Article directory
Summary
Nextcloud, which is a fork of ownCloud, is a file sharing server that allows you to store personal content such as documents and pictures in a centralized location, just like Dropbox. The difference with Nextcloud is that all its functions are open source. It also returns control and security of sensitive data to you, eliminating the use of third-party cloud hosting services.
In this tutorial, we will install and configure a Nextcloud instance on an Ubuntu server.
We will install Nextcloud using the Snap packaging system. This packaging system, available by default on Ubuntu 22.04, allows organizations to release software, along with all associated dependencies and configurations, in a self-contained unit with automatic updates. This means, we can install snap packages and handle the underlying system automatically, eliminating the need to configure web and database servers, then configure the Nextcloud application to run on them, download the Nextcloud snap package and install it on the system.
1. Environment construction
install snap
sudo apt-get install snapd
sudo apt-get install snapcraft
Install NextCloud
sudo snap install nextcloud
Confirm the success of the installation process by listing the changes related to the snapshot
snap changes nextcloud
Then start nextcloud with
启动: sudo snap start nextcloud
停止: sudo snap stop nextcloud
2. Test LAN access
Open the browser, use the LAN ip address to access, and the nextcloud interface will appear to indicate success. Note that the first installation needs to create and set an administrator account, user name and password. After the setting is complete, click Install
Normal access after successful installation
3. Intranet penetration
Since this nextcloud can only be accessed locally at present, in order to make it accessible remotely, we need to publish the settings and change the service to the public network. Here we can use the cpolar internal network penetration tool to achieve it. It supports http/https/tcp protocol, does not need a public network IP, and does not need to set up a router. It can easily publish the local site to the public network for remote access.
3.1 Install cpolar locally on ubuntu
cpolar official website: https://www.cpolar.com/
- cpolar installation (domestic use)
curl -L https://www.cpolar.com/static/downloads/install-release-cpolar.sh | sudo bash
- Or cpolar short link installation method: (for foreign use)
curl -sL https://git.io/cpolar | sudo bash
- Check the version number, if the version number is displayed normally, the installation is successful
cpolar version
- token authentication
Log in to the background of the cpolar official website, click the verification on the left to view your authentication token, and then paste the token in the command line
cpolar authtoken xxxxxxx
- Simple penetration test, if the corresponding public network address is normally generated, the penetration is successful
cpolar http 8080
Press ctrl+c to exit
- Add a service to the system
sudo systemctl enable cpolar
- Start the cpolar service
sudo systemctl start cpolar
- View service status
sudo systemctl status cpolar
3.2 Create a tunnel
After cpolar is installed successfully, visit the port 9200 of the local or LAN ip on the browser, and use the cpolar email account to log in to the cpolar web UI management interface.
Click Tunnel Management on the left dashboard - Create Tunnel:
- Tunnel name: customizable, be careful not to repeat
- protocol: http
- Local address: 80
- Port type: random domain name
- Region: China VIP
click create
After the tunnel is successfully created, click on the status on the left - online tunnel list, you can see that the tunnel just created has generated a corresponding public network address, copy it, and then test access.
3.3 Test public network access
Open the browser to access the public network address just copied, and the following message appears: access through an untrusted domain name. The problem is that nextcloud restricts the way of access, and only supports LAN ip access
Solution, add the access method: *.*.*.*, which means that the access method is not restricted
sudo nextcloud.occ config:system:set trusted_domains 1 --value=*.*.*.*
Then restart nextcloud
sudo snap restart nextcloud
Then use the public network address to access again
4 Configure a fixed http public network address
Since the tunnel created above selects a random domain name, the generated public network address will change randomly within 24 hours, which is inconvenient for long-term access. However, we can configure a fixed second-level subdomain name for access, and changing the address will not change randomly.
Note: The function of configuring a fixed second-level subdomain name needs to be upgraded to the basic version package or above to support it.
4.1 Reserve a second-level subdomain
Log in to the background of the cpolar official website, click Reserved on the left, and find the reserved second-level subdomain name:
- Region: Select China VIP
- Second-level domain name: can be customized
- Description: Remarks, which can be customized
Click Reserve
to indicate that the subdomain name has been successfully reserved, and copy the reserved second-level subdomain name
4.1 Configure a fixed second-level subdomain name
Access the local port 9200 to log in to the cpolar web UI management interface, click the tunnel management on the left dashboard - tunnel list, find the tunnel to be configured, and click edit on the right
Modify the tunnel information, and configure the successfully reserved second-level subdomain name into the tunnel
- Domain name type: select a second-level subdomain name
- Sub Domain: Fill in the reserved second-level sub-domain name, in this example: nextcloudwbsite
Click Update
to prompt that the tunnel is updated successfully. Click the status on the left dashboard - online tunnel list, you can see that the public network address has been updated to the second-level subdomain name that has been successfully reserved, and copy it.
4.3 Test access to public network fixed second-level subdomain
We use any browser to enter the fixed second-level subdomain name of the public network that has just been successfully configured to see our nextcloud, and the address will no longer change randomly.
