Comments (14)
I'm going to close this since I think it's clear this isn't an issue with the snap, but please feel free to continue discussion here, we'll help as much as we can.
from nextcloud-snap.
while this issue is out of our support scope, your config is questionable:
your local IP is not a FQDN? See Hosts & FQDN configuration
remove your local IP here.
$CONFIG = array(
'trusted_domains' => array(
'cloud.example.com',
'192.168.1.10:10260',
),
from nextcloud-snap.
while this issue is out of our support scope, your config is questionable:
your local IP is not a FQDN? See Hosts & FQDN configuration
remove your local IP here.
$CONFIG = array(
'trusted_domains' => array(
'cloud.example.com',
'192.168.1.10:10260',
),
Thank you for your answer. I removed it from my config (it was more for testing purposes).
After multiple fresh installs, I can't even get it to respond to "cloud.example.com" (I get connection timed out) even though I configured it with overwritehost, overwriteprotocol, trusted_proxies, and nginx reverse proxy...
Also, I found in the wiki that you need another webserver to reverse proxy the app, can't the snap reverse proxy "itself" with its embedded apache webserver ?
I'm sorry, I'm a bit lost with all the versions of nextcloud and docs I can find online
from nextcloud-snap.
no worries, we'll get you going...
After multiple fresh installs, I can't even get it to respond to "cloud.example.com" (I get connection timed out)
surely your domain is not cloud.example.com
, that is merely an example. you need a valid domain or subdomain pointing to your device. you can get your domain or subdomain from a service provider of your choice. if you don't have your own domain, turn to a dynamic DNS provider of your choice to get a valid subdomain.
Also, I found in the wiki that you need another webserver to reverse proxy the app, can't the snap reverse proxy "itself" with its embedded apache webserver ?
nope, you don't need a reverse proxy. that wiki entry is an optional suggested configuration if you are planning to run your Nextcloud behind a reverse proxy.
from nextcloud-snap.
@tholeb maybe this step by step guide will help you. its in german, but google knows german and will translate into french
from nextcloud-snap.
@tholeb maybe this step by step guide will help you. its in german, but google knows german and will translate into french
Thanks a lot, i'll look into it !
from nextcloud-snap.
So I'm not really familiar with cloudflare, but:
add cert.pem, privkey.pem, chain.pem to /var/snap/nextcloud/current/nextcloud/config/
Can you clarify a bit? Where did these files come from? It sounds like they aren't valid for your domain.
from nextcloud-snap.
So I'm not really familiar with cloudflare, but:
add cert.pem, privkey.pem, chain.pem to /var/snap/nextcloud/current/nextcloud/config/
Can you clarify a bit? Where did these files come from? It sounds like they aren't valid for your domain.
These files come from cloudflare's dashboard :
I created the origin cert using the dashboard, and download the key and the certificate (*.example.com and example.com), valid for 10 years.
I also downloaded the root certificate (rsa) and created the fullchain cert with the root (cat cert.pem origin.pem > fullchain.pem).
from nextcloud-snap.
I think the only way we're going to be able to help is if you share your actual domain name as well as the IP address of the server hosting the snap. I understand not wanting to make that public: would you mind emailing that info to me? Email is in my profile.
from nextcloud-snap.
@tholeb maybe this step by step guide will help you. its in german, but google knows german and will translate into french
I now have a 404, I guess it's better than nothing.
No errors in apache logs.
Here is what I've done :
snap install nextcloud
snap set nextcloud ports.http=10260 ports.https=10261
(I have an nginx that does reverse proxy for other containers)nextcloud.manual-install admin admin
nextcloud.occ config:system:set overwriteprotocol --value="https"
nextcloud.occ config:system:set overwritehost --value="cloud.example.com"
nextcloud.occ config:system:set trusted_domains 2 --value=cloud.example.com
- Go to lan IP:PORT (192.168.1.10:10260 in my case), get redirected to
cloud.example.com
- get 404 :
Note : my cloudflare SSL config
from nextcloud-snap.
I think the only way we're going to be able to help is if you share your actual domain name as well as the IP address of the server hosting the snap. I understand not wanting to make that public: would you mind emailing that info to me? Email is in my profile.
Thank you. I'll contact you.
from nextcloud-snap.
Got it.
So by visiting your IP address directly, I can see your certs, and they appear to be setup correctly, so the snap is doing what it's supposed to be doing:
Sadly I'm at a loss as to what the "Cannot GET /" message means. I suspect that's coming from cloudflare given things like this in the source of that page:
_cpo.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js'
But... my lack of experience with cloudflare leads me throw up my hands at this point: I don't know what's wrong. A quick google of that ^ path leads me to believe that's a deprecated API, maybe it's been removed or something... ?
from nextcloud-snap.
