[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)


Recommended Posts

If you are using the domain as URL, it should work from local Network too.

 

Example: I configured plexpy.mydomain to connect to my plexpy docker via the reverse proxy. The port forwardings are as described in my previous post.

I can connect via https://plexpy.mydomain in my local network and from remote locations.

Not sure, if necessary, but I deactivated DNS rebind protection in my router for mydomain.

 

plexpy.mydomain points to my WAN IP address.

Link to comment

Hmm... I get that if its coming in from outside, the port forward 443 to the correct internal host port would work as expected. On the LAN, the host port is listening on 8062, and you're connecting on https (443)... so unless you're leaving your LAN to make that connection, I don't know how this would work without specifying the port (https://plexpy.mydomain:8062)... But I could very well be missing something. Does your plexpy/reverse proxy container have a different IP than your unraid box?

Link to comment

since the domain is linked to my external ip-address, the router is asked for the correct route. and since <external-ip>:443 is forwarded to <unraid>:8062, i get the correct connection. pretty sure this works only if the dns-rebind protection is disabled for the domain. i don't leave my LAN, but the connection is done via the router

 

all my dockers use the same ip as my unraid box.

 

the reverse proxy config is pretty easy:

server {
        listen 443 ssl;

        server_name plexpy.mydomain;

        include /config/nginx/ssl.conf;

        location / {
            client_max_body_size 10m;
            client_body_buffer_size 128k;

            #Timeout if the real server is dead
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

            # Advanced Proxy Config
            send_timeout 5m;
            proxy_read_timeout 240;
            proxy_send_timeout 240;
            proxy_connect_timeout 240;

            # Basic Proxy Config
            proxy_set_header Host $host:$server_port;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto https;
            proxy_redirect  http://  $scheme://;
            proxy_http_version 1.1;
            proxy_set_header Connection "";
            proxy_cache_bypass $cookie_session;
            proxy_no_cache $cookie_session;
            proxy_buffers 32 4k;

            proxy_pass http://192.168.0.xxx:8181;
        }

}

 

Link to comment
51 minutes ago, Benni-chan said:

since the domain is linked to my external ip-address, the router is asked for the correct route. and since <external-ip>:443 is forwarded to <unraid>:8062, i get the correct connection. pretty sure this works only if the dns-rebind protection is disabled for the domain. i don't leave my LAN, but the connection is done via the router

 

all my dockers use the same ip as my unraid box.

 

the reverse proxy config is pretty easy:


server {
        listen 443 ssl;

        server_name plexpy.mydomain;

        include /config/nginx/ssl.conf;

        location / {
            client_max_body_size 10m;
            client_body_buffer_size 128k;

            #Timeout if the real server is dead
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

            # Advanced Proxy Config
            send_timeout 5m;
            proxy_read_timeout 240;
            proxy_send_timeout 240;
            proxy_connect_timeout 240;

            # Basic Proxy Config
            proxy_set_header Host $host:$server_port;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto https;
            proxy_redirect  http://  $scheme://;
            proxy_http_version 1.1;
            proxy_set_header Connection "";
            proxy_cache_bypass $cookie_session;
            proxy_no_cache $cookie_session;
            proxy_buffers 32 4k;

            proxy_pass http://192.168.0.xxx:8181;
        }

}

 

 

 

could be a nat reflection issue at the router level

 

Link to comment

Hi everyone, wondering if someone can help me out with reverse proxy for Ghost (blogging) docker that I managed to install from Docker Hub.

 

I can access the blog locally at http://192.168.1.252:2368/.

 

I'm trying to reverse proxy it like I've done with all my dockers.

 

This is what I have, which semi-works:
 

#Config for Ghost
     location ^~ /vurtopia {
         auth_basic "Restricted";
         auth_basic_user_file /config/nginx/.htpasswd;
         include /config/nginx/proxy.conf;
         proxy_pass http://192.168.1.252:2368/;
     }

 

(I'm just repurposing the above from what I have for Couchpotato.)

