NC in VirtualBox

ā„¹ļø Support šŸ“¦ Appliances (Docker, Snappy, VM, NCP, AIO)
, ,
1

NC together with docker is really great and simple to install. Thank you all for that great job!

But as usual there are always some people that do want a little more.

NC is running in a VirtualBox-VM. NC is accessible within the VM and from the host by using the IP of the VM. This is 192.168.178.38:8080 for example.

Now I want to access NC by a name, not by itā€™s IP: nc.gerd.lan instead of 192.168.178.38:8080.
One reason for this is, that I want to install additional services using port 8080 as well. Theoretical I could map the ports to 8081, 8082ā€¦ But thatā€™s really theoretical.

Here Iā€™m open to do anything within the VM, i.e. DNS, Webserver, whatever. But Iā€™m interested in doing a minimum on all the other devices that should access NC like other hosts, mobile ā€¦

I really tried a lot and was partially successful related to access within the VM. But I fail from outside the VM.

Any hint or link is really welcome. There must be thousands of installations of this style, with or without docker, but I didnā€™t find a cookbook.

2

A down and dirty way for just the local lan is to add the VM to your /etc/hosts file.

192.168.178.38 nc.gerd.lan

That should do it locally on your internal network. You will have to add it to all the computers hosts files on the lan though.

3

This is a great question. I just deployed it to VirtualBox as well, and noticed that it doesnā€™t actually register an IP from the gateway, I can log into the router and it doesnā€™t see NC, despite it having a reachable IP. Iā€™m not sure how VirtualBox bridging truly works, but it couldnā€™t reach DHCP so I had to set a manual IP. This must be due to being unable to reach DHCP and DNS services from my router itself.

I also spun up a Windows machine today, through VirtualBox with the same network configuration, and it reached my gateway, grabbed a DHCP IP, and itā€™s DNS name is registered in the router, so I can reach it via DNS. There must be either a NextCloud or Linux configuration blocking or interfering with it reaching the gateway.

Update:
If I add my router as a secondary DNS server, it registers in as a client in the router, but with the hostname of my host machine. I donā€™t know Linux very well, so itā€™ll be a journey to figure out how to get it to register the proper hostname like my Windows VM.

Second Update:
Yeah Iā€™m stuck here. Iā€™ve added the hostname to additional IPs (loopback and current network IP), changed DNS order, but nothing registers it properly. It always shows as the host.

Final Update:
I went into the router and found a DNS host entry section. Added it there, so all devices on the network will find it. I was never able to get it to register properly. But a good start for you would be to go to webmin and add your router as a secondary DNS server there. Also, if you can get it to register an IP from DHCP, that would probably be best. Once it obtains a DHCP address, it should register hostname information with your DHCP server.

4

This is a solution if I have only ONE web service. Then I can access it with http://nc.gerd.lan:8080.
But what if I have more than one?

5

Hi @Gerd

In principle you canā€™t use the same port for multiple services that are running on the same server / IP. But if we strictley talking about web services, there are ways to make it possibleā€¦

  • If all services are served by the same web server e.g. apache or nginx you could use seperate VirtualHosts for each service and name them nc.gerd.lan, otherservice.gerd.lan etcā€¦

  • If these services / apps have their own web server bundeld like e.g. the Nextcloud docker container, you could setup a sperate web server on the host system or on another server with multiple VirtualHosts in a reverse proxy configuration. The reverse proxy then forwards the requests to the web servers of the respective services / apps.

In both cases you would also no longer have to use port 8080 or whatever port the respective app uses. Instead you could access everything via the reverse proxy on port 80.

6

@bb77: I think this is exactly the solution. I played with appache and I played with dnsmasq. But I never played with both at the same time. And this idea came up in my mind this night. :roll_eyes:

I have to figure out how to set up apache, but I hope I will handle it.

@ALL: Thankā€™s a lot. At the end this post did help to find the solution for a task that created headache for months :smiley:

1 Like
7

Iā€˜m really sorry. It is still open. Apache is not the solution. Apache is part of the NC-container. This is the reason why it is possible to access the NC-Web-Side, the NC user interface.

An entry in etc/ hosts inside the VM is limited on the usage inside the VM only.

I think a solution could be to make any docker network, normally starting with ā€š172. ā€¦ā€˜, accessible outside the VM. Then I can setup an additional DNS inside the VM and use this outside the VM.

I also tried to create a docker network based on macvlan. This should bring the container into the network of the VM and so into the network of the router (192.168.178.xxx).

But all I did up to now failsā€¦ā€¦ā€¦ā€¦

So still any help appreciated!

