i have a Nextcloud server with the following guide installed:
Everything works very well and secure (A+ in nextcloud sec. ranking) BUT
How can i configure 1 additionally local PC connection to Nextcloud? i tried multiple things, but nothing works.
is it recommendable to have a self signed ssl certificate for local access?
My system:
Nextcloud version 20.0.4
Operating system and version: Ubuntu Server 20.10
nginx version 1.18.0
PHP version 7.4
let’s encrypt ssl
… see the guide
yes this is right. Because i won’t push my local files over the internet and back to my local nextcloud server but the server is configered for 443 trusted domains only.
the most direct way would be you’d enter your local server-ip into the browser of your desired PC and then log in to your NC, directly fopr uploading your stuff.
That isn’t possible. Only over 443 with a trusted ssl Certificate access is possible. When you look into the guide you see the configuration, but I’m not so good to find a solution by my self.
Bitte kontaktieren Sie Ihren Administrator. Wenn Sie Administrator sind, bearbeiten Sie die „trusted_domains“-Einstellung in config/config.php. Siehe Beispiel in config/config.sample.php.
Weitere Informationen zur Konfiguration finden Sie in der Dokumentation.
Can you connect to your Nextcloud if you use the public URL (e.g. cloud.yourdomain.tld) on said PC? If so, everything works as it should and nothing has to be changed or added.
yes this is right. Because i won’t push my local files over the internet and back to my local nextcloud server but the server is configered for 443 trusted domains only.
Just because you are using the public URL, it doesn’t mean everything will be routed over the internet. If you use the public URL on a PC in the same local network in which your nextcloud server is located, the DNS query will return your public IP address. But the router recognizes this and “reflects” the connection back to the internal network. This means no data is ever leaving your local network. This feature is called Hairpin-NAT, NAT-loopback or NAT-Reflection. Most routers do support NAT-Reflection.
What exactly happens if you try to connect to your nextcloud with via Domain Name e.g. cloud.yourdomain.tld from said PC?
If you can connect, everything is working as expected and you should use the domain name.
If it doesn’t connect, then you are probably right and NAT-Reflection is not working on your router. On some models this has to be activated. Some models don’t support it at all.
…or you could do what the error message says and add the IP-address of the server to your trusted domains list in the config.php. But if you connect to the server via IP-address instead of the domain name, you will get an error message in the browser, because the name in the certificate does not match.
How it runs here:
I have configured a second Virtual Host in Apache, defining the same ServerRoot, but different security policys. I have referenced a local certificate, issued by a local certificate authority (via openssl) for a local name and the IP address. The root certificate is imported to my client(s), of course. Alternativly, you can configure a self signed certificate for local use.
Add the appropriate trusted domain to your config.php, as bb77 mentioned.
I’m having the same problem… tryin to sync 600GB of data, but the sync goes through the ddns address via 443. I’ve tried to add the IP of the server to the trusted domains, but the nginx is blocking every request from not ssl properly.
Any solution?! Adding a new server to my nginx conf?
For a onetime sync, I would use local DNS on the computer from which I wanted to sync the data. Simply point the domain name to the internal IP address of your Nextcloud server in the local hosts file of your operating system. If it’s a workstation PC, you can leave it that way afterwards. With a laptop that you also want to use outside of your network, you would have to undo it after you copied the files.