first of all i am new to the general topic setting up / configuring Webservers.
I am trying to set up Nextcloud (Nextcloud is working fine!) with Collabora as intranet service at my dormitory. This service should not be accessed from outside the local network i have no domain names and hence can’t get an SSL-Certificate (if i got this right).
Is it possible to set this up with just one ip-address and no domain names or SSL-Certificate? How would i achieve this? Am i wrong with my previous assumptions?
What i got so far:
I have nextcloud running on Ubuntu with Apache2. Using a second Port and VirtualHosts i got a second Server running parallel to nextcloud.
I have had one of my nextclouds running on my home intranet to https://nextcloud.foss *note that there is NO SUCH top level domain.
My netgear router has a way to set the NextCloud’s local IP address as static under DHCP settings. Most wireless or wired routers have this.
Set that now static internal IP address of 192.168.###.### within your next cloud config and within your apache settings and get a self-signed cert.
Last, change your UFW settings to only allow traffic from 192.168.0.0/16.
Optional and what I did: add whatever real or MADE UP domain you like; such as, nextcloud.dorm? So you’ll be able to reach your nextcloud via IP as well as a real or madeup.tld. If you go this fake domain route, on all of your home computers you have a hosts file. You can set that IP address within your computers’ hosts file to map to that nextcloud.dorm fake domain name with a self-signed cert. Note, that you can’t really change a hosts file on a mobile phone without jailbreaking so you’ll have to use an ip address to access it.
You can ALSO actually get a real domain online (what I did) like niels.cloud and point it to 192.168.###.### via a dns service and get a lets encrypt certificate. Though your nextcloud isn’t reachable by the outside world WITH PROPER UFW SETTINGS, your computers will ping an outside DNS looking for niels.cloud, grab it’s 192.168.###.### ip address and then send you directly to your internal nextcloud via lets encrypt SSL.
Best of luck, my home nextcloud is running beautifully off a Raspberry Pi 3, Ubuntu Mate 16.04, php 7, mysql & a Samsung Pro Plus 128GB MicroSDXC.
I have set up a DNS-Server with dnsmasq (took me some time to get it running) by now. And am looking into creating my own ssl certificate. But it’ll take some time
since i am not the only one who should access this server, i decided to go with a DNS (dnsmasq). But i can’t get it running as expected. My Server has a static IP and is configured in the router as primary DNS. I basically have 3 Domains which should all be resolved to the Servers IP (All running on the same machine). Configured in the /etc/hosts file which is used by dnsmasq:
While testing it seems a bit random what site loads by which domain name or is unreachable. Same with pinging.
Currently cloud.intranet and start.intranet are behaving as expected, but *.intranet and loo.intranet are unreachable.