LinuxServer.io
How to enable LAN only access to Nextcloud configured as a subfolder app in SWAG? #57
-
|
Hi, I have Nextcloud and another application configured as subfolder applications, e.g. mydomain.ddns.me/nextcloud. The host is a PC running Libreelec using the Linuxserver addons for SWAG and Nextcloud. Originally, Nextcloud and the second application were configured with WAN access in mind, but I have since decided to restrict them to access from the LAN only. For the second application, this was done by renaming the *.subfolder.conf file. For Nextcloud, this did not seem to work as (I think) Nextcloud was configured / enabled for HTTPS access. I've tried using this solution; allow 192.168.1.0/24; #<---Enter your LAN subnet here in the nginx/proxy-confs/nextcloud.subfolder.conf file and then the nginx/site-confs/default.conf file. But no joy. With the subnet limitation, I lose LAN and WAN access to both applications and the "Welcome to your SWAG instance" root page. In hindsight is this correct? I ask as I am worried about the SSL certificate not renewing. Is there an approach to limit Nextcloud access to LAN users? Thanks in advance. |
Beta Was this translation helpful? Give feedback.
Replies: 4 comments 1 reply
-
|
if you lose lan access with your allow statement, that's either not your lan's subnet or there is something wrong with your network. What you did is correct for a lan only setup (though you could also just NOT create a public DNS record for nextcloud and only have an internal dns record for it) having https doesnt dictate whether you are publicly accessible or not. |
Beta Was this translation helpful? Give feedback.
-
|
Hi drizuid, Thanks for your prompt response. I'll take another look at the 'allow' subnet config. Which is the appropriate file for this config? I ask, as I do not have a server block statement config in my nextcloud.subfolder.conf file? nextcloud.subfolder.conf.txt - .txt suffix added for the purpose of uploading. Thanks. |
Beta Was this translation helpful? Give feedback.
-
|
if you put allow and block in nextcloud.subfolder.conf it will affect the location you place it in for that particular subfolder. https://nginx.org/en/docs/http/ngx_http_access_module.html if you think it's what is blocking you, just check access.log in the swag nginx logs |
Beta Was this translation helpful? Give feedback.
-
|
Hi drizuid, Thanks. As you suggested, by adding the allow and deny config to the nextcloud.subfolder.conf file WAN blocking is now working. Superb stuff. Much appreciated. Regards |
Beta Was this translation helpful? Give feedback.
-
|
Resolved |
Beta Was this translation helpful? Give feedback.
if you put allow and block in nextcloud.subfolder.conf it will affect the location you place it in for that particular subfolder.
https://nginx.org/en/docs/http/ngx_http_access_module.html
if you think it's what is blocking you, just check access.log in the swag nginx logs