And using nextcloudpi?
Restart from here: https://github.com/nextcloud/docker
And a raspberry 2 is enough, or rather go with version 3 or 4? 
1 Like
Hell, I have a full dockerized install on my raspberry pi 3 (five containers: web, app, cron, db, redis).
It works, but in total I have 14+ containers (transmission, amule, samba, tt-rss…) there and that raspi suffers pretty often (and I serve 1-3 users)
Yes I agree. Let’s start with a small setup.
I created a nas with openmediavault, with shared folders (one for each class), users (one for each class) with the relative permissions. inside openmediavault there is docker. I created a nextcloudpi container. I am adding all the shared nas folders in the nextcloud external archives. it’s great. The only barrier is port forwarding which I cannot do.
Please post something about your provider (provider name, network type, …) and your router to the internet (router name, router type, communication type, …)
can I share this information here?
this depends on your “legal” and “security” departments.
we don’t have a security department and for now we don’t even have a network policy
I guess someone has the authority to make these choices.
the possibility of port forwarding is null. the information you asked me, are necessary to take an alternative approach?
Why is the possibillity of port forwarding null?
Normal provider (for e.g. 30 euro a month in Germany) give you a router (mostly Fritz Box) with port-forwarding and DSL 25.000 (25 MBit/s Download).
Because it is a Telematic Network of Public Administrations.
So there’s probably a place and a proper way to put public facing services. Ask through proper channels (or host the thing somewhere else, there are servers – in fr/nl/lu, I think – with 1TB HDD for 8€/month)
1 Like
For schools and others, there are perhaps possibilities to get an official ip address. If not or if it is too complicated, you could:
- use a virtual private server to tunnel all traffic to your setup (you have to know the traffic limit, if that is doable)
- if you don’t need extremely large amount of storage, a running everything on a VPS or a dedicated server, completely outside your network, could be an option
- You can provide the service in the TOR network, everybody can connect through the TOR network, that doesn’t add extra costs but complicated to used
what do you mean by official ip address? what would be the advantage?
I have not understood well
this is an excellent solution. I am trying to get a free vps from aws
could I have more details?
hetzner has 20 TB, only counts outgoing; scaleway has unlimited (as do some others).
problem is that tunnel or vpn doesn’t change anything, it’s bypassing policy all the same.
I’d go for a local install tunneling (wg, tinc, ssh?) to a reverse proxy vps that handles tls. This way clients don’t have to be on the vpn.
1 Like
it looks complicated enough, but easy for the end user. can you make me understand better? I’m not as expert as you are
you have two machines connected via a tunnel, this tunnel uses one (or more) vpn technologies to connect the machines.
on the local machine you install whatever http service you want to serve.
on the remote one you configure a reverse proxy like nginx or haproxy to do tls termination and to proxy the requests through to the local machine.
it’s simple and it’s not hard to make, but you should check if it’s authorized on your network.
but wait: can you put machines in a “demilitarized zone” or “dmz”?
1 Like
no, I can not
Theres a solution for your problem. It’s not as good as forwarding the ports, but since you can’t do that this is probably the best option, if you don’t want to rent a VPS: ngrok
Do you understand german ? if yes theres a great tutorial on youtube
I don’t use it personally, so i dont know how good it is and if it supports https.
There is a free plan, but maybe its not good enough for your setup.
1 Like