 

I can get to the blog at mydomain.net/vurtopia but the page doesn't load fully, like its CSS is missing.

 

And if I tried to visit mydomain.net/vurtopia/ghost to access the admin page, it brings me back to the login page after I log in.

Link to comment
5 hours ago, vurt said:

Hi everyone, wondering if someone can help me out with reverse proxy for Ghost (blogging) docker that I managed to install from Docker Hub.

 

I can access the blog locally at http://192.168.1.252:2368/.

 

I'm trying to reverse proxy it like I've done with all my dockers.

 

This is what I have, which semi-works:
 


#Config for Ghost
     location ^~ /vurtopia {
         auth_basic "Restricted";
         auth_basic_user_file /config/nginx/.htpasswd;
         include /config/nginx/proxy.conf;
         proxy_pass http://192.168.1.252:2368/;
     }

 

(I'm just repurposing the above from what I have for Couchpotato.)

 

I can get to the blog at mydomain.net/vurtopia but the page doesn't load fully, like its CSS is missing.

 

And if I tried to visit mydomain.net/vurtopia/ghost to access the admin page, it brings me back to the login page after I log in.

 

Can you add a root url to ghost? That's most likely your issue

Link to comment
11 hours ago, aptalca said:

 

Can you add a root url to ghost? That's most likely your issue

 

Reading this, it looks like you can add a base url in ghost's config, and the config file I'm looking for is config.production.js which I found when I open up a terminal in the Ghost container:

 

59b56d99aa93f_ScreenShot2017-09-10at12_51_19PM.png.f289590006187590415dcc737d724ac6.png

 

I ran a "cat config.production.json" and see this:

 

{
  "url": "http://localhost:2368/",
  "server": {
    "port": 2368,
    "host": "0.0.0.0"
  },
  "database": {
    "client": "sqlite3",
    "connection": {
      "filename": "/var/lib/ghost/content/data/ghost.db"
    }
  },
  "mail": {
    "transport": "Direct"
  },
  "logging": {
    "transports": [
      "file",
      "stdout"
    ]
  },
  "process": "systemd",
  "paths": {
    "contentPath": "/var/lib/ghost/content"
  }
}

I'm assuming "url": "http://localhost:2368/" is what I need to change, to "url": "https://mydomain.net/vurtopia/".

 

But how do I edit the json file?

 

There's no /ghost in /appdata where all my containers are. I usually FTP into unRAID, find the folders and files I need, and edit them.

 

A bit lost in the CLI. There's no vi or text editor I can run.

Edited by vurt
Link to comment

After rereading the first 5 pages about 20 times... I've got my LE/NGINX setup and running! Thanks for the container and all the tips and tricks.

 

After reading the remainder of the 32 pages, my one remaining question is how do I get/give access to friends/family to actually be able to create/change their own NGINX passwords? I created mine by SSH into my unRAID box then running:

docker exec -it letsencrypt htpasswd -c /config/nginx/.htpasswd <username>

but I have people spread across the country, and they can't all do that themselves. To be fair, I could create accounts/passwords for them (which would likely be longer, ergo more secure), but I'd prefer to give them a way of doing it themselves.

 

Once I get this last piece in place, I can email out instructions & shut down all the other port forwards in the router and feel much better about my server.

 

Thanks again to the linux|server.io gang, especially @aptalca for putting this all together!

Edited by FreeMan
typos
Link to comment
3 hours ago, vurt said:

 

Reading this, it looks like you can add a base url in ghost's config, and the config file I'm looking for is config.production.js which I found when I open up a terminal in the Ghost container:

 

59b56d99aa93f_ScreenShot2017-09-10at12_51_19PM.png.f289590006187590415dcc737d724ac6.png

 

I ran a "cat config.production.json" and see this:

 


{
  "url": "http://localhost:2368/",
  "server": {
    "port": 2368,
    "host": "0.0.0.0"
  },
  "database": {
    "client": "sqlite3",
    "connection": {
      "filename": "/var/lib/ghost/content/data/ghost.db"
    }
  },
  "mail": {
    "transport": "Direct"
  },
  "logging": {
    "transports": [
      "file",
      "stdout"
    ]
  },
  "process": "systemd",
  "paths": {
    "contentPath": "/var/lib/ghost/content"
  }
}

I'm assuming "url": "http://localhost:2368/" is what I need to change, to "url": "https://mydomain.net/vurtopia/".

