Umbrel + Nextcloud + Tailscale Setup Guide

Guides
1

Couldn’t find a definitive guide for Umbrel + Tailscale + Nextcloud, as I had a non-techie friend ask for one, so just gone through the steps again myself. I suspect people get thrown-off initially by the default username & password for Umbrel.

Found this related post from @DarthCoin on Tailscale + Umbrel, which covers the Tailscale bits but none that covered the Nextcloud next steps from a noobie angle.

Before we get started, make sure the apps are installed, Tailscale & Nextcloud, on both your Umbrel and a 2nd device like a mobile/desktop.

Steps

  1. When opening NextCloud for the first time, it is going to ask for a username and password. You need to open up the Umbrel App Store and tap on the NextCloud listing and you will see in the top right is a username (umbrel) and password. Enter that into the Nextcloud browser tab and you will unlock the software locally.

  2. Now you’re logged-in, you should change the password to something easy to remember but hard to crack inside Personal Settings > Security. Remember you may need to enter this numerous times, so I personally wouldn’t go too crazy in complexity here. We can’t actually change the username once created, but later on we can create a new user if preferred. These passwords are to prevent anyone from logging in if you share your Umbrel’s local address in future. It is going to protect your files locally essentially (not on NextCloud servers).

  3. Once done, Nextcloud is going to show you a bunch of dummy data and documents and say you need to add profile information (although we’ve done all we need to in step 2. We can delete these files when we are ready, but they are actually convenient for now to check everything is setup correctly with a 2nd device. And to see all the file & media types supported.

  4. I know we just had settings open but it’s time to go back there. Under ‘Mobile & Desktop’ inside Personal Settings you’re going to see your ‘Server address’. Essentially this is your local address to show that you are not using the cloud. We’re now going to use that to login on other devices.

  5. Make sure you are logged-into Tailscale on the 2nd device first. On this 2nd device you can enter the NextCloud server address when prompted after opening the app. Tailscale is going to route through to your server over LAN/Wifi and find the most efficient path to your machine. Here you will be prompted for that username and password. Username is still likely’ umbrel’, plus the password you changed it to in 2.

  6. Click next if on mobile and voila, you can now see those dummy files mentioned in 3. Before we go deleting all those files we discussed time for a demo to check everything is working as expected…

  7. Let’s upload a photo. A photo either from your phone or desktop (the 2nd device). Click the photos icon in the top nav bar on your Umbrel first so we can see what was there previously. Now on your 2nd device select a photo to upload and click ‘save’. The Umbrel app won’t hot reload, so you will need to click ‘photos’ again in the sidebar to check it uploaded correctly. Hey presto… you should now have your files sync’ing magically. Whether in your living room, in the local supermarket or in the decaying streets of New York, no matter where you are in the world… you’ll be able to access your files in seconds, privately.

  8. Now it’s time to go OTT and add your 3rd & 4th devices. And also to show friends/families/neighbours/uncles/pets and get them to download Tailscale & NextCloud on their own devices. This time however instead of them using the umbrel login details, we can set them up with their own username & password by clicking on the profile icon & ‘Users’. Create an account for them and then repeat the steps 5-7…

Remember to take note of their facial expression when they witness this level of sovereignty they have just achieved! :star: You now have your very own file server.

Bonus Tips

  • Once setup and logged-in on devices locally, you can actually get by without needing Tailscale enabled locally. Therefore you can disable the toggle in the app on your (secondary/mobile) device if you wish, when not needing to connect over the interwebs.

  • If multiple users, you can tap the little lightning bolt in the top nav bar, and you have a feed too of everyone’s activity inside NextCloud.

  • If you’re a nerd like me, and love keeping notes in Markdown these days, those render really well inside Nextcloud also.

3 Likes
2

Thanks for sharing!

3

Excellent guide; thank you @drw and @DarthCoin!

Hosting a renamed umbrel box? You’ll want to update your Nextcloud’s config.php to include such renamed host(s). On my second umbrel (named umbrel2.local in my /etc/hosts), my Nextcloud config.php now references the updated hostname:

$ sudo grep umbrel umbrel/app-data/nextcloud/data/nextcloud/config/config.php
1 => ‘umbrel2.local:8081’,
3 => ‘umbrel2:8081’,
8 => ‘umbrel2.tail****.ts.net:8081’,

Without such updates to config.php, the http://umbrel2.local:8081/login silently fails, on my 0.5.4

1 Like
4

I just thought to add that I was stuck for a bit where I couldn’t access Nextcloud on my Umbrel and I didn’t see the page where I needed to enter the server address on Tailscale.

Adjusting the steps slightly, this is what worked for me (after Step 3 above):

  1. Install the Tailscale app on the Umbrel and set up your account. I don’t remember exactly but you may have to set up your Tailscale account online first.

  2. Once Tailscale is all set up on the Umbrel, on another device where you have also installed the Tailscale app, you can open up Tailscale and see all of your network devices. This video is a pretty good primer on what to expect and goes over the setup of Tailscale (though not on your Umbrel).

  3. On Tailscale, identify your Umbrel device in the list and take note of the ip address and web server address. If you try to login using that ip or server address, you can get into the Umbrel but you won’t be able to get into Nextcloud.

  4. You have to whitelist the ip address by editing the Nextcloud config.php file in order to allow yourself access. You can do that by opening up Terminal or PowerShell, ssh into your Umbrel (steps may be found online), and then navigate to the config folder. You can use this command in order to find the right directory where the config.php file is stored (‘find / -name config.php’ and then ‘cd “enter file path taking care to not include config.php”’)

  5. Remember the ip address and server website url from the earlier step? Enter ‘nano config.php’ and then use the arrow keys to scroll down to the Trusted Domains section and enter the ip address. You can also enter the server url as well, if you’d like.

  6. Then use Ctrl+O, Enter/Return to save the file, and Ctrl+X to close the app. Exit the SSH and close Terminal/Powershell. You should be able to navigate to your Nextcloud instance from anywhere now as long as you remember your username and password!

Hope this helps some other hapless soul.