NextCloud as a frontend for internal sites

psyciknz · April 8, 2020, 3:31am

Hi

New to nextcloud, and I stumbled across it when trying ot get a better solutionto a dockerised webdav server and permissions issues. Thankfully Nextcloud didnt’ have the same issues.

I currently have external access to another site and could probably happily expose nextcloud as well (I use caddy as a front end for all ssl certificates and reverse proxying). But It looked like Nextcloud had a very good security model that I thought might be nice to have as a frontend…and use it as access control.

So the point of the question is, can I expose Nextcloud to the internet…and after authentication, access an internal site as if I’m on my own network? I currently do this with other sites, but via ssh tunnels…I’d like the model of a single gateway (NextCloud), that can then authenticate me and allow access for authenticated users to internal sites.

Is this possible?

KarlF12 · April 8, 2020, 4:59am

Yes.

No.

It sounds like what you need is a VPN. Have a look at OpenVPN Access Server or pfSense if your current firewall doesn’t have good VPN support.

devnull · April 8, 2020, 5:40am

If you do not want a real vpn you can search for “ssl vpn” and “web proxy” e.g. https://github.com/joshdick/miniProxy

psyciknz · April 8, 2020, 9:13am

I have a vpn, thats easy for me to use on ipad/iphone. It’s my work computer where that gets difficult, or yes, I’d be quite happy to use a vpn.

I use the ssh tunnel and have a socks proxy…but the main app I want to sync via webdav is a keepass db, which doesn’t seem to support a socks proxy. And yes I’ve tried webkeepass, but that doesn’t have a site fill in I can get from keepass desktop

devnull · April 8, 2020, 9:30am

You can perhaps sync with webDAV to a subdir of your nextcloud (without VPN).

webDAV-configuration:
https://cloud.domain.tld/remote.php/dav/files/user/subdir