tunnel stuff from you! I have a quick question though, whenever I set up my tunnel for Nextcloud I always get 502 on the connection, however if I change it to another service it works fine. I even tried to change the port of the nextcloud service but this issue still persists, do you have any idea what could be happening?
@ParleyWells 10 ай бұрын
I have this same issue.
@xa-xii9338 5 ай бұрын
did you ever find a fix?
@NhatLinhNguyen82 Жыл бұрын
FYI to anyone, when you set up your cloudflare and put force policy HTTP to HTTPs, do not put overwriteprotocol to HTTPS in config.ini. It would cause infinite loop of redirect.
@EldroReis Жыл бұрын
According to nextcloud documentation, to update to the next version you have to remove the previous nextcloud container, and doing so you lose the apache configuration (caldav etc.). Is there some way to make this configuration persistent or to embend it in the compose file?
@DBTechYT Жыл бұрын
You should be able to pull the new version of the container, stop your existing container, and then bring the container back up and it should use the new version. The only reason it wouldn't do that is if your docker-compose has a specific verison in it rather than :latest
@justinsmall9149 7 ай бұрын
how to access home assistant from outside local network running home assistant on a docker container with no add ons
@sergeantsapient 11 ай бұрын
I was hoping I could find a solution to my problem. I have Nextcloud running behind a reverse proxy and no exposed ports on the container. I'm able to get to it through the internal domain I set up the proxy rule for but using my Cloudflare tunnel external domain causes it to redirect to the internal one which means I can't access it from outside my network. I don't have an issue with the other services I have running through a Cloudflare tunnel and it seems to be something specific with Nextcloud that I'd like to either disable or configure to work with Cloudflare. I was hoping this video would help but DBTech isn't running behind a reverse proxy and in fact I never even get the error about an untrusted domain.
@horus6915 Жыл бұрын
Editing the file for caldav was good but when I updated, obviously, nextcloud wiped what I did in this file. I don't want to update this file everytime so I don' t know if there's a definitive solution.
@retpaladin593 6 ай бұрын
I am trying to set up the cardav part in my truenas scale thru its shell but for reason the config wont save
@nwdsc Жыл бұрын
Great video. can you show how to use multiple apps on the same cloudflare tunnel? Thank you.
@jeytis72 Жыл бұрын
I'm interested in it too
@msdosfx Жыл бұрын
Click on your tunnel > Configure > Public Hostname > add public hostname
@icquintos6354 21 күн бұрын
I'm currently trying to run this, but when I try to connect to my nextcloud using the cloudflare tunnel, it runs so slow. I runs perfectly when I use the my.local.ip:port locally. please help!
@MichaelCarreras 9 ай бұрын
Dude, Thank you, finally got this working. Have the transactional file locking error, but I don't care. if ya care to suggest a way to solve it, with out having to redo everything, that woudl be great, but if not, Oh well!! Thanks again!! p.s. you move fast!! Only thing I have issue with is the php upload size did not change. limits at 586 mb or something like that, I did not use the same composer file as you tho and I don't think I am running the same database either!!! I don't know, I just know that I built a great composer file and you helped me get it all working. So there, as we say down south.... nevermind, I'll refrain and keep plugging at it. I am running progrese or something like that so if ya have any idea why the php upload size might not be changing with the .htaccess edit let me know, and thanks again. Great Vid!!!
@bradpatterson8386 5 ай бұрын
Hello, I am using portainer and when I run the docker command to download and run the cloudflare docker image. It does but does not show up in portainer - only docker. I have setup cloudflare but cannot access the CF url in docker so I am thinking there is some diosconnect between Docker and Portainer. So is there a way to run the docker cli command to create a conatiner? I am using linux mint ....
@DBTechYT 5 ай бұрын
Here's a docker-compose you can use in Portainer or in command line. Just change the Tunnel Token to whatever Cloudflare give you: dbt3ch.com/books/access-your-self-hosted-services-without-port-forwarding/page/cloudflare-tunnels-docker-compose
@bradpatterson8386 5 ай бұрын
@@DBTechYT Thank you that did the trick.... I have access now.
@arvidjonas Жыл бұрын
Hi, thank you very much for the tutorial! However, I always get the warning that the Strict-Transport-Security HTTP header is not configured to at least “15552000” and that I should enable HSTS. I already tried some tips involving the default-ssl.conf, but (probably because I'm using a cloudflare tunnel) it is not working. Do you know how to fix this problem?
@CozyTek Жыл бұрын
I am having this same issue and I am looking for a solution as well. Apparently I need to add something that looks like this: add_header Strict-Transport-Security "max-age=15552000"; to some config somewhere but still searching for the answer for now.
