Nextcloud on two (or more) domains

Don_Robertson · September 28, 2020, 10:28pm

Greetings,
Just wondering if this is the best way to do things or if there is another way, and if I have left gaping security holes in my system

I have Nethserver installed at home, and have set up a duckdns dynamic domain name to point to it. I have Nextcloud installed on a subdomain on the server. I’m also using the most excellent Password Manager, and LetsEncrypt certificates. ie - freeloading as much as possible.

I also have a domain hosted at an ISP, and use cpanel to manage the domain entries and web site.

My problem is that our library and a couple of other places won’t allow https access to dynamic domain names while using their WiFi. So I cannot access Nextcloud with my laptop at certain places. Which means I cannot log into anything using a password.

(The odd thing is they think it is a security risk to access my sites on my computer, but I can use their computers to access the sites with no problem. But I digress)

What I have done is to set up cname records on my hosted domain that point to my duckdns domain. eg, intranet.robertson.net.nz points to intranet.rnet.duckdns.org.

I’ve added the relevant sub-domains to my LetsEncrypt certificates, and to the Virtual Host Names in the Virtual Host setup page in the Web Server application.

And for these sub-domains, all is good - if a little worrying that I can just redirect a domain to another domain and generate a valid certificate so easily. But I digress.

The important thing is they were working from within the firewalled networks.

That’s fine for those sub-domains, but Nextcloud does not use the Web Server application to manage the sub domain it is on.

So I logged into Nethserver with ssh, went to /etc/httpd/conf.d/ and copied the zz_nextcloud.conf to zz_nextcloud_robertson.conf, changed the domain name to the hosted domain, and added the hosted domain to the Allowed Domains in the Nextcloud application set up. Then restarted the web server.

I have yet to test to see if this works from the firewalled network, but it is working using the data network from my phone.

So - questions.

Is this a good thing to be doing? Is it the best way get around dynamic domain names being blocked? And finally, is there a way to configure the Nextcloud domain without having to go and ssh in and copy and edit the config file?. This won’t be regenerated from the template while being updated, for one thing.

Anyway - thoughts?

Cheers
Don

Andy_Wismer · September 29, 2020, 4:36am

@Don_Robertson

Hi Don

I’m also using DuckDNS for my Home Assistant, and my own Domain as CNAME pointing to DynDNS (I have a pro subscription there). My Provider in Switzerland does not offer a static IP, so I have to use dynamic.

But for Nextcloud, you should add the name of the domain in Cockpit, under Software -> Nextcloud -> Settings.

My 2 cents
Andy

Don_Robertson · October 2, 2020, 6:04am

I have a lot of stuff set up using the duckdns domain name, so don’t want to to change that setting.

I guess I will run both and move stuff over as I go.