[Support] Linuxserver.io - Nextcloud


Recommended Posts

7 hours ago, Marshalleq said:

Don't worry about these right now, they're not stopping you from getting it going (I have these and have a working config).

 

I see port forwarded 80 to 180.  In your firewall it says that 180 is for unraid not lets encrypt?  Of is that just a generic name?  

 

Either way, lets encrypt works by forwarding port 443, then to port 80 or 443, then back.  I know technically port 80 will redirect itself, but it's another redirect and there is a maximum number.  I'm also unsure if you can forward 443 to 1443 via the router, then proxy that to port 443 then back again (I haven't had coffee yet and am feeling very slow this morning!), you probably can, but it's not the way mine is set up, so I can't comment.  

 

For mine, I changed the unraid port to 2080 and 20443 to remove this issue.  It seemed to make more sense to me.  Then just forwarded the 443 port to unraid which is received by lets encrypt as native 443 since unraid no longer uses that port.  Letsencrypt docker handles the rest.

 

It's been a while since I set this up, so I may be wrong, but I don't think your array 0 should have port 444, if everything else is being sent to 443.

 

The other part that I can't verify is if that's actually your real IP address that duckdns is sending back.  Have you checked this against what your router says?

 

Finally, I take it plex is working, so I assume that means you don't have a private address range assigned by your ISP - that certainly happens with a few ISP's in my country.

 

Hopefully that gives you a few extra thoughts that leads to something positive! :D

I know you might be used to hearing this, but I was just following the spaceinvader tutorial.

 

He says because Unraid uses ports 80 and 443, you have to change the ports for Letsencrypt, which he outlines here (timestamped link):

 

 

All of this actually worked for me originally, but just recently it's stopped working and I don't understand why. One thing maybe worth noting is that I switched ISPs recently, and the new one closes all my ports by default. I had to call them up to let me open them, which for some reason, meant they had to assign me a sticky IP address (not static, sticky) and I'm not sure if that is having any effect.

 

DuckDNS shows the same IP address my router's status page shows.

 

[edit] Solved. Turns out my ISP was still blocking ports 80 and 443 for security reasons, even though I thought they had them all unblocked.

Edited by Stubbs
Link to comment

I also followed this tutorial, setting it up with Cloudflare:

 

 

All the certificates are entered, all the configs are properly edited, no errors in the letsencrypt log, but still get this when I try to enter the page:

 

JhJ8Tmp.png

 

I shouldn't even have to port forward for this, as explained in the tutorial. Here is the log anyway:

 

_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/


Brought to you by linuxserver.io
We gratefully accept donations at:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid: 99
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
Variables set:
PUID=99
PGID=100
TZ=Australia/Sydney
URL=(...)r.me
SUBDOMAINS=wildcard
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=true
DHLEVEL=2048
VALIDATION=dns
DNSPLUGIN=cloudflare
EMAIL=(...)[email protected]
STAGING=

2048 bit DH parameters present
SUBDOMAINS entered, processing
Wildcard cert for only the subdomains of lechichtower.me will be requested
E-mail address entered: (...)[email protected]
dns validation via cloudflare plugin is selected
Certificate exists; parameters unchanged; starting nginx
Starting 2019/12/30, GeoIP2 databases require personal license key to download. Please manually download/update the GeoIP2 db and save as /config/geoip2db/GeoLite2-City.mmdb
[cont-init.d] 50-config: exited 0.
[cont-init.d] 99-custom-files: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)

Server ready

 

Edited by Stubbs
Link to comment

Why am I still getting this error

 

The "X-Frame-Options" HTTP header is not set to "SAMEORIGIN". This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.

When I've added:

add_header X-Frame-Options "SAMEORIGIN" always;

to both my nextcloud.subdomain.conf and my /config/nginx/site-confs/default file?

 

Is there a trick to solving this problem? I've tried the SSL file too.

I've searched this thread and yet to find a working solution.

