Hey all, I’d love some more eyes on this problem I’ve been having.

Context:

• I’m behind a CGNAT.
• I have a domain
• I have VPN with a dedicated IP
• My DNS records are pointed at that dedicated IP
• I have a TP_Link A8 Router, and a Surfboard DOCSIS 3.1
  • Router has Bonded light
• I’m running a server with Proxmox VM
  • It works amazing locally

​

Goal(s):

• Use NextCloud/OwnCloud
  • Ability to access NC/OC from outside local network
  • Being able to use domain name instead of dedicated IP when accessing page

Actions:

• Install a Debian 12 VM (or LXC depending upon attempt)
• Update package repositories
• Add user to sudoers file
• Install UFW
• Install VPN application
• Enable UFW
  • Deny ALL but 40,443
• Install Docker Engine
• Enable VPN
• Install Cosmos Server
  • Go through initial setup
    • Configure domain as Dedicated IP
• Here my attempts just hang.
  • I have tried this using NGINX Reverse Proxy
  • I have tried this using Apache2 as a reverse proxy

​

Technical Information

• Port scanning options see ports as open
• SSL certificate application (letscrypt) hangs

​

I have also followed the ‘how to’ https://docs.nextcloud.com/server/latest/admin_manual/installation/source_installation.html from Nextcloud, using manual installation, and can install it, but when I get to the letscrypt stage, I can never get it to complete. I’ve tried the AIO as well. as the Docker image.

The issue is always with SSL/connecting from the outside. I can access it locally, but that doesn’t help me leave commercial clouds behind!

I’ve included my network diagram of what I *think* is going on

​

https://preview.redd.it/xt1o7o4aez1c1.png?width=1148&format=png&auto=webp&s=ff7c8bfef0cc612ce80505a0ffa63dd9a2e04953

Thanks!