hey guys
I’m pretty new to this web-stuff
i got a vps where i’d like to install nextcloud. i want it to be reachable via cloud.example.com
i also have a homeserver with octoprint and stuff on it. i’d love to be able to access that with octoprint.example.com
that’s what you pros use a reverse proxy for, right? but how do i do that?
install nextcloud with appache and use nginx as the proxy? i guess i could also use haproxy for that as well? what would you recomend as setup?
sadly nginx proxy manager is no option. but is there another easy to config method?
I use Caddy V2 (running in Docker/Podman). Configuration can be even simpler than the below. It automatically sorts out the SSL certs from Let’s Encrypt for you. If you use Cloudflare DNS challenge like I do, you can get SSL without the server having to be exposed to the internet.
cloud.example.com { encode zstd gzip tls { dns cloudflare {$CLOUDFLARE_API_TOKEN} resolvers 1.1.1.1 1.0.0.1 } reverse_proxy nextcloud.my.local.domain:80 }
If you want it exposed then you can just use the default HTTP challenge.
cloud.example.com { encode zstd gzip reverse_proxy nextcloud.my.local.domain:80 }
And yes you can add any number of sites on subdomains like this and it will reverse proxy them to the correct server based on the domain name.
that looks promising.
guess i’ll take a look at caddy.
thank you very much.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters DNS Domain Name Service/System HTTP Hypertext Transfer Protocol, the Web SSL Secure Sockets Layer, for transparent encryption nginx Popular HTTP server
4 acronyms in this thread; the most compressed thread commented on today has 6 acronyms.
[Thread #652 for this sub, first seen 3rd Apr 2024, 11:35] [FAQ] [Full list] [Contact] [Source code]
I used docker to get nextcloud and nginx conf to reverse proxy to it. It works well and is not difficult to set up by following their guide on github. It works pretty much out of the box.
I would keep octopi off the Internet (local network only). There’s too much risk that if somebody did get access they could heat your hot-end up to 300C and just leave it there or something… Setup a vpn if you want remote access to it.
good point
but octoprint was more of an example. not the best, for sure
You do not need to expose octoprint to the Internet when you use a reverse proxy. You can set it up to be local only or leave some services local only.
I’d install it via podman (or docker) compose.
I use nginx proxy manager but traefik or caddy should be recommended I guess
I use both nginx and haproxy, and nginx is much easier to configure. That being said, haproxy has more features, like working as a load balancer with traffic shaping/shifting. But it sounds like you don’t need those features.
Nginx is pretty easy to set up. Look up “nginx virtual hosts”. You might want to use certbot/acme if you don’t have SSL certificates for your domain names. You need either a wildcard certificate (*.example.com), a certificate with SAN (Subject Alternative Name) containing the second subdomain, or two certificates (one for each subdomain). Note that subdomains can be found more easily than path based websites, if you allow connections from the whole WAN.