Connect from the Internet

leonklingele-work edited this page Sep 25, 2017 · 13 revisions

For the Spreedbox to be reachable from the Internet, a public hostname is required. If you have a static IP address, you can register a domain and have it point to your IP. Otherwise, a dynamic DNS provider can be used to register a subdomain that gets updated to resolve to the currently active IP.

DNS or Dynamic DNS

Some routers support dynamic DNS providers directly, see the documentation or web interface of your Internet router to set this up. If you want the Spreedbox to handle dynamic DNS, follow the Dynamic DNS Howto for Ubuntu.

Setup port forwarding

If the Spreedbox is not connected directly to the Internet, the router and/or firewall must be configured to forward ports 80 (http), 443 (https), 3478 (TURN), 5222 (Instant Messaging) and 5269 (Federated Instant Messaging) to the internal IP of the Spreedbox.

See Run webserver on custom ports on how the ports used by the Spreedbox can be changed.

Trusted domains configuration

For security reasons, the Spreedbox allows only requests to "trusted" domains. Internal hostnames are trusted automatically, all external hostname(s) must be added to the file /etc/nextcloud/additional_trusted_domains.conf. Enter one hostname per line, all blank lines and lines starting with # are ignored.

You will need to connect to the Spreedbox via SSH, see Enable SSH if you have not already enabled SSH. Connect to the Spreedbox via SSH and using a text editor edit the /etc/nextcloud/additional_trusted_domains.conf and add your hostname to the file. Then save the file and run sudo spreedbox-update-trusted-domains.

Check access

You should now be able to access your Spreedbox from the Internet using the hostname you have chosen with the DNS provider. If you use the Spreedbox automatically generated SSL certificate, your browser will show a security warning as the SSL certificate is not valid for the new hostname you have just added. You can accept the certificate warning and continue. As a next step, you can generate a Let's Encrypt certificate to get a fully valid SSL certificate for your Spreedbox for free.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.