Edited by Stubbs
Link to comment
5 minutes ago, Stubbs said:

Why am I still getting this error

 


The "X-Frame-Options" HTTP header is not set to "SAMEORIGIN". This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.

When I've added:


add_header X-Frame-Options "SAMEORIGIN" always;

to both my nextcloud.subdomain.conf and my /config/nginx/site-confs/default file?

 

Is there a trick to solving this problem? I've tried the SSL file too.

I've searched this thread and yet to find a working solution.

I had the same problem. Remove the duplicate one in your subdomain conf file and the warning should go away.

  • Thanks 1
Link to comment

Hello guys,

 

I have Nextcloud installed and have an issue " failed to open stream: No such file or directory at /config/www/nextcloud/lib/private/Files/Storage/Local.php#217",“userAgent”:“Mozilla/5.0 (iOS) Nextcloud-iOS/2.25.5”,“version”:“17.0.3.1”} ‘’ Some photos work fine and others just says Error Loading. Furthermore, when i use the IOS app it just has an X and it does not bring up any pictures. If someone could please help me figure out how to make the photos load like normal.

 

Thank you very much.

 

 

IMG_2849.thumb.PNG.9492b918d2ccc5149db1633745f83991.PNG

576545611_Annotation2020-02-28150905.png.64500106f3516be6da8f0521cd60925e.png1998761408_Annotation2020-02-28150747.thumb.png.cd6da35e4fda96c01c349b7b86438887.png

Link to comment
14 minutes ago, Stubbs said:

Sadly that didn't work for me. Still have the warning.

What NC version?

when i updated my NC from v11 to v17, this warning disappears only on v17. 

but i'm using my Apache web server as reverse proxy, and i had to add trusted_proxies and overwritecondaddr to my config.php.

see here: https://docs.nextcloud.com/server/17/admin_manual/configuration_server/reverse_proxy_configuration.html

Edited by uldise
Link to comment

Hope that someone can help me out..  I have managed to set up Nextcloud via the Spaceinvader videos. Everything appears to be working well. 

 

I am wanting however to setup the Clamav  Antivirus,  I have added the app for this in NC. Gone to the the settings tab in security. but I am having trouble figuring out how to configure clamav with my external docker container available on the apps tab 

ClamAV
tquinnelly
Tools:Utilities, Security

 

I have tried to add this a a daemon with links to clamav docker with added port of 3310.  

 

but I get error of 

[files_antivirus] Error: RuntimeException: The ClamAV module is not in daemon mode. at <<closure>> in the logs of NC. 

Any thoughts and help would be great:) 

 

thanks

 

Link to comment

Hi Guys,

 

I tried to update my Nextcloud from 17.0.0.1 to Nextcloud 18.0.1 using the updater button from the Nextcloud GUI and the upgrade failed end when I click again on the button it will show me  the following message "Step 4 is currently in process. Please reload this page later."

 

I also tried to update nextcloud using the CLI with the following command

sudo -u abc php updater.phar

But also than I received the message "Step 4 is currently in process. Please call this command later.".

 

So I did some research on the internet and it looks like I have to remove the .step file in the /data/updater…/ folder. But where can I find .step file??

If i go to /config/www/nextcloud/updater there is no .step file. So, I think it's on another location.

 

Hope someone can tell me where to find the right location or provide a other solution to fix this upgrade issue. 

Link to comment

Does anyone know how to fix this error:

 

The reverse proxy header configuration is incorrect, or you are accessing Nextcloud from a trusted proxy. If not, this is a security issue and can allow an attacker to spoof their IP address as visible to the Nextcloud. Further information can be found in the documentation.

