Homelab – nocin.eu

Links

endoflife.date

April 18, 2025 April 18, 2025

Really handy site, to check the end of life date for different operating systems, frameworks and applications.

Homelab

[Homelab] Notes on “How To Run A Server At Home Without An IPv4 Address”

January 20, 2025 January 20, 2025

Since my domain provider does not support DynDNS, I can only create subdomains for my VPS with a static IP address, but not for any of my services hosted at home. Fortunately, there is a really cool workaround I’ve been using for some years, which I got from here: https://blog.wirelessmoves.com/2019/06/how-to-run-a-server-at-home-without-an-ipv4-address.html

Now with the migration to a new server running Ubuntu 24.04, I had to redo the steps and noticed three minor differences.

# The .ssh folder and authorized_keys file did not exist per default
mkdir .ssh
sudo nano .ssh/authorized_keys

# The systemd command to restart the ssh service
sudo systemctl restart ssh.service

# Insted of netstat I had to use 'ss' to monitor the tcp ports
watch -n 0.5 "ss -tulpn"

Since I’m really not a Linux or command line expert and would surely forget about it otherwise, I’m writing it down for my next server migration 🙂

Proxmox

[Proxmox] Proxmox VE Helper-Scripts

June 15, 2024 June 15, 2024

https://tteck.github.io/Proxmox

https://github.com/tteck/Proxmox

Nextcloud

[Nextcloud] Restrict access to your ONLYOFFICE Document Service to the users of your Nextcloud instance

October 22, 2019 October 22, 2019

Enable JWT token

Add a Token in you local.json file. If your running ONLYOFFICE on linux you will find the file here:

/etc/onlyoffice/documentserver/local.json

Set inbox, outbox and browser to true and add you token in the secret part for inbox, outbox and session. I just generated a random string via Bitwarden.

   "token": {
        "enable": {
          "request": {
            "inbox": true,
            "outbox": true
          },
          "browser": true
        },
        "inbox": {
          "header": "Authorization"
        },
        "outbox": {
          "header": "Authorization"
        }
      },
      "secret": {
        "inbox": {
          "string": "token_string"
        },
        "outbox": {
          "string": "token_string"
        },
        "session": {
          "string": "token_string"
        }

Save the file and run:

supervisorctl restart all

Go to your Nextcloud web interface, open your ONLYOFFICE App and add your token beneath your server url.

Configure IP Filter

Search in the following file for “ipfilter”:

/etc/onlyoffice/documentserver/default.json

Add you domain or IP to the IP rules. Disallow everything else. Use * as wildcard. Also set useforrequest to true.

"ipfilter": {
              "rules": [{"address": "url_or_ip", "allowed": true},
                        {"address": "*",         "allowed": false}],
              "useforrequest": true,
              "errorcode": 403
            },

Now run again:

supervisorctl restart all

And test if the service is reachable.

Docker, Nginx

[NGINX] Reverse Proxy

September 25, 2019 February 25, 2020

As I installed OnlyOffice to edit Word and Excel files directly from my Nextcloud, I had to setup a reverse proxy because OnlyOffice needs to run on a separate Server/Container and has to be reachable via https. First I tried to setup Nginx manually (way to complicated to handle in my opinion), then I tried Traefik (if you’re running a docker einvironment, I’m sure that’s a good solution) and in the end, I stuck with Nginx Proxy Manager. If you already have docker installed, this is by far the easiest way and also provides an awesome WebUI, where you can manage all your proxy hosts and SSL certificates.

The installation is done in just three simple steps: Set the port fowarding (80 and 443) in your router to your server/container, grab all the files in the doc/example/ folder and run