Home server
Prerequisites
This guide covers additional considerations for installing Cloudron on a home server. Follow the main Installation guide and refer to this page for home network specific requirements.
Public IPv4 / IPv6
A public IPv4 or IPv6 address is required for access outside home. The IP address can be dynamic. Use the Dynamic DNS feature after installation to keep DNS automatically up-to-date. Check your current public IP at whatismyipaddress.com.
For access only within home network, click Advanced Settings in
the Domain Setup UI. Choose Static IP and provide the internal IP
of your server. Use a DNS provider with API support (see below) with this configuration.
Without API support, Let's Encrypt certificates cannot be obtained.
DNS provider
When using DNS providers with API support, Let's Encrypt certificates can be obtained using DNS automation.
To use Wildcard or Manual DNS instead of providers with API support, forward
port 80 from your router to the server. Let's Encrypt requires port 80 access to obtain certificates.
Do not use self-signed certificates. Most apps use OIDC for authentication and will not work with self-signed certificates. Additionally, mobile apps fail with them and users see persistent browser warning screens.
Port forwarding
For access outside home, forward port 443 in your router's firewall to the server. See portforward.com for router-specific instructions.
Some apps use custom TCP ports (for git, P2P, etc.). Set up port forwarding for these ports when installing the apps.
Forward port 443 before performing the domain setup. Otherwise, you cannot reach the dashboard after domain setup.
NAT loopback
NAT loopback (or Hairpinning) allows internal services to access themselves or other services via the public IP. This enables apps to reach other apps using DNS names. OIDC login requires this feature. Most modern routers support it.