NextCloud Without Port Forwarding via CloudFlare Tunnels

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey guys in this video we're going to take a look at getting next cloud set up in docker as we've done in the past but in this video we're going to do a few additional things like setting up proper crons we're going to make sure that our our security and setup notifications are taken up or taken care of as much as we can but we're also going to take this to a different level than we've done in the past and we're going to make this accessible on a domain without any port forwarding using cloudflare tunnels but first a quick message from today's video sponsor this episode is sponsored by lenode the largest independent cloud computing provider if you don't want to or can't for whatever reason self-host applications the way we talk about on this channel lenode provides virtual servers that make it easy and affordable for you to host anything in the cloud you can set up any of the applications that they have available in their marketplace with just a few clicks or you can set up your own docker vps and install basically whatever you'd like in a docker container they have load balancers and firewalls available to help keep your apps online and safe if you run into any trouble getting set up lenode comes with amazing 24 7 customer support by phone or ticket along with hundreds of guides and tutorials to help you get started sign up today at lenovo.comtvtech and get a 100 60 day credit on your new lenot account links are in the description you may have seen one of my previous next cloud videos uh but here recently i've kind of switched up how i handle my reverse proxy stuff and i've actually encountered uh people out there whether it's in forums reddit whatever saying that they were having issues getting next cloud to work with uh with cloudflare tunnels and that's kind of what prompted this video so if we jump over to my desktop here we can see that i do have next cloud up on a on a domain a subdomain uh and it's up it's working if i come over here to files uh we can see that uh i've got all kinds of different files in here uh as far and and we can see that like one of these files i uploaded was six megs one of these other files was 1.1 gigs i didn't have any issues at all uh either in next cloud or in cloudflare tunnels with this configuration so like i said earlier we're also gonna take care of a few different things uh like in the settings uh we've got you know some crown jobs that we're gonna set up actually using a third-party container called uptime kuma i actually really recommend uptime kuma for a few different reasons one it will let you know if a container goes offline but two you can actually use that little that service that checks for for whether or not a container is online to run cron jobs locally without having to get into crontab or using a third-party service uh like that also facilitates cron jobs that may cost some money so uptime kuma is just a it's a quick and easy docker container to deploy that you can actually point to your cron.php file and it will run the cron jobs for you it's just real slick method that i figured out here a while back so the other thing that i wanted to take care of is over here in the administration under setup or security and setup warnings so it's got it it says your web server isn't set up properly to resolve web finger and node info i've found no good reason that this even matters uh if you know why these things may matter let me know in the description or in the comment section down below uh i may pay more attention to it at that point but uh from my experience from the stuff i've researched these don't really matter for the average user uh also this module php image link or a magic uh has no svg support that was actually done for for security and privacy reasons by default over here on next cloud's docs um if we scroll down to do the following providers are disabled by default due to performance or privacy concerns so that's why that error is still there you can go the extra mile if you want to go and and and correct that or bypass that or whatever but again for security performance reasons i'm not going to delve into that uh it's just i don't know that it's worth the hassle and headache to deal with so with all of that said uh let's jump into getting this installed in docker so i'm gonna be doing this in open media vault six uh that's kind of irrelevant but i just wanna want you to know where i'm starting here i'm also going to be using portainer for this for the initial deployment of nextcloud so if we come over here to our portainer dashboard here go to stacks you'll want to add a stack but because i've already got this i'm going to click over here on editor and here we can see um the the docker compose that's in here this is straight from next cloud so basically we've got uh a version two docker compose or or stack if we're going by pertainer terminology here we've got a couple of services the first one is a database we're using marie database 10.5 the restart policy on this is always there is a very standard database command to run this just so that everything works appropriately in the background we've got a volume for where we're going to store the database itself um you can store this basically where any wherever you'd like um i'm going to store it in home slash docker slash next cloud slash db of course if you wanted to if you were using like like i am open mediavolt and you wanted to put this in a shared path or a shared folder you could absolutely do that but for the sake of simplicity i'm just going to put this in home docker next cloud db and that's where we're going to store that next we've got some environmental variables i have a mysql root password and my sequel password a mysql