8

Thats why you need a reverse proxy in front of it, when you want to serve more than one service using Docker on the same ip and port.

Why? Donā€™t do that! You already can reach the service via IP and Port. If you want to use port 80 and a nice URL instead of ip_aderess:8080 you have to setup a reverse proxy. The reverse proxy then recieves the requests on port 80 and forwards it to your Docker container on port 8080.

Additionally you have to make sure that the choosen DNS name (nc.gerd.lan) resolves to the ip of the reverse proxy. This can be done either on your router (if it supports DNS overrides), on a seperate DNS-server or in the hosts files of your client devices. No matter which method you use, at the end of the day nc.gerd.lan must point to to the IP of the server, where the reverse proxy is installed. This can be the same server on which Nextcloud is running, if you decide to install the reverse proxy there.

So long story shortā€¦

There are two independed things necesasarry in order for it to work the way you want it:

  1. A reverse proxy, in order to make Nexcloud Docker and any further services available on port 80, so you donā€™t have to specify a specific port

  2. Working DNS resolution for each service, in order to use names instread of IP addresses.

9

Oh you werenā€™t actually trying to solve the DNS issue, just apply a bandaid. That makes more sense.

10

It took me another couple of weeks - not full time :wink: - to figure out a solution for me.
Because I have it now running since a couple of months I think it is fair to tell you what I did. May be it is helpful for someone else.

Here is what I did.

My goal is to run a Rasp-Pi or in my case a small NUC with some WEB services like nextcloud, a personal WiKi, smarthome applications and others. All these applications should run in docker containers.
All these containers were running for a long time, but I had to access them by http://IP:port. Safe external access was possible via VPN. And thatā€™s working, but itā€™s not nice :slight_smile: .

My schematic setup (names and IPs are not the real onesā€¦):

  • I own a domain, letā€™s call it ā€˜gerd.lanā€™. I pay some money for it and some eMail-adresses are hosted by this domain since yeares.
  • My router is a Fritz-Box. The Fritz-Box allows me to create an accout like DynDNS or NoIP. This accout gives me access to my network from external, from the internet by using a nice name like ā€˜afdlhsflkjhasdfd.myfritz.netā€™.
  • For testing the stuff I use VirtualBox with ā€˜Ubuntu 22.04ā€™. The machine is called ā€˜my-serverā€™. The network interface is set to ā€˜bridgeā€™, so in my case the VM has the (internal) IP ā€˜192.168.178.38ā€™.

After a lot of investigation I figured out my solution:

  • Get a subdomain by my provider. The provider (IONOS in my case) who is hosting my domain, allows to create subdomains. So I create a subdomain called ā€˜nc.gerd.lanā€™ and forward it to my Fritz-Box: ā€˜afdlhsflkjhasdfd.myfritz.netā€™
  • On my Fritz-Box I install a port forwading. For me it looks similar to this:
 Device/Name       IP-Address                     Port
   my-server      192.168.178.38    HTTP-Server	   80
                                    HTTPS-Server  443

      - MYSQL_ROOT_PASSWORD=root-mysql-pw

      - VIRTUAL_HOST=nc.gerd.lan
      - LETSENCRYPT_HOST=nc.gerd.lan
      - LETSENCRYPT_EMAIL=info@gerd.lan

ā€˜info@gerd.lanā€™ must be a valid eMail address.

In ā€˜db.envā€™:

      MYSQL_PASSWORD=gerd-mysql-pw

Run this with

docker-compose up -d

After this I have access to the nextcloud setup by entering ā€˜nc.gerd.lanā€™.

Beside a lot of funny and stupid bullshit my main pitfalls were:

  1. VPN for external access was fine for me. So I tried my settup with a non official domain, a domain that is not registered anywhere. I tought that this is OK for internal access only. Or VPNā€¦
    But this is not the case. It really needs an official domain and sub-domain (c-record). And it also seems to need an existing mail address. - This really took me a lot of time. See my original post and you can get an impression about my meander.
  2. After I have found a solution I tried to repeat the whole setup and played around with it. This is a big advantage if I use a VM. After some tries it suddenly stopped to work. No matter what I did, it didnā€™t run anymore. The reason was that letsencrypt didnā€™t give me a key for my web side anymore. letsencrypt only allows to get a small number, I think it is the number of 5, of key request for the same sub.domain.tld. During playing I exceeded this number. To discover this it was helpfull to run ā€˜docker-compose upā€™ without ā€˜-dā€™ for detatch.
  3. It is necessary to have port forwarding active to the container in use. I you think (like I did ā€¦) you can do it later, if everything is running, it will NOT run. The reason is that certbot needs the complete setup.

Thankā€™s a lot for your help!