Accessing a local NextCloud server from outside network

Hey everyone, new here! I’ve installed Ubuntu Server LTS with the NextCloud snap on an unused laptop with the intent of making a cloud file-server thing meant to replace Google Drive. Locally, I can access the cloud instance fine using HTTPS and the private IP address; I can even SSH into it, which is exciting. However, once I leave my local network, all of this stops working.

I’ve gone into my router’s settings and opened ports 443 and 80; these should hopefully redirect incoming data into the server. The server (according to my ISP’s app) has a reserved private IP address, though being private, it still starts with 192.168, and is still only accesible locally, at least directly. I’ve made sure to set both the internal and external ports the same (those mentioned previously). Going to https://my.routers.ip.address doesn’t do anything; it loads a long while, then eventually says the connection timed out.

What are my next steps to get this working outside of my local network? I’ve seen some things mentioned something called nginx, as well as setting up a DDNS, though I’m still trying to piece together the individual comments I’ve found into my next steps, and would appreciate some more experienced advice.

I should note: I’ve tried finding a solution to this elsewhere on the forums, but all the responses are short, vague, and generally die out before the OP resolves their problem. Or they do, but it involves other technologies I’m equally unfamiliar with. Hopefully this isn’t an annoying question to see asked!

Hi! First, check about CGNAT and whether you can access your machine remotely. To simplify things, you can configure and start trying to access your server through SSH remotely. If you can, there is no significant reason not to be able to find your server remotely.

About DDNS: some will just throw the advice to just buy a fixed IP from your ISP - like this is easy and cheap for everyone. Keep calm. You can indeed configure a DDNS. Take a look for example on duckdns.org.

If you are affected by CGNAT, you can still use an IPV6 only, address through duckdns.org, using a script.

Anyway, first things first: take a look at this guide, since this author creates great tutorials.

Once you reach step 3, go to duckdns, follow their installation, register your domain name, and then enable https.

I can provide more detailed info later, but this might point you in the right direction.

Man, I’m dumb… I forgot to allow the ports with ufw on the server itself. The router was accepting the connections, but my server firewall was blocking them!

However, I’ve come across some other videos, tutorials, and articles about setting up NextCloud, and some of them are using two things called WireGuard and Docker as a way to make the server more secure, i.e., without the need for port-forwarding. This seems appealing, as it wouldn’t necessarily require that I open my home network to the world wide web. Have you found success in this method? Is there a good way to get this working remotely, as well?