Server access behind Mobile network using ngrok or pagekite

v7

(Malcolm Warwick) #1

NethServer Version: 7.3
Module: Network
I have tried setting up both ngrok and pagekite and can get as far as seeing the default webpage from the Nethserver ok.

When I try to access either Nextcloud or Webtop I get an error message in the browser saying “too many redirects”.

I have looked through the documentation but wondering if any has successfully implemented this and could help please?


(Markus Neuberger) #2

Hello @Wozzagonebush,

I tried ngrok and came to the same result as you did. It seems that you are bound to a local http port, so server manager just won’t work. But you maybe could setup virtual hosts and use the hostname directive to use nextcloud, but that’s on the “paid plan”.
But I have a general question. Why do you need these services? Nethserver has a nice firewall with port forwarding, vpn, reverse proxy etc. and it is all secured by you and not a 3rd party…


(Malcolm Warwick) #3

Hi @mrmarkuz

Thank you for your reply.

The reason is my Internet service is delivered by Mobile Broadband and
as such the modem gets a 10.x.x.x WAN address which is NATed to a
192.168.x.x address on the LAN, so trying to access the public IP
address - even with a Dyn DNS service - can’t be done - or so I believe.

If you have another way of doing this I would love to hear it!


(Markus Neuberger) #4

I’d say it depends on your provider. I use 3 Hutchinson in Austria and they give me the possibility to get a public IP with open firewall(open internet):


(Malcolm Warwick) #5

I haven’t seen that offered in Australia by Optus but happy to be shown otherwise!


(Markus Neuberger) #6

Maybe this helps:

http://whirlpool.net.au/wiki/publicip


(Malcolm Warwick) #7

As I suspected:
“Optus
No public IP, NATted to a 10...* range.
Post-paid 4G”

So a working ngrok/pagekite solution is a must :slight_smile:


(Markus Neuberger) #8

OK, if a provider change isn’t possible…
What do you want to serve?
You can serve your own default page easily by creating a /var/www/html/index.html/php.
You may try copy a webapp directly to /var/www/html/
Some of the webapps run on specific ports or you can change them, this may work with ngrok http.
If you just want to manage Nethserver, what about open ssh by ngrok and manage via command line or text web browser like links?


(Malcolm Warwick) #9

I was hoping to build an externally accessible Nextcloud server.


(Markus Neuberger) #10

Hi @Wozzagonebush,

maybe this could be a solution for you.
Edit /etc/httpd/conf.d/nextcloud to put nextcloud to webroot, for making life of ngrok easier:

#Alias /nextcloud "/usr/share/nextcloud/"
Alias / "/usr/share/nextcloud/"

Add ngrok domains to the trusted domains in nextcloud, be careful as this allows all ngrok domains. If you have an own ngrok domain allow only yours.

'trusted_domains' =>
  array (
    0 => 'localhost',
    1 => 'server.cmb.local',
    2 => '192.168.1.11',
    3 => 'cloud.cmb.local',
    4 => '*.ngrok.io',
  ),

Then start ngrok

./ngrok http 80

and browse to your ngrox URL like https://RANDOM.ngrok.io

This is just a workaround, I don’t know if these changes will survive an update.
EDIT:
Some webapps will stop working with this workaround, like ocsreports, dl-transmission, webmail, phpmyadmin…and maybe more.


(Malcolm Warwick) #11

Thanks Markus I will give this a try.

Another thought I had was if I could stop Nextcloud redirecting http to https at the server than that might work, but I’m not sure how to do that?


(Markus Neuberger) #12

It doesn’t do that. Maybe your browser does. You can browse to “http://NS/nextcloud” and it will keep http but I think the problem of ngrok or pagekite is that they can’t manage rewriting.


(Malcolm Warwick) #13

Hmm.
When I browse to http://192.168.1.10 I get the Nethserver home page in http, but when I browse to http://192.168.1.10/nextcloud it comes up as https://192.168.1.10/nextcloud/index.php/login

I don’t think it is the browser as it happens on Chrome, Firefox and also in Safari on my iPad!

EDIT
Just found this reference to Owncloud https://stackoverflow.com/questions/15328619/how-to-disable-owncloud-https-redirect
but not sure how to implement :frowning:


(Markus Neuberger) #14

You are right. It may be working on my server because I turned off the redirect by adding a conf file with virtualhost *:80 to /etc/httpd/conf.d/

https://httpd.apache.org/docs/current/vhosts/examples.html

EDIT:

I also used this virtual host patch for Nextcloud:


(Malcolm Warwick) #15

Hi Markus

I’ve decided to install the server at a relative’s house who has a
public accessible IP address!

Thanks for all your help and if someone else reading this comes up with
a solution I would still be interested in seeing it :slight_smile:


(Markus Neuberger) #16

You’re welcome!

I think that’s the best and most secure solution.


(Malcolm Warwick) #17

For anyone following this thread, there is an app in next cloud called beame.io that looks promising.

I haven’t got it fully working yet but was able to access next cloud externally.


(Markus Neuberger) #18

Wow, beame.io does not work for me(not even SSH connection), but with ngrok I can login to nextcloud. Really strange.


(Malcolm Warwick) #19

I couldn’t get it working from within the Nextcloud app, I did it from the command line with:
beame-insta-ssl tunnel 127.0.0.1:443 https --fqdn xxxx.beame.io

I had to add xxxx.beame.io into trusted domains in config.php

I’ve tried a fresh install and installing from there but to no avail, so I’ve sent a message to the folks at beame.io so let’s see what that brings.