Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Home server setup

    Discuss
    install blog
    7
    21
    1667
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • girish
      girish Staff last edited by girish

      I wrote blog post on how to setup Cloudron on a home server - https://cloudron.io/blog/2018-04-13-home-server.html .

      It's nice to have this documented once and for all since I have repeated this many times 🙂 Let me know if I missed something.

      Happy to answer any questions!

      1 Reply Last reply Reply Quote 8
      • edapm
        edapm last edited by

        Hi @girish, this is a great post (from a couple of years ago!)
        So would it be safe to install Cloudron on a vanilla install, no firewalls preconfigured or anything?

        nebulon 1 Reply Last reply Reply Quote 0
        • robi
          robi last edited by

          does it need any updates for 2021?

          Life of Advanced Technology

          1 Reply Last reply Reply Quote 0
          • nebulon
            nebulon Staff @edapm last edited by

            @edapm yes Cloudron will work great on a home server setup. Both @girish and I are using that for our personal Cloudron. I guess we should update that blog post, but generally nothing really has changed to impact that.

            1 Reply Last reply Reply Quote 2
            • humptydumpty
              humptydumpty last edited by humptydumpty

              @staff Is this still good in 2022? I'm running into issues with setting up my own "home server" and I want to make sure the guide is accurate. Thanks!

              Edit: my main problems are:

              1- when I google what's my ip, I get a ipv6 address but if I use a website to locate my ip, it shows an ipv4.
              2- can't see my server ip in the router gui so I can't assign a static ip to it or attach port 443 to it.
              3- i added a passphrase to encrypt the disk when installing ubuntu server 20.04. I think that might be problematic down the road after I fix the ip issues.

              nebulon 1 Reply Last reply Reply Quote 0
              • nebulon
                nebulon Staff @humptydumpty last edited by

                @humptydumpty generally home server setups work fine with some caveats.
                In your case you have to have a router which allows portforwarding as well as a real ipv4.
                Some providers only give a fake/shared ipv4 over ipv6, which does not work for incoming connections to your home over ipv4.

                humptydumpty 1 Reply Last reply Reply Quote 1
                • humptydumpty
                  humptydumpty @nebulon last edited by humptydumpty

                  @nebulon I was able to get to my dashboard through the my.domain.com but the installed apps wouldn't load. I'm guessing I hit the problem you mentioned earlier. I was able to attach/open ports 443 & 80 (HTTP, HTTPS) in my router. Then, I noticed the following in the blog post:

                  Remember to port forward TCP ports from the router to the server when using non-HTTP(S) ports. For example, you might have to forward SSH ports for git to work when using Gogs, Gitea & GitLab.
                  

                  The two apps I tried were Wekan and Uptime Kuma. I'm guessing there are other ports I need to open. If not, then I need to replace AT&T's router with a third party. I got a headache... shutting "my server" off for now 😧

                  nebulon 1 Reply Last reply Reply Quote 0
                  • nebulon
                    nebulon Staff @humptydumpty last edited by

                    @humptydumpty both mentioned apps do not use any further ports. So if you can reach your dashboard, the portforwarding is fine for those, as dashboard and apps are handled through the same reverse proxy on your Cloudron. Did you maybe see a certifcate issue or what exactly was the behavior when trying to open the apps?

                    humptydumpty 1 Reply Last reply Reply Quote 0
                    • humptydumpty
                      humptydumpty @nebulon last edited by

                      @nebulon No certificate issue. The dashboard cert has a valid date, no broken shield or error msg, and it's issued by Let's Encrypt. However, even the dashboard took its time initially to get the cert from LE. Afterwards, loading the apps page, settings, installing an app, etc., were all sluggish and would hang before working again.

                      I also noticed that when installing the apps, I would get the "cloudron is offline message" for 1-2 seconds and then it comes back online and finishes the app installs. Once installed, if I click on the app, it keeps "spinning" and never loads anything.

                      I'm running the server on an older laptop (i5 5th gen, 8gb ram, 120gb ssd). It shouldn't be a hardware thing.

                      Is there anything I need to do directly with my ISP? Perhaps they're blocking/limiting traffic?
                      BTW, when I said home server, it's actually at my office so the internet is on a business plan with an AT&T provided modem/router all-in-one unit. Currently, I have it shutdown and I closed off the ports on the router so I can't run any troubleshooting or provide the domain link to you.

                      nebulon 1 Reply Last reply Reply Quote 0
                      • nebulon
                        nebulon Staff @humptydumpty last edited by

                        @humptydumpty I have no experience with US AT&T connections. If you see Cloudron offline messages in the dashboard, can you check what the browser shows in the network inspector regarding the responses? Also check the server logs at /home/yellowtent/platoformdata/logs/box.log and check if it keeps restarting.

                        humptydumpty 2 Replies Last reply Reply Quote 1
                        • humptydumpty
                          humptydumpty @nebulon last edited by

                          @nebulon I'll do that today. I forgot to mention that I didn't notice the laptop restarting at any point.

