to wiki

Signed-off-by: lll <2844835+flll@users.noreply.github.com>
2025-12-19 22:16:49 +00:00 · 2024-10-18 23:40:21 +09:00 · 2024-10-18 23:40:21 +09:00 · 42a39397e4
commit 42a39397e4
parent 17362bc234
1 changed files with 1 additions and 149 deletions
--- a/reverse-proxy.md
+++ b/reverse-proxy.md
@ -713,155 +713,7 @@ Add the following `web.config` file to the root of the site you created as the r

 <summary>click here to expand</summary>

-**Disclaimer:** It might be possible that the config below is not working 100% correctly, yet. Improvements to it are very welcome!
-
-This setup integrates Nextcloud All-in-One (AIO) with Tailscale, using Caddy as a reverse proxy. 
-Since Tailscale currently only allows communication with localhost(127.0.0.1), we use a sidecar with Caddy to communicate with AIO.
-
- Enhanced security with ACL usage within Tailnet
- ACME certificate issuance without port forwarding (Tailnet only)
- Possibility to expose Nextcloud externally using Tailscale's `serve.json` configuration (This document does not provide an example of `serve.json`)
-
-
-### 1. Set Environment Variables
-
-Set the following environment variables:
-
-```env
-TS_HOSTNAME=nextcloud # Hostname in Tailnet
-NC_DOMAIN=nextcloud.your-tailnet.ts.net # Format: {$TS_HOSTNAME}.{$tailnetdomain}.ts.net
-TS_AUTH_KEY=tskey-client-kXGGbs6CNTRL # OAuth client key recommended
-TS_EXTRA_ARGS=--advertise-tags=tag:nextcloud # For OAuth client key usage
-```
-
->[!NOTE]
-> Ensure NC_DOMAIN is in the correct format.
-> When using OAuth client key, set tags in TS_EXTRA_ARGS and define them in ACL.
->
-> For more detailed information, please refer to:
-> https://tailscale.com/blog/docker-tailscale-guide
-
-### 2. Configure Docker Compose File
-Create a compose.yml file with the following content. Replace environment variables as appropriate.
-
-#### compose.yml
-
-```yml
-services:
-  nextcloud-aio-mastercontainer:
-    image: nextcloud/all-in-one:latest
-    init: true
-    restart: always
-    container_name: nextcloud-aio-mastercontainer # This line cannot be changed.
-    volumes:
-      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-    networks:
-      - nextcloud-aio
-    ports:
-      - 0.0.0.0:8080:8080
-    environment:
-      APACHE_PORT: 11000
-      APACHE_IP_BINDING: 127.0.0.1
-      SKIP_DOMAIN_VALIDATION: true
-
-  caddy:
-    image: caddy:alpine
-    restart: unless-stopped
-    environment:
-      - NC_DOMAIN=nextcloud.your-tailnet.ts.net # Change this to your domain ending with .ts.net in the format {$TS_HOSTNAME}.{tailnetdomain}
-    volumes:
-      - type: bind
-        source: ./Caddyfile
-        target: /etc/caddy/Caddyfile
-      - type: volume
-        source: caddy_certs
-        target: /certs
-      - type: volume
-        source: caddy_data
-        target: /data
-      - type: volume
-        source: caddy_config
-        target: /config
-      - type: volume
-        source: tailscale_sock
-        target: /var/run/tailscale/ # Mount the volume for /var/run/tailscale/tailscale.sock
-        read_only: true
-    network_mode: service:tailscale
-
-  tailscale:
-    image: tailscale/tailscale:latest
-    environment:
-      - TS_HOSTNAME=nextcloud # Enter the hostname for your tailnet
-      - TS_AUTH_KEY=tskey-client-kXGGbs6CNTRL # OAuth client key recommended
-      - TS_EXTRA_ARGS=--advertise-tags=tag:nextcloud # Tags are required when using OAuth client
-    init: true
-    restart: unless-stopped
-    volumes:
-      - /dev/net/tun:/dev/net/tun
-      - type: volume
-        source: tailscale
-        target: /var/lib/tailscale
-      - type: volume
-        source: tailscale_sock
-        target: /tmp # Mounting the entire /tmp folder to access tailscale.sock
-    cap_add:
-      - NET_ADMIN
-      - NET_RAW
-    networks:
-      - nextcloud-aio
-
-volumes:
-  nextcloud_aio_mastercontainer:
-    name: nextcloud_aio_mastercontainer # This line cannot be changed.
-  caddy_certs:
-    name: caddy_certs
-  caddy_data:
-    name: caddy_data
-  caddy_config:
-    name: caddy_config
-  tailscale:
-    name: tailscale
-  tailscale_sock:
-    name: tailscale_sock
-
-networks:
-  nextcloud-aio:
-    name: nextcloud-aio
-    driver: bridge
-    enable_ipv6: false
-    driver_opts:
-      com.docker.network.driver.mtu: "9001" # Jumbo Frame
-      com.docker.network.bridge.host_binding_ipv4: "127.0.0.1" # Harden aio
-```
-
->[!IMPORTANT]
-> Make sure to replace `NC_DOMAIN`, `TS_HOSTNAME`, `TS_AUTH_KEY`, and `TS_EXTRA_ARGS` with your actual values before running the docker compose file.
-
-
-### 3. Create Caddyfile
-Create a Caddyfile in the current directory with the following content:
-
-#### Caddyfile
-
-```Caddyfile
-https://{$NC_DOMAIN}:443 {
-    reverse_proxy nextcloud-aio-apache:11000
-}
-```
-
->[!NOTE]
-> Do not manually replace the `{$NC_DOMAIN}` variable. It will be automatically populated with the value set in your environment variables.
-
-
-
-### 4. Set Up Nextcloud AIO
-1. Run `docker compose up -d`
-1. Connect to https://ip.address.of.server:8080/
-1. Enter the configured $NC_DOMAIN
-1. Provision Nextcloud
-1. Connect to `https://$NC_DOMAIN/` (e.g., https://nextcloud.your-tailnet.ts.net/)
-1. Setup complete!
+It's too long to write here, so please jump to **this guide:** https://github.com/nextcloud/all-in-one/discussions/5439

 </details>