@arvidjonas Жыл бұрын
@@CozyTek I already tried something like that, but the problem appears to be that the container is without SSL. However, I was able to fix this problem by enabling HSTS in the Cloudflare SSL settings. So far, it seems to work as the error message is gone.
@sevenelven Ай бұрын
Starting at 16:00, modifying config file doesn't seem to be the best solution for this. Isn't the image going to be rebuilt when a new version comes out? Meaning your config changes will be overwritten by the default values after updating nextcloud?
@DBTechYT Ай бұрын
That's absolutely a concern. If you want to prevent your config customizations from being overwritten, you can create your own config file somewhere on the server and then map its location to the location of the config file in the container via the volumes section. Something like: - /path/to/custom/config.php:/path/to/config/in/the/container/config.php
@U1TR4F0RCE Жыл бұрын
how would this interact with stuff where you have A records with the host? I'm following this as a continuation of having successfully followed the vaultwarden on pi set up and being able to set it up without port forwarding seems better but I'm not sure what I need to change from the previous set up to have it work with cloudflare tunnels.
@DBTechYT Жыл бұрын
This completely replaces NGINX Proxy Manager. You might want to go watch this video for more information: kzbin.info/www/bejne/jKO5Yaiah7qcbqM
@U1TR4F0RCE Жыл бұрын
@@DBTechYT Okay, I think I just might be a bit too bad at following through and properly understanding how to backport the fixes so I think I'll just grab the data from the vaultwarden do a factory restart of my raspberry pi and then go from the top with cloudflare tunnels. And then trying to replace nginx with cloudflare tunneling in the vaultwarden tutorials. Though I might just return to nginx reverse proxy since I don't really have the experience or the knowledge of docker, raspberry pi or linux to figure out myself what I'm doing wrong that's preventing it from working.I feel.
@U1TR4F0RCE Жыл бұрын
Or maybe what I should do istry and set up other things from Raspberry Pi 4 home server series in terms of just getting duplicati set up. Then Nextcloud as done here, then homeassistant, then back to vaultwarden.
@simongajdosik5105 Жыл бұрын
Did you try Talk function? Because cloudflare is not allowing traffic for STUN ports..
@MarkConstable Жыл бұрын
Could you please hit ctrl+ a few times to increase the zoom level of your browser shots.
@ilducedimas 7 ай бұрын
You rock!
@itsjoshuablaine 24 күн бұрын
Wanna know what I as an individual who is into order appreciate? Consistency.. Know what I didn't get here when attempting to pair up your video docker-compose file with the companion one on your website? Oh yeah, that's right.... Consistency... Everything was all swapped around. I speak for all of us when I say that I appreciate that.
@reddragon9911 Жыл бұрын
Thank you
@immortalcyanogen779 Жыл бұрын
Hey David, I am having issue with cronjobs as it says some jobs hav'nt run since ~5 days. Have you check your nextcloud if everything is working fine there?
@DBTechYT Жыл бұрын
here's what I would recommend for cron jobs. Set up an Uptime Kuma container. Then get your NextCloud cron job URL and have Uptime Kuma ping it periodically and that will run the cron jobs for you and keep things working better. I made a video talking about this technique at one point, but I don't remember what video it was in. You might check this video? kzbin.info/www/bejne/qJuadY2ajLJ-aM0
@immortalcyanogen779 Жыл бұрын
@@DBTechYT yes here is the problem. As on the first day when I set it up, it was working as I followed your whole video including uptimekuma. Even now, the uptimekuma shows no errors but when I go to the Basic settings in nextcloud, there it says some jobs did not run since 6 days( the number of days since I installed the nextcloud). Is this just a message in raspberry pi or, is it really not working?
@immortalcyanogen779 Жыл бұрын
I mean, after couple of days it just start showing me that error everytime I install nextcloud. I use cron for cron jobs. Even though, if I try to change it to Ajax or webcron, it still give the same warning.
@DBTechYT Жыл бұрын
Then I would assume that something isn't running. I would look into your container logs and make sure that you have the right cron job setting configured in NextCloud and that you're using the right URL to ping periodically.
@immortalcyanogen779 Жыл бұрын
@@DBTechYT Alright. Then where should I share my logs with you?
@emrelabarjr6803 6 ай бұрын
i can get this to work with no issues though a browser but i cant through the phone app or desktop app. Thoughts?
@DBTechYT 6 ай бұрын
Are you using the app? Are you accessing via a browser? If you're using the app, did you put in your nextcloud URL in the setup?
@flocassilla Жыл бұрын
Nice video
@DBTechYT Жыл бұрын
Thanks!
@Peiboldb Ай бұрын
Hello! I have a problem. I can´t run the portainer console. Portainer have a error: Unable to retrieve image details. Do you know what is the problem? Thanks!
