0

Enthusiastic home user and perpetual student of Linux (Ubuntu).

Got a Raspberry Pi. Until recently, I had FTTC with UK Virgin Media. Was using NAT port forwarding 80 443 to make Pi available on my dynamic IPv4 address. DDNS running on the Pi kept it available regardless of IPv4 address. Pi hosts a snap install of NextCloud on Ubuntu Server 22.04 Raspberry Pi edition.

New scenario, FTTP 500/500mbps. IPv6 static addresses, and IPv4 behind CGNAT (what an abomination) so on IPv4, no routing, no inbound connections.

DNS updated, AAAA record points at new address.

Raspberry Pi available on IPv6 from anywhere with IPv6. UK Virgin Media do not support IPv6. Nor does my cell provider Three UK and many other cell providers. Friends, family, me when I'm at work, can't access due to IPv4 only ISPs.

To fix, had a brainwave. Been playing with NginX reverse proxy last month, for other reasons. On my VS hosted by OVH with Ubuntu 22.04, I set up an NginX reverse proxy to a new subdomain, pointing at home subdomain, linking an ipv6 device to ipv4. Server block (NginX config file) as follows, my domain exchanged for example.co.uk

server {
    server_name ip4nc.example.co.uk;
    location / {
        proxy_pass https://nc.example.co.uk;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/ip4nc.example.co.uk/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/ip4nc.example.co.uk/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
    if ($host = ip4nc.example.co.uk) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    server_name ip4nc.example.co.uk;
    return 404; # managed by Certbot

But now the following: takes ages, absolutely ages, for page to load. When it does, can download nice and fast, but can't upload, looks to work but the NextCloud interface says error as the transfer reaches end-of-file.

Have tried adding new domain ip4nc.example.co.uk as trusted to the nextcloud config.php file (you can edit it in the snap) but not tried the IPv4 or v6, might be next thing to try.

Any other pointers, greatly appreciated.

Improve this question
3
  • How about this: install wireguard, create a tunnel from your home network to your VPS that you use "in reverse" to access your LAN? This could help you get around CGNAT Commented Aug 25, 2022 at 14:28
  • I was drawn to NGinX for its ability to reverse-proxy different types of sites by domain name, webapps hosted by docker, snap or apache, local or remote and all through ports 80 and 443. Is this is achievable with wireguard between the Pi and the VPS? Commented Aug 25, 2022 at 20:49
  • You could still use the nginx from the tunnel, but technically, it wouldn't be required anymore. Commented Aug 26, 2022 at 13:01

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.