database and a mysql user uh definitely change the mysql root password and my sql password uh make those something other than what i've got here uh of course okay as always all of this will be available in the description down below if you want to just copy and paste and go from there but if you do that be sure to to change the root password and the my sql password for security reasons uh the next thing we've got is an app that could be named anything they named it app for whatever reason but that image is going to be next cloud and the restart policy on that will also be always uh we've got uh uh ports 8080 linked on the outside and port 80 on the inside uh you could put this on basically whatever port you need to change to just make sure you only change the 8080 don't change the the the 80 after the colon there uh we're going to link the database we're gonna make sure that the the next cloud uh container depends on the database being up uh that's what the links and the depends on uh uh setup there is four below that we've got some volumes uh for next cloud uh the config custom maps data themes uh you can again map those wherever you'd like them in fact for that matter you don't even necessarily need to do this much granularity but uh for the sake of being able to get in and modify some things easily this is how i found it to be the easiest way to do it and we've got a local time set on here i don't know if that's even necessary either but there you go so below that we've got some environmental variables here now um you're going to see some passwords in here i don't care uh like the email password that's going to go away that won't even be relevant by the time this video goes live it's fine so we've got a mysql password that we've also seen up here we've got a database and a user both next cloud and we've got a mysql host of db that db is actually dictated by the service name that's up at the top of the the docker composer the stack there we've got some smtp stuff we want mail in case we lose a password in case we want to get notifications for things whether it's updates or whatever the case is email is a good thing to have in here so we may as well just do it from here now if you don't want to put this in here for security reasons uh you don't want to put you know usernames and passwords and that sort of thing in your docker compose or your stack whatever you don't have to we can absolutely go into next cloud later and put this stuff in manually if we want to do that but it's here just for those who who like to put it in their their docker composer stacks whatever and once you've got all of this filled in the way you'd want it filled in you're happy with with how everything looks here and where everything's going to be stored what you can do is just scroll down and click on deploy the stack of course mine says update the stack but uh we are going to deploy the stack with this big blue button right here so we're gonna go ahead and click on that and i'm just gonna click update we're gonna hang out for a minute and we're gonna let this do its thing once it's done we will come back and take a look okay so just a couple of moments later because i already had the images downloaded we've got this and basically it looks like our next cloud database and our app are up however what we want to do is jump into the logs for the next cloud database and here we can see that it is initializing the database files so while it's doing this in fact that actually happened pretty quickly uh basically what we want to do is wait for this to finish uh there will be a kind of a a message at the bottom that will reference port 3306 and usually that's a good indicator that the database is up and running um so we're gonna go ahead and give this just another moment there it is and now our database should be up so what we can do is come back and take a look at the logs for our uh next cloud app like so and this says apache 2d dash d foreground usually that's a pretty good indicator that things are working as well so what i'm going to do is uh click here okay so this wants us to create an admin account so what we're going to do is do that exact thing so i've gone ahead and entered a username and a password and now i can click install as long as everything goes up the way we want it to we shouldn't have any issues as long as uh you didn't you know fat finger a password or something like that so we're going to give this a minute to do its thing here in a moment we're going to get a screen that's like hey do you want to install the recommended apps once it gets to that screen we'll come back and take a look okay as promised here we are just a couple of minutes later and we can see that it's saying hey here are some recommended apps and we've got two options one we can click install recommended apps or if we don't want to or whatever we can click cancel but i think to get the full breadth and scope of kind of a basic install we're going to go ahead and install the recommended apps this will just take a few minutes and once this is done we will come back and move on to the next steps okay again just a couple of minutes later it's got all of those different uh applications installed and we are on our next cloud page where he says next cloud hub 2 here there there's an option you can kind of click through here and get familiar with next cloud and if you're not familiar with next cloud i encourage you to do this for the sake of keeping this video as as concise as possible we're not going to go through that right now what we're going to do is click close there and what we want to do is come up to the top right where our initial is we're gonna go to settings now you'll notice that this is being kind of slow and that's that's just normal at first everything kind of runs slow while it's