@alimohsen2394 Ай бұрын
it seems an issue with docker itself I logged in to debian and used this command sudo apt install --allow-downgrades docker-ce=5:25.0.5-1~debian.12~bookworm
@alimohsen2394 Ай бұрын
i spent 3 hours looking for a fix and that's the solution so far
@jeytis72 Жыл бұрын
Can we use cloudflare tunnels along with Nginx PM? If so, could you please make a video about it? Thanks
@DBTechYT Жыл бұрын
This replaces NPM
@U1TR4F0RCE Жыл бұрын
@@DBTechYT with this replacing nginx proxy manager how does this interact with tutorials for vault warden? Or is this one of those things where for that you probably would want to port forward?
@satoshiborishi6898 10 ай бұрын
I followed the tutorial and I was able to get it up and running on a Orange Pi 5 with Ubuntu server and M 2 SSD
@edgardoirizarry9997 Жыл бұрын
Hey buddy, thanks for the video. I was really looking forward for this video. I tried to edit my setup on my UnRaid server and got a 400 error message which is not a big deal. I think I might know what is the problem but I just need confirmation, do you advise to do a fresh install? I have OMV on a VM on Unraid and on my RPI4. Again I think video was good l.
@DBTechYT Жыл бұрын
I've heard mixed results when doing this on RPi, but haven't tested it for myself. I probably should just so I can verify everything.
@edgardoirizarry9997 Жыл бұрын
@@DBTechYT I will do a fresh install, that way everything goes smoothly. Thanks buddy keep the good work.
@edgardoirizarry9997 Жыл бұрын
I got my old Nextcloud to work using the same steps, only thing I had to change was from http to https and turn on one of the options on TLS which it was giving me a message saying server not reachable or refusing to connect.
@striaghtlearinthequetar9146 Жыл бұрын
@@edgardoirizarry9997 Can you expand on this or share your TLS solution? Currently trying to set this up on my Unraid and running into the Error 400 via HTTP and getting the cloudflare Bad gateway when doing HTTPS. Can't figure it out. Thanks!
@thatdude610 Жыл бұрын
Anybody figure this out? I also get the 400 error. All other Dockers in unRAID work with the tunnel. Next cloud gives a 400 error.
@sahidb.7419 11 ай бұрын
Anybody knows how to edit the 000-default.conf file in a Unraid instance? no matter what I tried in command line I get permission denied to try to nano edit the file and file is only mounted when container is running
@lcbdias Жыл бұрын
It worked as expected. But I'm having a hard time trying to connect via Android app. Is there any settings in Cloudflare preventing the Android app to connect through the URL domain?
@DBTechYT Жыл бұрын
I've never encountered that issue. Hopefully you find a solution
@lcbdias Жыл бұрын
@@DBTechYT i found the solution. In the end the problem was that i had created a self-hosted application on Cloudflare for that domain and this was creating some conflict.
@DBTechYT Жыл бұрын
Thanks for the update!!
@Speedbeat Жыл бұрын
Thanks!
@DBTechYT Жыл бұрын
Thank you for your support!!
@asherdabspro Жыл бұрын
This is Great, David! I have a cloudflared tunnel with full (strict) with origin certs downloaded that I’ve confirmed can get to my Rpi4 and have installed Nextcloudpi through the install script. My Rpi4 is Raspbian OS 64 Bullseye. The ddns site is registered to a .ml domain, as the config of the tunnel differs with this domain type. I could be persuaded to install the nextcloudpi through the docker image method, as I now have an SSD in the pi and don’t need to have the data directory on the storage USB drive (not an option in docker image) and I can arrange for the external drive to backup data from connected devices through the nextcloud interface. The main issue that I’m having is that I cannot seem to have the ddns direct to the nextcloud instance and I keep getting the redirect error message that doesn’t allow it to securely bring up the page. Apache2 site redacted below: ServerName 192.168.1.XX Redirect permanent / sub.domain.com/ ServerName sub.domain.com DocumentRoot /var/www/nextcloud CustomLog /var/log/apache2/nc-access.log combined ErrorLog /var/log/apache2/nc-error.log SSLEngine on SSLProxyEngine on SSLCertificateFile /home/$USER/Documents/sub.domain.com.pem SSLCertificateKeyFile /home/$USER/Documents/sub.domain.com.key # For notify_push app in NC21 ProxyPass /push/ws ws://127.0.0.1:7867/ws ProxyPass /push/ 127.0.0.1:7867/ ProxyPassReverse /push/ 127.0.0.1:7867/ Options +FollowSymlinks AllowOverride All Dav off LimitRequestBody 0 SSLRenegBufferSize 10486000 Header always set Strict-Transport-Security "max-age=15768000; includeSubDo> And my Cloudflare Tunnel redacted is: tunnel: $tunnel-ID credentials-file: /home/$USER/.cloudflared/$tunnel-ID.json ingress: - hostname: sub.domain.com service: 192.168.1.XX - service: http_status:404
@chacho9948 Ай бұрын
hello DBtech good video, I tried to do it but it is giving me the error "internal server error" already tried everything, delete the folder, fresh install and it does not work and if it works it comes out sql error
@Robertjaymercer Жыл бұрын
HELPPPP! I get an error after creating my tunnel saying "Your data directory is readable by other users. Please change the permissions to 0770 so that the directory cannot be listed by other users." I tried chmod, chown, recreating a user... it was intalled on root user with OMV6 on external drive. I don't know what to do :( can you please help me...?
