Sharing nextcloud files through remote.it

mafioso12dk · October 7, 2020, 7:20am

Hi,
I want to share my nextcloud files through internet with the help of “remote.it” site. I configured nextcloud at my local network and everything works great. I configured self-signed ssl certificate (I don’t have any domain), installed two factor authentication, created not-admin user to connect to cloud without admin privileges. I want to configure some firewall and fail2ban, too.

And my question is: Is it a good idea? I don’t know if this site is secure enough to doing this kind of stuff. The advantage of this solution is that I don’t have to do any port forwarding in my router to make it work.
I don’t have any super important data on my disk but, you know, I just want to know that everything is as secure as it can be.

Thank you in advance

devnull · October 7, 2020, 7:55am

Sorry i do not use “remote.it”.

remote.it allows you to make secure remote connections between two computers.
https://docs.remote.it

Perhaps it is secure. But i think you can not share files to other people. Nextcloud is a sharing platform I think remote.it is more a VPN solution.

Alternative:
I think there is no really high risk with port-forwarding to 80/443 and Lets Encrypt to the on-prem hosted nextcloud. Thousands or millions of users uses it without any problems.

mafioso12dk · October 7, 2020, 8:23am

I don’t have money in my budget to buy any kind of domain. Is it possible to configure everything for free? I know I can use free subdomain and I really have to use ddns because I don’t have Static IP. Can you recommend some sites?

I’m learning everything from scratch.

devnull · October 7, 2020, 8:25am

You can use a free DynDNS subdomain e.g. from https://www.ddnss.de in Germany.
You can also use a free Lets Encrypt certificate to the DynDNS subdomain.
For Lets Encrypt use “certbot” on your apache2/nginx - nextcloud server (DynDNS subdomain) port-forwarded through your router.

mafioso12dk · October 7, 2020, 9:36am

I have one problem. I created an account on ddnss.de (yeah its in german and it’s not possible to change language but so far I’m doing good). I registered a new subdomain, I forwarded ports in my TP-Link Archer C7 (port 80 ands 443) and it doesn’t work. I assume that when I enter my reserved domain in the browser i should get a test site of the server, right?

On ddns.de is option to test ports and it said that all my ports except port :143 are closed. Are they blocked by ISP?

devnull · October 7, 2020, 1:45pm

Yes. But first check the DNS-to-IP with “nslookup” or https://mxtoolbox.com/DnsLookup.aspx
Than compare with your ip address e.g. at https://ifconfig.me
Thant it could be that you can not access from inside. Test first from outside e.g. with a mobile device and from mobile not wlan.

mafioso12dk · October 7, 2020, 3:22pm

It shows the same IP adresses. mxtoolbox from my mobile internet on my cellphone and ifconfig from the server. But still it doesn’t work.

UPDATE:
This situation is hopeless because now I know that my Internet Provider gives me a private IP so I’m behind the NAT. That’s why I can’t connect with my local network from outside.

devnull · October 8, 2020, 5:26am

Than change your provider or ask for a worldwide IPv4 address. Also you can host your Nextcloud in the internet.