                          1 Reply Last reply Reply Quote 0
                          • humptydumpty
                            humptydumpty @nebulon last edited by

                            @nebulon I sent you a DM with the sensitive stuff but since I can't attach images there here's some I wanted to share.

                            f4edc103-92ca-47ac-ba2d-230265433fd1-image.png

                            fdd7e16d-f599-4375-8566-f787e4a95fd9-image.png

                            Do I need to change anything here?

                            I opened ports 443, 80, 20/21, 22 so far.

                            nebulon 1 Reply Last reply Reply Quote 0
                            • nebulon
                              nebulon Staff @humptydumpty last edited by

                              @humptydumpty this looks good, I also replied to your DM that I can reach the app in question just fine.

                              humptydumpty 1 Reply Last reply Reply Quote 1
                              • humptydumpty
                                humptydumpty @nebulon last edited by

                                @nebulon Yes, I'm able to access it too now. I left it all as-is from yesterday so I don't know what changed. Anyway, it's awesome that I now have my own "home" work server. The main purpose of having one is to have Uptime Kuma to monitor my main VPS while repurposing an unused laptop. Mission accomplished!

                                One last question though, is it safe to leave SSH, FTP, and SMTP ports open on the router?

                                mehdi 1 Reply Last reply Reply Quote 0
                                • mehdi
                                  mehdi App Dev @humptydumpty last edited by

                                  @humptydumpty it's probably just time for DNS propagation : your may have tried the app domain locally before it was registered, so your local machine or DNS server cached the non-existing result, which led to failures even after it was registered.

                                  About the ports, there shouldn't be a problem. (FTP port ? I don't remember anything about this one though. Why is there an FTP ?)

                                  If you want to be extra-safe, you can redirect the SSH port to another non-standard external port on the router, to avoid most basic scan tools

                                  humptydumpty 1 Reply Last reply Reply Quote 2
                                  • humptydumpty
                                    humptydumpty @mehdi last edited by

                                    @mehdi Noted. Thank you!

                                    1 Reply Last reply Reply Quote 0
                                    • ?
                                      A Former User last edited by

                                      IMO this is the best way to have a cloudron instance running. The instructions shouldn't really vary much outside of:

                                      1. Static IPv4
                                      2. Port forwarding
                                      3. Knowing how to install Ubuntu

                                      At the end of the day a VPS is just a VM (or bare metal computer) running on a server elsewhere.

                                      One suggestion that might trip people up is making sure your ISP supports specific ports. Most don't block ports (in Canada) but I know that residential Telus plans here block SMTP and IMAP ports unless you get a business plan. Generally speaking though you can go through fewer hoops getting mail working directly from cloudron instead of relying on something like Sendgrid, which for me kind of defeats the purpose of self hosting to begin with.

                                      humptydumpty 1 Reply Last reply Reply Quote 3
                                      • humptydumpty
                                        humptydumpty @Guest last edited by humptydumpty

                                        @atridad said in Home server setup:

                                        One suggestion that might trip people up is making sure your ISP supports specific ports.

                                        This was/is my biggest concern. I wish the guide went into more depth on which ports are needed for which services/apps and what is the job of each is. I know most of the folks on here see Cloudron as a place for "devs" but I see it as a "THE" place for the not-so-tech savvy, so having the simplest of things like port #'s explained in layman's terms is greatly appreciated!

                                        As for the IP, I think I have a fake/shared ipv4 over ipv6 according to the results I got online but it's working regardless. Maybe this new addition had something to do with it: https://forum.cloudron.io/topic/6277/ipv6-support-on-cloudron-io?_=1641421150213

                                        I want to thank the Cloudron team, app devs, and the entire community on here for creating such an amazing service and knowledge hub that I believe is key to help us noobs make the switch from big tech. THANK YOU!

                                        ? 2 Replies Last reply Reply Quote 2
                                        • ?
                                          A Former User @humptydumpty last edited by

                                          @humptydumpty Oh this part of their docs has the important ports: https://docs.cloudron.io/security/#inbound-ports

                                          This obviously doesn't apply to specific apps (minecraft, for example) but yeah.

                                          1 Reply Last reply Reply Quote 2
                                          • ?
                                            A Former User @humptydumpty last edited by

                                            @humptydumpty Also if you're using the built in mail server, make sure you can contact your ISP and get them to change the PTR record for your IP to your SMTP server address (default: my.<domain>.<tld>

                                            humptydumpty 1 Reply Last reply Reply Quote 1
                                            • humptydumpty
                                              humptydumpty @Guest last edited by humptydumpty

                                              @atridad I configured it to work with my existing Mailgun account as I didn't want to deal with my ISP. I had issues with them in the past regarding simpler things like billing Q's and plan changes.. imagine the horror if I ask about technical stuff 😂

                                              For a future project, I'm going to try to run a CR home server on a residential internet plan with SPECTRUM/TIME WARNER. North American residents will understand the struggle lol.

                                              1 Reply Last reply Reply Quote 0
                                              • First post
                                                Last post
                                              Powered by NodeBB