[0:00]Hello, welcome back to another video. This is going to be a fun one today. We are going to be building a fully functional, self-hosted file sharing service, which will be accessible locally on your local network. And also from the wider internet, using a service called Tailscale, which allows you to extend your local network without doing any complex firewall configuration. For the file sharing service itself, we will be using a service called File Browser. It is completely free, open source, and really easy to set up, which is why I've chosen it for this video. And also, the main reason is because it's completely self-hosted, so you maintain full control of your files. And also, we will be setting up a reverse proxy using NGINX, so we'll be able to access the file sharing service via a custom domain name. And then finally, we'll be encrypting all traffic using Let's Encrypt, so you'll have a fully secure file sharing service, which is accessible from anywhere. This video is going to be packed with a lot of really useful information, and by the end of it, you'll have a fully functional file sharing service. It's going to be a long one, but it's going to be a good one, so grab a snack, grab a drink, and let's jump right into it.
[1:30]All right, so the first thing we need to do is install Docker on our server, which is going to be hosting our file sharing service. Now, for this example, I'm going to be using an Ubuntu server, but if you're using a different operating system, then you can find the instructions on the official Docker documentation website. I will leave a link in the description below. So, I'm just going to copy and paste the commands over to my terminal. I'm already SSH into my server. And the first command is just going to update all the packages.
[2:07]Then, we're going to install a few prerequisite packages.
[2:14]Then, we're going to download the Docker GPG key, which will allow us to authenticate the Docker packages. And then, we're going to add the Docker repository to our app sources. Then, we're going to update the app packages again.
[2:35]And then, finally, we're going to install Docker engine, CLI, and containerd.
[2:44]All right, now that Docker has been installed, we need to create a directory where our Docker compose file and also our file browser data will live. So, I'm just going to create a directory called File Share. You can call it whatever you want. And then, I'm going to change into that directory. Next, we need to create our Docker Compose file, which is going to define our file browser service and also the Tailscale service. So, I'm going to create a file called docker-compose.yml. And then, I'm going to open it with Nano. Now, I'm going to paste in the Docker Compose configuration. And I'll quickly walk you through what's going on here. So, we're defining two services. The first one is called file-browser. And we're using the official file browser image. We're restarting it unless it's stopped. We're mapping port 80 to port 80 of the container. And we're also mounting a volume, which is going to be the current directory to the data directory of the file browser container. So, whatever files you place in this directory will be accessible via the file browser service. And then, the second service we're defining is called Tailscale, and we're using the official Tailscale image. We're also restarting it unless it's stopped. We're giving it the hostname file-share. We're also giving it some capabilities to allow it to run properly. We're exposing port 80, 443, and 53. And then, we're mounting the dev/net/tun device to the container, which is going to allow it to create a VPN tunnel. And then, we're also mounting the var/lib/tailscale directory to the container, which is going to store the Tailscale state. And then finally, we're setting an environment variable called TS_ACCEPT_DNS, which is going to tell Tailscale to accept DNS requests. So, you'll be able to access your file browser service via the file-share hostname. All right, so I'm just going to save this file and exit out. And now that we have our Docker Compose file, we can bring up our services. So, I'm going to run the command docker compose up -d. The -d flag is going to run the services in the background. All right, so both services are now up and running. Now, we need to authenticate our Tailscale service with our Tailscale account. So, to do that, we need to get the authentication URL from the Tailscale container. So, to do that, we're going to run the command docker logs tailscale. And as you can see, we have the authentication URL right here. So, I'm just going to copy this URL and open it in my browser. And then, it's going to ask me to authenticate. I'm just going to choose my Google account. And now, our Tailscale device has been authenticated. So, now if I go to my Tailscale admin console, you can see that we have a new device called file-share. And it has an IP address of 100.77.100.174. So, now if I go to that IP address in my browser, you can see that we have our file browser service up and running. The default username is admin and the default password is admin. So, I'm just going to log in. And as you can see, we have our file browser service up and running. Now, the first thing you want to do is change the default password. So, you can do that