 

But how do I edit the json file?

 

There's no /ghost in /appdata where all my containers are. I usually FTP into unRAID, find the folders and files I need, and edit them.

 

A bit lost in the CLI. There's no vi or text editor I can run.

 

It sounds like when you created that docker container, you didn't map the locations that hold your user data. You can use nano or vi to edit the file and restart the container. Don't recreate or update the container because you will lose all of your data since they are all inside the container. 

Link to comment
55 minutes ago, FreeMan said:

After rereading the first 5 pages about 20 times... I've got my LE/NGINX setup and running! (Thanks for the container and all the tips and tricks.

 

After reading the remainder of the 32 pages, my one remaining question is how do I get/give access to friends/family to actually be able to create/change their own NGINX passwords? I created mine by SSH into my unRAID box then running:


docker exec -it letsencrypt htpasswd -c /config/nginx/.htpasswd <username>

but I have people spread across the country, and they can't all do that themselves. To be fair, I could create accounts/passwords for them (which would likely be longer, ergo more secure), but I'd prefer to give them a way of doing it themselves.

 

Once I get this last piece in place, I can email out instructions & shut down all the other port forwards in the router and feel much better about my server.

 

Thanks again to the linux|server.io gang, especially @aptalca for putting this all together!

 

Glad to hear it's working for you. If you can give them vpn access, they can ssh or telnet into your unraid and run that command (without the -c option) and their username and password will be appended to the htpasswd file. 

 

Or, you can have them create the one way encrypted hash and send that to you, which you can manually append to that file. That way, you won't know what their password is and it would be easy to set it up. 

Link to comment
Just now, aptalca said:

 

Glad to hear it's working for you. If you can give them vpn access, they can ssh or telnet into your unraid and run that command (without the -c option) and their username and password will be appended to the htpasswd file. 

 

Or, you can have them create the one way encrypted hash and send that to you, which you can manually append to that file. That way, you won't know what their password is and it would be easy to set it up. 

That would be assuming they would understand things like "VPN", "SSH", or "one way encrypted hash". Sigh...

 

Guess my best bet is to make up good passwords for them, eh? I did it for the various containers, I guess I can do it for this, too.

 

Thanks again!

Link to comment
46 minutes ago, FreeMan said:

That would be assuming they would understand things like "VPN", "SSH", or "one way encrypted hash". Sigh...

 

Guess my best bet is to make up good passwords for them, eh? I did it for the various containers, I guess I can do it for this, too.

 

Thanks again!

 

Or get them to use an online tool like this and send you the output....

Link to comment
5 hours ago, aptalca said:

 

It sounds like when you created that docker container, you didn't map the locations that hold your user data. You can use nano or vi to edit the file and restart the container. Don't recreate or update the container because you will lose all of your data since they are all inside the container. 

 

I'm not worried about losing data since this is a fresh install.

 

I found a command that lets me change the "url" variable to "https://mydomain.net/vurtopia/"; restarted Ghost, and tried to access mydomain.net/vurtopia:

 

Cannot GET //

Trying to access http://local_ip:2368 gives me a similar error:

 

Cannot GET /

 

 

If I changed the "url" variable to "http://local_ip:2368/", I get the same half-loaded web page and login issue as before.

 

On a separate note, I also tried mapping locations manually:

 

59b5ddd16200a_ScreenShot2017-09-10at8_49_58PM.png.04faf3d7608a9903fa47320abb65b1a1.png

 

but Ghost wouldn't even start:

 

59b5de285a4c2_ScreenShot2017-09-10at8_51_23PM.png.cb4a4df579fd03549d7a43c25822f4a3.png

 

I googled a few web pages that talk about running Ghost docker behind a reverse proxy, but they seem to do it differently from what I copied from the forum here.