getting settled in that's fine it will get better it should it should it should get better it should get better so basically here we are this is our profile and what we can do is come up here to overview so here we are on the security and setup page and we've got some error messages the first one that it's it's really having a problem with is as it says you're accessing the site in securely via http uh you're strongly advised to set up your server to require http and ss instead as uh as per their security instructions that's fine i think this is a good point to to go and get a cloudflare tunnel set up specifically for this configuration so let's go over to cloudflare tunnels and get started so here we are i am logged into cloudflare i've already got my domain name pointed to cloudflare uh there there's lots of information out there on how you can do that um and basically just involves buying a domain name from your preferred domain name provider and pointing uh your domain to cloudflare once you get it set up again there's lots of resources out there i don't want to go too much into that because it's gonna be a little different for everybody but once you're here once you've got your domain name set up and you've selected your domain over here what you can do is come over here to traffic go to cloudflare tunnel and then click on launch xero trust dashboard what it's going to do is bring you over to here to a different dashboard and what we want to do is go to access and tunnels you can see that i've got a couple of different tunnels in here already i'm going to create a new tunnel specifically for this configuration so i'll click create a tunnel i'm going to call this next cloud you can name it whatever you want but just so i remember later that's what this is for and you can have multiple applications on a single tunnel i'm just creating a separate tunnel for this tutorial so hopefully that makes sense so here we are on the install connector page for this tunnel now there are a few different options depending on what uh what operating system or what environment you're using here there's windows mac debian red hat and docker uh so there's a few different ways that you can do this however i have an issue with the docker route because it's tedious um which i know sounds silly but um oh maybe they actually changed it maybe they actually changed it looks like they did it used to be that so i i retract my previous statement they have fixed uh my my my issue here it used to be uh you know docker run and then cloudflare slash cloudflare and then it was a version rather than latest um and that meant that anytime there was an update to uh anytime they updated their end it was you go install a new connector and it was real pain in the butt however now that they've got latest in here well done guys so what we're gonna do is we're just gonna come over here to our uh to our terminal window we're gonna log into our server and once we're here what we can do is just right click and click enter it says i can't find this locally so i'm gonna go ahead and download and get it configured and there it is it is installed um and it says so at this point we should be good to go uh of course you can see some information i'm gonna have to blur later but we can see the version is the most current version at 22.8.2 so that's good we're glad to see that what i actually want to do though is actually go back to portainer go to containers and right here we can see this uh priceless almeida yours will be named differently but that is the container that we can see is cloud flared latest so what i want to do is open this up duplicate and edit go to the restart policy and change it from never to always and then click on deploy the container and replace uh that's going to just really simplify everything i'm actually really stoked that i saw this i wish i had seen it sooner but but basically this is how we're going to be able to not have to forward any ports in order to gain access to this remotely hopefully that makes sense basically we're going to use this cloudflare tunnel for our remote access with no port forwarding so once we've got that in fact if we come back over to this we can see that it exited it's fine that doesn't matter but our our container is up and running and we're good to go so the next thing that we're going to do is actually go come back over to here uh we're going to click on next and then we're going to set up a domain name for this in fact i'm going to set up a sub domain for this i'm going to call this a cloud and i'm going to do a dbt tech.com like so and it says there's no dns found for this that's fine don't worry about that what we're going to do next is select http i know that we're going to be accessing this on https however the the the actual container doesn't have an ssl in it if it did if there was like a 443 or 8443 or something like that in that case then we would select https because we're just accessing this basically import 80 we're going to select http the next thing we want to do is actually come over and grab the url or the ip address end of the port that we're going to access this on oops we're going to paste this right in there and then clean this up like so and then we'll come down to additional application settings http settings and i like to disable uh chunked encoding like so and then for the connection i like to do uh no happy eyeballs and then click save and now we've got next cloud right here i'm gonna go ahead and click uh on configure and i'm gonna go to public host name and i'm gonna click and it's gonna throw an error and that's actually good that means the security that's in place for this is working so the next thing we want to do is actually change our config.php file if you'd like to get early access to my content you can head