After a quick nextcloud.occ log:tail
, I found a "error core" :
Error core OCP\Files\NotFoundException: /appdata_ocxg0brxgj8m/theming/global at lib/private/Files/Node/Root.php line 206 2024-02-02T18:41:45+00:00
0. <<closure>>
OC\Files\Node\Root->get(
)
1. lib/private/Files/Node/LazyFolder.php line 74
call_user_func_array(
)
2. lib/private/Files/Node/LazyFolder.php line 151
OC\Files\Node\LazyFolder->__call(
)
3. lib/private/Files/AppData/AppData.php line 132
OC\Files\Node\LazyFolder->get(
)
4. apps/theming/lib/Jobs/MigrateBackgroundImages.php line 168
OC\Files\AppData\AppData->getFolder(
)
5. apps/theming/lib/Jobs/MigrateBackgroundImages.php line 100
OCA\Theming\Jobs\MigrateBackgroundImages->storeUserIdsToProcess(
)
6. apps/theming/lib/Jobs/MigrateBackgroundImages.php line 79
OCA\Theming\Jobs\MigrateBackgroundImages->runPreparation(
)
7. lib/public/BackgroundJob/Job.php line 81
OCA\Theming\Jobs\MigrateBackgroundImages->run(
)
8. lib/public/BackgroundJob/QueuedJob.php line 57
OCP\BackgroundJob\Job->start(
)
9. lib/public/BackgroundJob/QueuedJob.php line 47
OCP\BackgroundJob\QueuedJob->start(
)
10. cron.php line 152
OCP\BackgroundJob\QueuedJob->execute(
)
I also added this to my NC config, since Cloudflare proxy the request to my server, it may have an impact to accept the Cloudflare's IP I guess.
from nextcloud-snap.
I tried to reverse proxy NC with nginx and it works well. I would prefer not to use nginx since there already is apache under the hood.
Here is what I've done :
snap install nextcloud
snap set nextcloud ports.http=10260 ports.https=10261
nextcloud.manual-install admin admin
nextcloud.occ config:system:set overwriteprotocol --value="https"
nextcloud.occ config:system:set trusted_domains 2 --value=cloud.example.com
(I removed the nextcloud.occ config:system:set overwritehost --value="cloud.example.com"
)
Then I added this file to /etc/nginx/sites-available/nextcloud
:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
listen [::]:80;
if ($scheme = "http") {
return 301 https://$host$request_uri;
}
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name cloud.example.com;
location / {
proxy_pass http://127.0.0.1:10260$request_uri;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Accept-Encoding "";
proxy_set_header Host $host;
client_body_buffer_size 512k;
proxy_read_timeout 86400s;
client_max_body_size 0;
# Websocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
location /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
ssl_certificate /etc/ssl/certs/mycert.pem;
ssl_certificate_key /etc/ssl/private/my.key;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
# HSTS (ngx_http_headers_module is required)
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
ssl_prefer_server_ciphers on;
}
And there are no errors in the overview page (previously, I had an "insecure content" which comes from requesting http content from https endpoint).
Please, if you find a workaround using only the snap resources, feel free to @tholeb, I'll be glad to test this out.
Thanks a lot for the help.
from nextcloud-snap.
Related Issues (20)
- Update Nextcloud to 28.0.6
- Update Nextcloud to 29.0.1 HOT 3
- Redis license change HOT 7
- Update nextcloud to 27.1.10
- SNAP Nextcloud 27 stable 27.1.9snap1 has broken libpsl.so.5.2.0 HOT 28
- documentation wiki, reverse proxy settings from NC29 HOT 2
- Issues with v28 - 'sudo nextcloud.occ upgrade;' fails on very large databases HOT 58
- PHP opcache and imagick problems after update to Nextcloud-snap 28.0.6.1 HOT 9
- Cannot Upload Files Bigger than 8MB HOT 4
- Fixer service starts the maintenance mode every five minutes, but doesn't do anything HOT 4
- No Internet connection inside nextcloud snap HOT 11
- documentation faq, enable birthday calendar
- Update Nextcloud to 29.0.2
- Update PHP to 8.2.20
- documentation wiki, brute-force protection
- documentation wiki, nginx reverse proxy manager settings from NC29
- NextCloud Installation Broken - Unable To Update HOT 14
- How to modify the JSON file of translation content? HOT 3
- I can't write korean on nextcloud office. HOT 3
- cannot run https://scan.nextcloud.com/ HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nextcloud-snap.