Screen Shot 2017-09-10 at 12.51.19 PM.png

Link to comment
17 hours ago, aptalca said:

 

That was the second option I had proposed but chbmb gets all the credit. I see how it is ?

CHBMB also went the extra mile to spoon-feed me a link, so, there's that. :)

 

I did give you the kudos for writing/maintaining the docker.

 

I have run into one minor snag - I don't seem to be getting redirection from HTTP to HTTPS for any of my dockers.

My /nginx/site-confs/default contains this right at the top:

 

# listening on port 80 disabled by default, remove the "#" signs to enable
# redirect all traffic to https
server {
	listen 80;
	server_name _;
	return 301 https://$host$request_uri;
}

yet, entering photos.mydomain.ddns.us in the address bar does not ...

 

Whew! thought to check one thing before posting that. It doesn't work when you're not port-forwarding 80 -> 81 at the router... :$

 

Works a treat now.

 

Thanks again, APTALCA! ;)

Link to comment

Hello, I'm trying to install letsencrypt. I wonder what causes this certbot error --cert-path: no such file or directory.

 

Full log.

 



[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
2048 bit DH parameters present
SUBDOMAINS entered, processing
Sub-domains processed are: -d www.example.com
E-mail address entered: example@me.com
Different sub/domains entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created
usage:
certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
cert.
certbot: error: argument --cert-path: No such file or directory
Generating new certificate
Sub-domains processed are: -d www.example.com
E-mail address entered: example@me.com
Different sub/domains entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created
usage:
certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
cert.
certbot: error: argument --cert-path: No such file or directory

 

and here is the command after I press applied.

 

root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name="letsencrypt" --net="bridge" --privileged="true" -e TZ="Asia/Bangkok" -e HOST_OS="unRAID" -e "EMAIL"="example@me.com" -e "URL"="work..example.me" -e "SUBDOMAINS"="www" -e "ONLY_SUBDOMAINS"="false" -e "DHLEVEL"="2048" -e "PUID"="99" -e "PGID"="100" -p 8083:80/tcp -p 443:443/tcp -v "/mnt/user/appdata/letsencrypt":"/config":rw linuxserver/letsencrypt

5014fdf3443be36024babe333597136c12a6b95e2d19e52a32946480ffdeea1b

 

Any idea where I did wrong?

error.png

Link to comment

Are there any resources I can read up on to figure out this application?

 

I definitely didn't learn this stuff in my CSC courses and it's a real pain in the rear...

 

Want me to build/compile a custom Linux kernel... done!

Build a custom android rom from source... done!

Reverse engineer an android bootloader...done

Reverse proxy a docker... help!!!!

Link to comment
7 hours ago, sevenz said:

Hello, I'm trying to install letsencrypt. I wonder what causes this certbot error --cert-path: no such file or directory.

 

Full log.

 

 

  Reveal hidden contents

 

 


[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
2048 bit DH parameters present
SUBDOMAINS entered, processing
Sub-domains processed are: -d www.example.com
E-mail address entered: example@me.com
Different sub/domains entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created
usage:
certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
cert.
certbot: error: argument --cert-path: No such file or directory
Generating new certificate
Sub-domains processed are: -d www.example.com
E-mail address entered: example@me.com
Different sub/domains entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created
usage:
certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
cert.
certbot: error: argument --cert-path: No such file or directory
 

 

 

 

and here is the command after I press applied.

 

 


root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name="letsencrypt" --net="bridge" --privileged="true" -e TZ="Asia/Bangkok" -e HOST_OS="unRAID" -e "EMAIL"="example@me.com" -e "URL"="work..example.me" -e "SUBDOMAINS"="www" -e "ONLY_SUBDOMAINS"="false" -e "DHLEVEL"="2048" -e "PUID"="99" -e "PGID"="100" -p 8083:80/tcp -p 443:443/tcp -v "/mnt/user/appdata/letsencrypt":"/config":rw linuxserver/letsencrypt

5014fdf3443be36024babe333597136c12a6b95e2d19e52a32946480ffdeea1b

 

 

Any idea where I did wrong?

error.png

Is that the end of the log? I doubt it. That error is harmless. It means you just changed the settings so it is trying to revoke the previous cert before generating the new one. However, it seems last time there was an error an no cert was generated so it can't find it. 

