I’ve self hosted many things over the years but mainly Nextcloud and Home assistant. My current setup for Nextcloud is the Archive install method, behind a wWireguard VPN on a Debian server(with sadly outdated PHP packages).
However most of the natively installed software I host, for example a turn server, the database, redis etc is covered by the AIO setup, amongst other benefits like the High performance back end.
The only issue is the requirement for a domain name, a let’s encrypt cert and an open port 80. I really don’t require this behind a VPN. I’m really surprised this is not a more supported option.
Is anyone using AIO behind a VPN?
normally you would configure a reverse proxy to secure your apps and setup SSL
the AIO installation here assumes a domain https://github.com/nextcloud/all-in-one#nextcloud-all-in-one
if you don’t use a domain it’ll use a self-signed cert. many different ways to implement web security. the reverse proxy is documented and supported. https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
they mention a caddy/tailscale alternative which would be your “VPN Supported” configuration https://github.com/nextcloud/all-in-one/discussions/5439
Nice ! Thanks for the links , now this does point me in the right direction. Much appreciated.