Hi, great example for using teddycloud on a public server. You should omit the ports definition for the teddycloud docker service. If not (and you don‘t have a proper firewall) teddycloud is reachable from the outside on port 8080 (without auth).

You're absolutely right. In my case, I have a firewall running, but in generally this should be removed.

Hello, i tried your above mentioned example and it works very good, except of one issue i couldnt fix until now: Every time i want to upload something (for example an .mp4 file) i receive an unexpected error while uploading. If i connect to the user interface via local IP and Port, i can upload files without any issues. So it seems to be an issue with the NGINX configuration.

Did you faced the same issue?

I found the issue and also got a solution for it:

Error in NGINX logs: client intended to send too large body:

After i added this into the HTTP config within the Server 9443, upload of files works: client_max_body_size 20M;

Beware: This config is a security risk! Teddycloud is not written or intended to be exposed to the public internet, and in fact has code to lock down when it detects that it is. This config will effectively pass through the connection as-is to teddycloud, exposing your teddycloud instance to the internet.

Exposing service to the internet always is a risk, sure. However, if you check the config carefully, it protects the login via basic auth, so it's not exposed without protection. The point is: Teddycloud does not come with its own login protection. Without this, anybody can directly access the interface and download the certificates. This is the reason why I added this here.