Link to comment
3 hours ago, MowMdown said:

Are there any resources I can read up on to figure out this application?

 

I definitely didn't learn this stuff in my CSC courses and it's a real pain in the rear...

 

Want me to build/compile a custom Linux kernel... done!

Build a custom android rom from source... done!

Reverse engineer an android bootloader...done

Reverse proxy a docker... help!!!!

 

There are mainly two methods to reverse proxy with nginx.

 

First one is the root url / base url / url prefix method. If your app already has a base url like sabnzbd by default does (you access it directly at http://ip:port/sabnzbd) or allows you to set one, then you use the location block in the nginx site config to proxy that app from the address https://yourdomain.url/sabnzbd 

This is the easiest way to proxy. As long as you match the root url to the proxied location name, it should pretty much work with no effort. 

 

If your app doesn't support the base url, where you can only access it at http://ip:port then you should probably use the second method, subdomain. That way, you would access it at https://appname.yourdomain.url this is done in a new server block in the nginx site config. 

 

The default nginx site config that comes with this container has samples (commented out) for both. 

 

There is also a ton of info in this thread and a couple of others in this forum. 

Edited by aptalca
Link to comment
47 minutes ago, aptalca said:

Is that the end of the log? I doubt it. That error is harmless. It means you just changed the settings so it is trying to revoke the previous cert before generating the new one. However, it seems last time there was an error an no cert was generated so it can't find it. 

 

 

 


ErrorWarningSystemArrayLogin


[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 10-adduser: executing...

-------------------------------------
_ _ _
| |___| (_) ___
| / __| | |/ _ \
| \__ \ | | (_) |
|_|___/ |_|\___/
|_|

Brought to you by linuxserver.io
We gratefully accept donations at:
https://www.linuxserver.io/donations/
-------------------------------------
GID/UID
-------------------------------------
User uid: 99
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
2048 bit DH parameters present
SUBDOMAINS entered, processing
Sub-domains processed are: -d www.sevenz.ddns.net:23689
E-mail address entered: sevenz@sevenz.id
Different sub/domains entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created
usage:
certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
cert.
certbot: error: argument --cert-path: No such file or directory
Generating new certificate
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
An unexpected error occurred:
The request message was malformed :: Error creating new authz :: Invalid character in DNS name
Please see the logfiles in /var/log/letsencrypt for more details.
IMPORTANT NOTES:
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
/var/run/s6/etc/cont-init.d/50-config: line 127: cd: /config/keys/letsencrypt: No such file or directory
[cont-init.d] 50-config: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.
 

 

 

and this

 

 

 

 


[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
2048 bit DH parameters present
SUBDOMAINS entered, processing
Sub-domains processed are: -d www.sevenz.ddns.net
E-mail address entered: sevenz@sevenz.id
Different sub/domains entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created
usage:
certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
cert.
certbot: error: argument --cert-path: No such file or directory
Generating new certificate
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for sevenz.ddns.net
tls-sni-01 challenge for www.sevenz.ddns.net
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.sevenz.ddns.net (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: DNS problem: NXDOMAIN looking up A for www.sevenz.ddns.net
IMPORTANT NOTES:
- The following errors were reported by the server:

Domain: www.sevenz.ddns.net
Type: connection
Detail: DNS problem: NXDOMAIN looking up A for www.sevenz.ddns.net

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
/var/run/s6/etc/cont-init.d/50-config: line 127: cd: /config/keys/letsencrypt: No such file or directory
[cont-init.d] 50-config: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.
 

 

 

 

Here it is. I have no idea how to remove the port number from the nextcloud ddns (its forwarded via vpn).

Edited by sevenz
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.