Build a Nextcloud private cloud disk from scratch and achieve remote access through intranet penetration

Language 2023-12-16 17:39:44 views: null

Article directory

Summary

Nextcloud, which is a fork of ownCloud, is a file sharing server that allows you to store personal content such as documents and pictures in a centralized location, much like Dropbox. The difference with Nextcloud is that all its features are open source. It also returns control and security of sensitive data to you, eliminating the use of third-party cloud hosting services.

In this tutorial, we will install and configure a Nextcloud instance on an Ubuntu server.

We will install Nextcloud using the Snap packaging system. This packaging system, available by default on Ubuntu 22.04, allows organizations to release software in a self-contained unit with automatic updates, along with all associated dependencies and configuration. This means that we can install the snap package, automatically handle the underlying system, eliminating the need to configure the web and database servers, then configure the Nextcloud application to run on it, download the Nextcloud snap package and install it on the system.

1. Environment setup

Install snap

 sudo apt-get install snapd

20230227161001

sudo apt-get install snapcraft

20230227161002
Install NextCloud

sudo snap install nextcloud

20230227161003
Confirm that the installation process was successful by listing changes related to the snapshot

snap changes nextcloud

20230227161004

Then start nextcloud using

启动: sudo snap start nextcloud
停止: sudo snap stop nextcloud

2. Test LAN access

Open the browser and use the LAN IP address to access it. The nextcloud interface appears to indicate success. Note that the first installation requires creating and setting an administrator account, username and password. Once the settings are completed, click Install.

20230227161005

After successful installation, you can access it normally

20230227161006

3. Intranet penetration

Since this nextcloud can currently only be accessed locally, in order to make it accessible remotely, we need to publish the settings and change the service to the public network. Here we can achieve this through the cpolar intranet penetration tool, which supports the http/https/tcp protocol. It does not require a public IP address or a router. It can easily publish local sites to the public network for remote access.

3.1 Install cpolar locally on ubuntu

cpolar官网:https://www.cpolar.com/

  • cpolar installation (for domestic use)
curl -L https://www.cpolar.com/static/downloads/install-release-cpolar.sh | sudo bash
  • Or cpolar short link installation method: (for foreign use)
curl -sL https://git.io/cpolar | sudo bash
  • Check the version number. If the version number is displayed normally, the installation is successful.
cpolar version
  • token authentication

Log in to the cpolar official website backend, click Verify on the left, check your authentication token, and then paste the token in the command line

cpolar authtoken xxxxxxx

Insert image description here

  • Simple penetration test, if the corresponding public network address is generated normally, the penetration is successful.
cpolar http 8080

Press ctrl+c to exit

  • Add services to the system
sudo systemctl enable cpolar
  • Start cpolar service
sudo systemctl start cpolar
  • Check service status
sudo systemctl status cpolar

Insert image description here

3.2 Create tunnel

After cpolar is successfully installed, access the 9200 port of the local or LAN IP on the browser, and use the cpolar email account to log in to the cpolar web UI management interface.
20230227161007

Click Tunnel Management on the left dashboard - Create Tunnel:

  • Tunnel name: Customizable, be careful not to repeat it
  • Protocol: http
  • Local address: 80
  • Port type: random domain name
  • Region: China vip

Click Create

20230227161008

After the tunnel is successfully created, click Status on the left - Online Tunnel List. You can see that the tunnel just created has generated a corresponding public network address. Copy it and test access.
20230227161009

3.3 Test public network access

Open the browser and access the public network address you just copied. The following message appears: Accessed through an untrusted domain name. This problem is that nextcloud restricts access and only supports LAN IP access.

20230227161010

Solution, add access method:*.*.*.*, indicating no restriction on access method

sudo nextcloud.occ config:system:set trusted_domains 1 --value=*.*.*.*

20230227161011
Then restart nextcloud

sudo snap restart nextcloud

Then use the public network address to access again
20230227161012

4 Configure a fixed http public network address

Since the tunnel created above selects a random domain name, the generated public network address will change randomly within 24 hours, which is more inconvenient for long-term access. However, we can configure a fixed second-level subdomain name for access, and the address will not change randomly.

Note: The function of configuring fixed second-level subdomain names requires upgrading to the Basic Edition package or above to be supported.

4.1 Reserve a second-level subdomain name

Log in to the cpolar official website backend, click Reserve on the left, and find the reserved second-level subdomain name:

  • Region: Select China VIP
  • Second-level domain name: can be customized
  • Description: Notes, which can be customized

Click Reserve
20230227161014
It will prompt that the subdomain name is reserved successfully and copy the reserved second-level subdomain name
20230227161015

4.1 Configure a fixed second-level subdomain name

Access the local port 9200 to log in to the cpolar web UI management interface, click Tunnel Management - Tunnel List on the left dashboard, find the tunnel you want to configure, and click Edit on the right

20230227161016

Modify the tunnel information and configure the successfully reserved second-level subdomain name into the tunnel.

  • Domain name type: Select a second-level subdomain name
  • Sub Domain: Fill in the second-level subdomain name that has been successfully reserved. This example is: nextcloudwbsite

Click Update
20230227161017
It will prompt that the tunnel update is successful. Click the status on the left dashboard - Online Tunnel List. You can see that the public network address has been updated to the second-level subdomain name that has been successfully reserved. , copy it.
20230227161018

4.3 Test access to the fixed second-level subdomain name of the public network

We can use any browser and enter the public fixed second-level subdomain name we just configured successfully to see our nextcloud, and the address will no longer change randomly.
20230227161019

Guess you like

Origin blog.csdn.net/Tiam_cr/article/details/134224947
Recommended
Ranking
vue project automated build tools 1.0, support for multi-page build
JDBC add, update, delete data
SpringCloud combat service in response to the decline tutorial series (Chapter IV)
A segmentation fault (core dumped) error occurs when C+11 compiles and calls the PCL library
Django achieve websocket
Go语言并发之道--笔记1
Three-tier structure and application
Zhejiang data structure after-school exercise practice two 7-2 Reversing Linked List (25 points)
Front-end interview brushing day9 (updated daily high-frequency inspection points for front-end interviews)
The difference between the shell of the single and double quote
Daily
More
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)

Code World

© 2018 codetd.com