Posts by Morlan

    Why? Can you show me a vulnerability for patch openssh with password auth disabled? Adding a vpn is just another step. Plus, I'm not allowed to use vpn clients on my computers at work. So, if I want to login to my system at home to fix something, I just need putty. If you need to access more than ssh, vpn is the right way to go. But for just ssh, vpn is not needed on a properly setup system. I've had ssh exposed to the internet for almost 20 years and never had an issue.

    I agree. It depends on the use case and the environment you are working in

    Essentially, your config folder and data folder are in the same directory (yes you used a subdirectory... but that is the only difference between yours and mine)


    Put your Data directory in another directory, rather than a subdirectory of config.

    That's not it. I use this folder structure without any problems.


    Your config.php is missing a , at the end of this line:

    1 => 'nextcloud.xxxxxx.duckdns.org'

    Not sure if that changes anything.


    Your swag container works. Thats confirmed by the successful certs.

    Please post your nextcloud.subdomain.conf

    Maybe this is a useful if you want to juggle different networks in a compose file:


    Inspired by this thread I continued a project, which I had on my list for some time now. I wanted to put all my docker containers into a single docker-compose file. Just for inspiration these are my docker-compose.yml and my .env. All I need to do is run a docker-compose up -d in the folder containing both files.


    Code: .env
    UID=1000
    GID=100
    TZ=Europe/Berlin
    APPDIR=/srv/dev-disk-by-label-ssd/appdata
    BACKUPDIR=/srv/dev-disk-by-label-ssd/backup
    SYNCDIR=/srv/dev-disk-by-label-ssd/sync
    RESTART=unless-stopped

    Your post suggests that you use different docker-compose.yml files for swag and Nextcloud. This won’t work because the guide relies on the fact that container in a joined docker-compose file will be added in a docker network, which is required for docker internal dns resolution.


    Does the swag container get the certs?


    Line 23 under swag is optional? I don't think that

    It’s only necessary to expose port 80 of the swag container if using validation=http