I would like some ideas or suggestions as I am not sure how to continue with self hosting.

I want to self host images and caldav, maybe documents later as well. These would need to be continuously available to PC clients and Android. There would be a handful of users maximum.

The obvious (?) solution would be Nextcloud, which would do everything I need.

My problem is that I have only one public IP address and the HTTP and HTTPS ports are already in use by Apache.

The second problem is that I already use wireguard to another location, and Android cannot connect simultaneously to several wireguard endpoints. At least as far as I know.

Below, I list the approaches I have considered and the problems / drawbacks I see.

Please comment if I am wrong about something here.

At the moment I am looking at option 4.

Any comments are welcome!

Option 1. Nextcloud AIO publicly available through HTTPS

It needs the HTTP & HTTPS ports which are in use. Otherwise, this would be the go-to for me.

Option 2. Nextcloud AIO through wireguard

I would have to switch between two wireguard instances on Android. There would probably be continuous connection errors and sync problems on apps that try to connect to either location (nextcloud and davx5 for example).

Setup would be a bit compilated for me. AFAIK, I would have to set up a local DNS, self made certificates and a reverse proxy for the Apache server.

Setup would be complicated for all other users as well and require wireguard and manually installed certificates.

Option 3. Nextcloud AIO with tailscale

Setup complicated like #2 and then some?

I have no idea if it works while using the android wireguard app for the other connection I need.

Option 4. Radicale and Ente publicly available

As far as I know, these run on special ports that are not 80 or 443.

Server setup would be slightly complicated.

Client setup would be simple.

Document sync I would have to figure out later (maybe just syncthing or otter setup?).

  • diminou@lemmy.zipEnglish
    4·
    2 days ago

    In fact 80 and 443 refer to http and https, those are default ports.

    You can in fact use the ports you want for the service you want. I have multiple web services behind the ports 80 and 443, you need one service that is able to get the request at the correct port. This is the role of the reverse proxy.

    Apache can assume that role, you go to anything.yourdomain.com and apache will then redirect “anything” to the correct service (with the internal ip and port). So say you want to put nextcloud at 7777 you can tell docker to expose 7777 and redirect it to 443 on nextcloud.

    The chain is like that in the case : nextcloud.yourdomain.com > apache > nextcloud is at ip:7777 > redirect the request to 7777 > nextcloud homepage is shown

      • diminou@lemmy.zipEnglish
        3·
        1 day ago

        OK you are thinking at it the wrong way : 80 and 443 are the default ports for the web access of any web application.

        You are using docker with the nextcloud aio image. Which mean, you are deploying a docker container which contain the web application.

        What you are doing is using arbitrary ports for the container. This could be 7777. Then, this is redirected to 443 inside the container, to the web application.

        This is why you can actually use any port you want for your container. You are not really switching the port for nextcloud, only for the container.

        This is why I suggested doing 444:443 in the docker-compose.yml file: you are exposing 444 to the container, to 443 inside the container.

        And this is why you can actually use any ports for every web app you are going to host : apache will redirect to the port you want to the container, a’d docker will redirect inside the container to either 80 or 443 (or anything else needed for that web application).

        • passenger@sopuli.xyzOPEnglish
          1·
          1 day ago

          Thank you for all the explanations! So I just need a second domain and apache will redirect 443 from that domain to 7777. The docker part I understood but having two apps on 443 on different domains but one machine is what was new to me.

          • diminou@lemmy.zipEnglish
            1·
            1 day ago

            You could probably go for nextcloud.yourdomain.ddns.org, but I can’t guarantee that since I have no experience with ddns.org.

            There is a lot of cheap registrars, I’ll let you check and select the one you want if you need a second domain.

            Basically docker let you setup multiple (fake) computers inside your computer. For those that want to correct this, I know. But I’m trying to explain the top view here.

            So, your computer (host) is hosting multiple containers, each containers will have there set of available ports. And as stated earlier each container will have an application that may or may not need to expose ports. But since each have their own ports you can have hundreds of containers using the port 80 INSIDE the container, an using 8100 to 8200 OUTSIDE the container (on your host). The only real limit would be the amount of ports available (somewhere along the lines of 65535).

            There. Now go have fun and read up on docker and reverse proxy! Don’t forget to use ssl on your nextcloud instance since it’ll be facing the internet! And… Have fun! :-)