over to patreon become a channel member here on youtube or head over to dbtech.fans and any of those ways will help support the channel and give you early access to ad-free content so to change our config.php file what we'll do there's a few different ways you could go about this we're going to do this in portainer though so what i'm going to do is come over here to our app right here and i'm going to find a little console button right there i'm going to click it and then i'm going to click connect and then if we do an ls-a here we can see we've got like htaccess files and config folders there's lots of different stuff in here some of it we're going to play with most of what we're going to leave alone what we want to do is actually do a um we're going to do apt oops we do apt update and then we're going to install nano uh just just because it's easier i don't like using some of the other editors so i'm just gonna do app update and then apt install nano and then we can do nano config slash config.php and here is our configuration file or config.php so we're going to change a few different things in here for the sake of making everything work the way we want it to what i want to do is actually come down right here we can see that our trusted domains uh is fine but what we've what we've got here is an ip address and basically it's saying this is the only way i'm going to allow you to access your dashboard or anything right so what we're going to do is create a new line i'm going to do one space equals greater than and we're going to do uh cloud.dbtech.com that's oops that's not right tb let me make sure i've got that right cloud.dbtech.com there we go like so and that oops and then we're going to do we're going to end that and put a comma at the end there and then we're going to keep scrolling down here a little bit and you can see that there's some other stuff going on in here we're going to add a few more things into this just to just to jump ahead a little bit and so basically what i'm going to do after here where it says installed equals true i'm going to drop down to a new line and i'm going to paste this stuff in here and then i'm going to reconfigure some stuff i'm going to reformat some stuff rather there we go that was a weird but we're going to fix it default phone region right um it it doesn't seem like a big deal other but it will it'll throw a hasty fit in the background saying you don't have this setup it probably doesn't matter but it's just one le one one fewer thing to see in that dashboard as far as little little temp temper tantrums it's going to have there we go uh so what we've done is we've done an overwrite protocol equals https uh that's going to help us fix that https issue that we were seeing uh in in the dashboard in fact we come back up to here once we start accessing this on um on our domain name if we don't do this overwrite https thing it's going to throw a different error so we're gonna fix that rather we're gonna get ahead of it so we don't have to see it next we've got a default phone region again that's another one of those little complaining error messages that'll pop up on that same screen and then disable uh previews i don't know if it's necessary um but i actually want to set that to false now that i think about it or is there enable previews wants to be true if i could read my own my own stuff here so once we've got this we're basically good to go as far as this file is concerned so we can do control o and enter and control x and then at least that part of stuff will be fixed so what we want to do next is actually come back to our containers we're going to go over here to next cloud app we're going to check the box and we're going to click restart so then we can come back over here and refresh and now it's asking us to log in and we love to see that that means we're on the right track so i'm going to put in my username and hit enter now again while it's settling in after a restart it's going to be a little a little bit slow a little finicky just give it a minute we'll get logged in here very shortly okay so what we want to do is again come up to the top right click our icon click on settings and then if we come back over here to overview okay now we're actually seeing what we saw before with regards to uh the oh this is cal dab stuff we're gonna fix that next i forgot we're gonna fix the cal dev stuff next again i don't necessarily need it for what i do however i know that some people do use cal dev so let's take a look at how to take care or how to fix that now okay so to fix this cal dab stuff uh what we're going to do is come back over to fortener we're going to come back to our list of containers we're going to go back to uh the the console here for the actual next cloud app we're going to click connect and then we're going to do is a cd into etc apache 2 slash sites enabled and we'll do an ls and here we can see that we've got a zero zero zero dash default.com we're going to actually nano into that and then what i want to do is just come down to the bottom this is why you should never just copy and paste you should actually pay attention to what it is you're doing here and that is because if we take a look uh the it i ended up moving these these five lines outside the virtual host in um in etc apache to sites enabled zero zero zero dash default.conf uh however i needed to make sure that those urls were actually correct and now that they are i know that i've gone in and saved the saved this restarted the container and come back now we can see that our well-known slash web finger and note info just like we saw before uh those are the ones that we're seeing and not the actual cal dab stuff so that's that was a little goof on my part and i wanted to make sure that i clarified that and explained why you should