@RUPAMMANDAL05 Жыл бұрын
Please show us how to enable ssl on nextcloud with cloudflare ssl certificates.
@RUPAMMANDAL05 Жыл бұрын
I figured this out and using ssl on cloudflare tunnel on nextcloud
@MrDennisloi Жыл бұрын
New subscriber here, very cool video! I followed the instruction and i can now access nextcloud from the internet, but i get SSL_ERROR_RX_RECORD_TOO_LONG (on firefox) while trying to access it with the local ip. (I want local access to transfer files faster)
@suryasararhipahari3642 Жыл бұрын
Thanks for the video, but after setting up this way still I am not able to upload any file more than 10mb through cloudflare tunnel but while using through local ip address able to upload 1gig file easily, looks like some problem from cloudflare tunnel side, can you please suggest any debugging step?
@DBTechYT Жыл бұрын
Did you change the chunking setting that I showed? I uploaded multiple files much larger than 10mb without issue.
@suryasararhipahari3642 Жыл бұрын
@@DBTechYT yes changed that and also happy eyeball one. And this issue is not only for nextcloud , similar thing happens with web-filebrowser also .
@DBTechYT Жыл бұрын
That sounds like an issue somewhere outside of CloudFlare. Others have commented about uploading larger file sizes while using CloudFlare
@suryasararhipahari3642 Жыл бұрын
@@DBTechYT may be, for Web-filebrowser I can upload large files while using local Ip ,but failed while using tunnel.I will explore on it . By the way thanks a lot for showing me this cloudflare tunnel as mt ISP doesn't allow port forwarding. I ma using cloudflare tunnel from your first video about ,and able to expose my home server services to the internet which doesnot required large files. Thanks a lot again.
@wolvrG Жыл бұрын
@@suryasararhipahari3642 I have read about that issue. It is to do with some MTU setting. May be check internet for that.
@TheASofMacWac Жыл бұрын
How can I get Plex Remote Access working without port forwarding? I am locked behind a CGNAT, I have had a reverse proxy suggested but I do not have a clue how to set it up. My Plex is in a docker container, on OMV6, on a Pi 4.
@DBTechYT Жыл бұрын
Well I would start by not spamming the same comment on multiple videos. Beyond that, using Cloudflare tunnels for Plex access would be against their terms of service. I would suggest buying a premium license to Plex and then running your traffic through their proxy.
@TheASofMacWac Жыл бұрын
@@DBTechYT I need more than the 2Mbps limit though?
@DBTechYT Жыл бұрын
I don't know about the specifics for speed requirements, but if you only have 2Mbps upload, you're not going to have a good time with trying to watch remotely
@TheASofMacWac Жыл бұрын
@@DBTechYT no I mean I need more than the 2Mbps upload limit that Plex Pass has. I’ve got 20Mbps upload.
@GSGWillSmith Жыл бұрын
Thanks for the tutorial! Does this mean that nginx proxy manager and such are obsolete?
@DBTechYT Жыл бұрын
depends on how you want to run your network, but I prefer this method
@GSGWillSmith Жыл бұрын
@@DBTechYT thanks for the quick reply. Maybe a video on the advantages and disadvantages of the two as alternatives to each other would be nice!
@DBTechYT Жыл бұрын
If you don't want to open ports on your network and you want the security of CloudFlare protecting you, you use CloudFlare Tunnels. If you want everything on-premises with a bit more work on your side, you use Nginx Proxy Manager
@GSGWillSmith Жыл бұрын
@@DBTechYT thanks for the clarification!
@GSGWillSmith Жыл бұрын
@@DBTechYT actually I'd appreciate a video then about how to integrate authelia. I'm using it to secure photoprism as it does not offer 2FA yet. It works on NPM, but the process to integrate it into Cloudflare tunnel seems fairly complex 🙄
Awesome Open Source
Рет қаралды 89 М.
The Linux Experiment
Рет қаралды 93 М.
Jim's Garage
Рет қаралды 39 М.
Lawrence Systems
Рет қаралды 176 М.
spline
Рет қаралды 221 М.