this post was submitted on 04 Jan 2024
0 points (50.0% liked)

Selfhosted

40219 readers
1048 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Win11 Pro on used lenovo thinkcentre

Docker Desktop

FileBrowser running at 7777:80 in Docker Desktop (7777 was chosen by me to preemptively avoid conflicts)

ATT Router with custom service "Filebrowser" global range 443, TCP, Host Port 443

(443 was chosen by me because I want the site to only be accessible if secure)

Custom firewall exception, tcp, local 7777, Host 443

Filebrowser login page accessible from localhost:7777

Filebrowser login page accessible from http://my_custom_duckdns_domain:7777

Not accessible from https:

Not accessible from external device.

Tried to run Win-Acme, failed.

Tried to run Caddy:

               "Error: loading initial config: loading new config: http app module: start: listening on :80: listen tcp :80: bind: An attempt was made to access a socket in a way forbidden by its access permissions."

caddy is not a docker image

I've been using ChatGPT to help me configure this stuff, it has not been going well. The AI can't remember what it tells me from one question to the next, so you end up in loop after loop of errors.

I ended up deleting the caddyfile because no configuration supplied by ChatGPT worked.

Can anyone help me get this going?

I'd really like to understand how to safely expose the fileserver, but nothing is working.

I already tried nextcloud, and though it looks pretty, the on-board office suite, which I want so you don't have to download a file to view it, will not function because Collabora won't download.

I do not claim to know what I am doing.

I dislike CLI, and Linux frustrates me to no end.

I'm open to any suggestions you all have.

all 10 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 10 months ago

I would advise you to remove the rule on your router and expose your services with cloudflared instead. It should get you started with securely hosting your websites. Then you can build up on this self-hosting knowledge and later decide if you want to manage this yourself.

[–] [email protected] 1 points 10 months ago (1 children)

When you tried caddy and received an error, that looks like you are getting the wrong image name.

Then you mentioned deleting caddyfile as the configuration didn’t work. But, if I am following correctly the caddyfile wouldn’t yet be relevant if the caddy container hadn’t actually ran.

Pulling from Caddys docs, you should just need to run

$ docker run -d -p 80:80 \
    -v $PWD/Caddyfile:/etc/caddy/Caddyfile \
    -v caddy_data:/data \
    caddy

Where $PWD is the current directory the terminal is currently in.

Further docs for then configuring for HTTPs you can find here under

Automatic TLS with the Caddy image

https://hub.docker.com/_/caddy

[–] [email protected] 1 points 10 months ago

I have not tried caddy through docker yet, just running it through a windows command line with admin priv. I'm looking into doing it with Docker, just haven't started yet.

I will remember how familiar you are with docker!

[–] [email protected] 1 points 10 months ago (1 children)

I'm not super familiar with docker so im sorry im not much help there but i noticed that you mentioned a ATnT router. Are you using them as an Internet provider?

If so, you might have a carrier grade nat which makes reverse proxy like this not possible even if you do get caddy server working. I had a similar situation with my jellyfin server.

I had caddy server working but when i moved and started using a mobile internet provider, i had to use a vpn tunnel like cloudflare or zerotier to get around it.

All this to say, id recommend finding that out so if that is the case you dont spend anymore time on caddy.

Good luck either way.

[–] [email protected] 1 points 10 months ago (1 children)

I'm betting you've nailed it. It doesn't make sense to me why it won't work. You're also the second one to mention cloudflared. It is easy to set up?

[–] [email protected] 1 points 10 months ago (2 children)

ATnT should be able to tell you for sure. I remember reading about another person facing a cgnat using ATnT on reddit while i still went there so it very well could be.

And fairly easy setup yea. I did mine using a windows pc for testing as i was kinda in between places at the time and thats what i ended up using for jellyfin as well. Just lives on my media pc at the moment. The docs are pretty straight forward.

I recommend that or zero tier which is even more dead simple. Both are good but cloudflare does care about how much bandwidth you're using so just bear that in mind if you think you'll use the server for anything else.

Both are vpn tunnels so either should work just fine.

https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/

https://www.zerotier.com/pricing/

Self hosting can get pretty overwhelming but i find that using docs in addition to youtube videos helps a lot. I also recommend giving Linux a go when you feel up to it. It can be a very nice option if you're working with older hardware.

[–] [email protected] 1 points 10 months ago

Oh I'm not calling those bastards at ATT- fuggin hate 'em

[–] [email protected] 1 points 10 months ago

I've been messing with Linux on and off since 2005. Anything beyond normie operations usually ends in frustration.

[–] [email protected] 1 points 10 months ago

Use Tailscale with the Funnel option.

It provides a fully encrypted connection for external devices that don't have the Tailscale client. Pretty impressive.

Similar to using Cloudflare tunnels but easier to setup.