never just copy and paste you should actually pay attention because even i as the guy making this video screwed up by making that mistake so don't do that so the next thing we want to take a look at is actually upload uh max file sizes and memory sizes and things like that in order to kind of figure out what our starting point is what we're going to do is come over here to the bottom left where it says system and we'll give this just a second to load here and here we can see all of the the stuff about my current system here uh what i want to do is actually scroll down to the bottom uh we can see what version of php we're on our memory limit is 512 megs for a single user this might be fine uh if you're gonna you have multiple users on here you might want to crank that up a little bit uh max execution time in this case is six minutes that's probably fine and we've got an upload max file size of 512 megs now here's the deal right i'm going to show you something if i come back over to here go to my home page in fact i shook onto files let's go to files first so here we are we're in uh the just the general files uh so let's actually grab a video something that is more than 64 megs but something that isn't going to break the bank here we're just going to uh let's grab that one i'm just gonna drag this over and i'm having no issues with this it was 70 plus megs uh for that file 75.9 megs and it's uploading just fine however if you want to be 100 sure that you're not going to run into any issues um we'll take a look at how to do that now so in order to kind of update some of those numbers what we're going to do is come back to portainer here uh what we're going to do is uh we're going to do an ls dash a and we can see that there's an htaccess file right there so we're going to do nano dot ht access and hit enter and then right up here at the top i'm going to create a couple of extra lines here and i'm just going to drop some some some stuff in here they're going to talk about it i'm going to paste this in and here we can see we've got some php values um and basically we've got upload max file size 16 gigs change that to whatever you want it to be that's just the default that i went with uh masked uh post max size also 16 gigs max input time again 6 minutes 3 600 seconds same for the max execution time both of those are six minutes also we've got a memory limit of two gigs or 2048 megabytes uh and that's just uh just to kind of make sure that we we've told next cloud to to really to let us do what we want to do in here so i'm going to do ctrl o and enter and control x and then once we come back over to here uh we can take a look we can see that this um has uploaded 76 megs it didn't care that it was more than 64 megs even though that's what it said in there so what we're going to do is come back to portainer we're going to go to containers we're going to again restart this container and we'll click on files or we'll come back over to our tab we're going to click on up here we're going to go to settings go to system down here scroll all the way down now our memory limits 2 gigs our max execution times 3 600 seconds that one actually didn't change we've got a max upload file size of 16 gigs so that that kind of ensures that we shouldn't have any issues uploading files okay the last section of this i want to take a look at is actually cron jobs and over sorry background jobs uh there are a few different ways that you can facilitate background jobs with next cloud the first one is ajax and basically what that does is anytime you click around it will just kind of run a a a script in the background that kind of updates things however i've run into tons and tons and tons of issues with that and i've had my um my my whole next cloud just bogged down while it's trying to do stuff so i found the best solution for for a self-hosted setup like what we've got here is to go over here to cron so what we'll do is we'll just click this option right here and then what we want to do is actually set up some way to activate that cron so what we want to do first is find out what our quran url is to do that what we're going to do is go up to the url bar like so and we're just going to put on cron.php after our domain name there and hit enter and it says hey cron job so if we come back over we can see it was uh last run a few seconds ago just like that so we know that that is the correct url uh background jobs are using system cron that's good so what i want to do is grab this url here and and just kind of hold on to it for a moment what i'm going to do is come over to my actual home server here i'm going to copy this this is uptime kuma i've actually done a whole video on this in the past so i'm going to kind of breeze through some of this i will try to remember to put a link to uptime kuma in the description down below but what i'm going to do is come back over to portainer and go to stacks add a stack paste that in just like so all of this is perfectly fine as it is i'm going to click on deploy the stack okay so just a couple of minutes later we can see that uptime kuma is starting and if we go over here to the logs like we've done in the past we can see that uh it looks like it has finished up what it's doing here so i'm going to click on the port over here and it's going to say hey create an account for me so we're going to do that and then once we've got this we can click create rate so what i want to do is add a new monitor the monitor type will be https because we're going to be accessing this on a domain name the friendly name we're going to call this next cloud oops like so and then i'm going to come over and grab this url from that cron uh url that we looked at a moment ago we're going to come back over to uptime kuma we're going to uh put that in there just like so