by going to the settings icon. And then, you can go to users. And then, you can click on the admin user. And then, you can change the password here. So, I'm just going to change it to a strong password. And then, click save. All right, now that we have our file browser service up and running and accessible via Tailscale, we can now set up our custom domain name and also encrypt all traffic using Let's Encrypt. So, to do that, we're going to use NGINX as a reverse proxy. So, I'm just going to exit out of this directory. And I'm going to create a new directory called NGINX. And then, I'm going to change into that directory. Next, we need to create our Docker Compose file for NGINX. So, I'm going to create a file called docker-compose.yml. And then, I'm going to open it with Nano. And then, I'm going to paste in the Docker Compose configuration. And I'll quickly walk you through what's going on here. So, we're defining one service called NGINX. We're using the official NGINX image. We're restarting it unless it's stopped. We're mapping port 80 to port 80 of the container and port 443 to port 443 of the container. And then, we're mounting a volume, which is going to be the current directory to the /etc/nginx/conf.d directory of the NGINX container. So, whatever NGINX configuration files you place in this directory will be loaded by NGINX. And then, we're also mounting the /etc/letsencrypt directory to the container, which is going to store our SSL certificates. All right, so I'm just going to save this file and exit out. Next, we need to create our NGINX configuration file. So, I'm going to create a file called default.conf. And then, I'm going to open it with Nano. And then, I'm going to paste in the NGINX configuration. Now, there's a lot going on here, but I'll quickly walk you through what's important. So, the first thing is the server_name directive. You need to replace example.com with your custom domain name. So, in my case, it's going to be fileshare.example.com. And then, the next important thing is the proxy_pass directive. This is going to proxy all requests to our file browser service, which is running on port 80 of the file-share container. And then, the rest of the configuration is just for Let's Encrypt, so it's going to handle the SSL certificate renewal. All right, so I'm just going to save this file and exit out. And now that we have our NGINX configuration file, we can bring up our NGINX service. So, I'm going to run the command docker compose up -d. All right, so our NGINX service is now up and running. Now, we need to get our SSL certificates from Let's Encrypt. So, to do that, we're going to use Certbot. So, I'm going to run the command docker run -it --rm --name certbot -v "$PWD/letsencrypt:/etc/letsencrypt" -v "$PWD/nginx:/etc/nginx/conf.d" certbot/certbot certonly --webroot -w "$PWD/nginx" -d fileshare.example.com. So, this command is going to run a Certbot container. It's going to mount our NGINX configuration directory and also our Let's Encrypt directory to the container. And then, it's going to request an SSL certificate for our domain name. So, I'm just going to replace fileshare.example.com with my domain name. And then, I'm going to run the command. It's going to ask for my email address. I'm just going to enter my email address. And then, it's going to ask me to agree to the terms of service. I'm just going to type Y and press Enter. And then, it's going to ask me if I want to share my email address with the Electronic Frontier Foundation. I'm just going to type N and press Enter. All right, now that we have our SSL certificates, we need to restart our NGINX service so it can pick up the new certificates. So, I'm going to run the command docker compose restart nginx.
[11:48]All right, now that NGINX has been restarted, we can now access our file browser service via our custom domain name with HTTPS. So, I'm just going to open my browser and go to fileshare.example.com. And as you can see, we have our file browser service up and running with HTTPS. So, I'm just going to log in with my admin credentials. And there you have it, a fully functional, self-hosted file sharing service, which is accessible locally on your local network. And also from the wider internet, using Tailscale, and also with a custom domain name and SSL encryption. Now, to add files to your file sharing service, you just need to place them in the directory where your Docker Compose file is located. So, in our case, it's going to be the file-share directory. So, I'm just going to create a new file called test.txt. And then, I'm going to add some content to it. And then, I'm going to save it and exit out. And now if I go back to my file browser service and refresh the page, you can see that we have our test.txt file. And I can download it or view it. And you can also create new users and share files with them. So, I'm just going to create a new user called test. And I'm going to give it a password. And I'm going to give it access to the current directory. And then, I'm going to save it.
[13:35]And now if I log out and log in as the test user, you can see that we have access to the test.txt file. All right, that's it for this video. I hope you found it useful. If you did, then please leave a like and subscribe to the channel. And I'll see you in the next one. Peace.
