Can't get Nextcloud access from local IPs

I followed the guide here HowTo: Ubuntu + Docker + Nextcloud + Talk + Collabora by @KarlF12. It’s working but since I am using a DDNS I can only access Nextcloud from my cellphone data connection. How do I configure it from here to get it to work on my local network as well? I have tried adding the server’s local IP address using OCC to trusted_domains and also localhost, and still I cannot access Nextcloud from the server itself.

From your LAN, do a nslookup of your DDNS. If it comes back with the public IP, then hairpin routing is most likely the issue. You can confirm it by adding the DDNS name along with the local IP to your hosts file and see if it then works.

The solution to this is to set up split-horizon DNS.

Thank you, modifying the hosts file worked at least for the server itself to get access. I can’t find out how to implement this split-horizon DNS with this reverse proxy setup I have because I don’t know enough about how either works, do you have a guide on how to do this with your setup because it seems like many people could benefit from it as well?

Well to put it simply, with a reverse proxy, the DNS (split horizon or otherwise) would need to point to the proxy. Not to the backend server itself.

I don’t have a guide for setting it up, but it seems clear I need to write one because I explain it about twice a week in this forum. It’s outside the scope of Nextcloud, but it’s a common issue only network people really understand.

I’ll give you the short version real quick. You have a public (WAN) IP and a private (LAN) IP. The problem is that when you LAN client looks up the server by DNS, it gets the WAN IP. You want it to get the LAN IP instead while in your LAN. So you run a LAN DNS server that provides a different response, instead returning the LAN IP for the name, and you provide this DNS server via DHCP. Then your clients go to the WAN IP while off-network and the LAN IP while on-network, all by using the same server name, with no changes needed on the client itself. It “just works.” This is split-horizon DNS.

1 Like

Thank you for the clarification. Would using something like dnsmasq or bind work? From what I’ve been able to gather, I would set up dnsmasq on my server (not sure exactly how to do this), then point my modem’s DNS IPs to my home server’s static IP and then the split DNS should allow my local clients to connect to nextcloud as well? I would rather use my ISP’s DNS servers than public DNS like if you do end up writing a guide please let me know :slight_smile:

1 Like

Sure, that would do it. All you need is a single primary zone with the name being the FQDN of your server, and in that zone an A record pointing it to the LAN IP. And you can configure the server to forward any queries for other zones (everything else) to the upstream DNS server of your choice.

Then you’ll use this DNS server on all devices on your LAN, and you can resolve this issue for Nextcloud and any other servers you happen to run.

If I get to the point of writing a guide, it’ll probably be for bind since I’ve used it on some occasions. Most of my DNS server experience is with Windows Server, but that’s not what we’re going for here.

take a look at pi-hole - pretty easy to setup and use. it’s primary goal is to filter advertising but one can use it to setup local DNS resolution as well.