make sure that you don't have a double like an https https thing like i almost did there you can run this uh like by default every 60 seconds i don't think that's a good idea i would probably run out every three to five minutes depending on how much uh stuff you're going to be doing in here for the sake of keeping things simple though i'm gonna do this at 180 seconds that's three minutes uh just so that we can kind of go through this process um and basically everything else here is fine um we don't need to do any setup notifications you could if you wanted to if you wanted how to do that check out the other video that's not part of this one but basically once we've got all of this set up the way we wanted to we can click save and here we can see that it was added successfully and it's up so those are both good so if we come back over to our settings page and refresh basically at this point we can just kind of hang out and wait for the for the for the time to elapse again that three minute mark uh for the time to elapse to for it to go check that url and ping that that crown.php file which will then kind of start the cron job in the background and make sure that our server keeps running as smoothly and efficiently as possible by maintaining those cron jobs in the background even if we're not actively engaged with our next cloud instance also since we're on this page i kind of sparked something in my brain when we first set up this docker compose and took a look at it i mentioned that if you didn't want to put your your email stuff in a docker compose for security reasons which i totally get you can actually do it from the basic settings under background jobs under email server you can fill out this information click save and and deploy your your email service that way as well so i just wanted to make sure that there was an understanding of there's more than one right way to set up your email for this hey guys this part of the video is strictly for my canadian viewers so if you're not canadian uh skip this video and i'll wait until you're done okay hopefully everybody who's not canadian is now somewhere else in the video if you are canadian and you're looking to get into a self-hosting but you don't want to break the bank with new hardware you should definitely check out the folks over at refurb feed they have a huge selection of always changing inventory of products that have been used and refurbished and are ready to go for your next home lab project and if you use code db tech when you check out you can get 10 off your next laptop purchase be sure to check the description of any of the products you consider purchasing as some of them may not have a hard drive or they may not have a power supply but all of that will be listed in the product description of each of the products as applicable so be sure to head over to refurbished.com for your next home lab purchase so after waiting like it says here just a couple of minutes we can see that the last cron job was run about two minutes ago so here in just a moment uh the the uptime kuma container will go ping that cron.php file and then it will run that cron job in the background uh so i'm just gonna kind of hang out here for a minute i'm gonna refresh again last run three minutes ago so we're getting kind of close to that to that that marker where it's going to go ahead and uh and re rerun that cron file again it's not going to be exactly 180 seconds there's there's going to be some deviation here and there periodically but just know that about every three minutes or so it should uh rerun there it goes uh last run uh a seconds ago so that tells me this is in fact working that it's running about every three minutes to to do all of the cron stuff in the background and here we can actually see that things are running more smoothly as those crons continue to run okay guys there you go there's how to set up next cloud in docker but also taking it a step further and making sure that it's accessible from the internet without having to open any ports on your network whether you don't want to or you can't because you're on a cgnat setup or something like that i love using cloud floor tunnels for this exact reason and there are some tricks that you kind of have to know in order to get tunnels to work with certain applications and that's why i wanted to make this video is to to help those who want next cloud accessible from the internet but are are stuck behind uh you know some reason that they can't expose ports so hopefully you found this video helpful and if you did it would mean a lot to me if you give the video a thumbs up and share it with somebody who might find it useful of course as i mentioned everything will be available in the description down below including different ways that you can support the channel if you want to and that includes anything from coffee to paypal becoming a channel member or or a patron and some of those different things will actually give you early access to ad free content on this channel so with all that said again i want to thank you guys for spending a few minutes of your day with me today and i will talk to you in the next video

Info

Channel: DB Tech

Views: 11,655

Rating: undefined out of 5

Keywords: port forwarding, cloudflare, cloudflare argo tunnel, cloudflare tunnel, nextcloud, without port forwarding, remote access raspberry pi without port forwarding, cloudflare tunnel tutorial, how to run cloudflare argo tunnel, home assistant remote access without port forwarding, cloudflare argo tunnel setup, cloudflare tunnel setup, access localhost outside network without port forwarding, unraid cloudflare argo tunnel, cloudflare secure tunnel, tunnel, free port forwarding

Id: p0I8pikm2P4

Channel Id: undefined

Length: 31min 31sec (1891 seconds)

Published: Tue Aug 23 2022