I'm using the example config from LE:

 

# make sure that your dns has a cname set for nextcloud
# assuming this container is called "letsencrypt", edit your nextcloud container's config
# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
#  'trusted_proxies' => ['letsencrypt'],
#  'overwrite.cli.url' => 'https://nextcloud.my-domain.com/',
#  'overwritehost' => 'nextcloud.my-domain.com',
#  'overwriteprotocol' => 'https',
#
# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
#  array (
#    0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
#    1 => 'nextcloud.your-domain.com',
#  ),

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name nextcloud.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

#	location ~ /auth-(.*) {
#        internal;
#        proxy_pass http://192.168.50.17:80/api/?v1/auth&group=$1;
#        proxy_set_header Content-Length "";
#	}

    location / {
#        auth_request /auth-4; #=User
		include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        proxy_max_temp_file_size 2048m;
        proxy_pass https://192.168.50.85:443;
    }
}

Thanks in advance.

 

Link to comment
Does anyone know how to fix this error:
 
The reverse proxy header configuration is incorrect, or you are accessing Nextcloud from a trusted proxy. If not, this is a security issue and can allow an attacker to spoof their IP address as visible to the Nextcloud. Further information can be found in the documentation.

I'm using the example config from LE:
 

# make sure that your dns has a cname set for nextcloud# assuming this container is called "letsencrypt", edit your nextcloud container's config# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":#  'trusted_proxies' => ['letsencrypt'],#  'overwrite.cli.url' => 'https://nextcloud.my-domain.com/',#  'overwritehost' => 'nextcloud.my-domain.com',#  'overwriteprotocol' => 'https',## Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:#  array (#    0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.#    1 => 'nextcloud.your-domain.com',#  ),server {   listen 443 ssl;   listen [::]:443 ssl;   server_name nextcloud.*;   include /config/nginx/ssl.conf;   client_max_body_size 0;#	location ~ /auth-(.*) {#        internal;#        proxy_pass http://192.168.50.17:80/api/?v1/auth&group=$1;#        proxy_set_header Content-Length "";#	}   location / {#        auth_request /auth-4; #=User	include /config/nginx/proxy.conf;       resolver 127.0.0.11 valid=30s;       proxy_max_temp_file_size 2048m;       proxy_pass https://192.168.50.85:443;   }}

Thanks in advance.
 


At a glance remove brackets from letsencrypt


'trusted_proxies' => 'letsencrypt',
  • Like 1
Link to comment
7 hours ago, TJOPTJOP said:

Hi Guys,

 

I tried to update my Nextcloud from 17.0.0.1 to Nextcloud 18.0.1 using the updater button from the Nextcloud GUI and the upgrade failed end when I click again on the button it will show me  the following message "Step 4 is currently in process. Please reload this page later."

 

I also tried to update nextcloud using the CLI with the following command


sudo -u abc php updater.phar

But also than I received the message "Step 4 is currently in process. Please call this command later.".

 

So I did some research on the internet and it looks like I have to remove the .step file in the /data/updater…/ folder. But where can I find .step file??

If i go to /config/www/nextcloud/updater there is no .step file. So, I think it's on another location.

 

Hope someone can tell me where to find the right location or provide a other solution to fix this upgrade issue. 

Read the link about updating in the first post.

  • Like 1
Link to comment
26 minutes ago, blaine07 said:


At a glance remove brackets from letsencrypt


'trusted_proxies' => 'letsencrypt',

Thanks - not quite, but pointed me in the right direction i.e. actually reading all the text and adding the line to /config/www/nextcloud/config/config.php as stated.  I setup nextcloud a while ago, so this must be a 'recent' addition

Link to comment

Hey wondering if anyone else is having problem with their NC docker.  I had everything up and running with NC going through Letsencrypt. 

Just finished updating the dockers and now getting the following error

"Internal Server Error The server encountered an internal error and was unable to complete your request. Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report. More details can be found in the server log."

 

Had not changed anything but updating the docker through unraid interface.. 

Link to comment

Here is my Lestencrypt log- I did delete email and actual subdomains but have verified they are correct. 

 

_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/


Brought to you by linuxserver.io
We gratefully accept donations at:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid: 99
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
Variables set:
PUID=99
PGID=100
TZ=America/Halifax
URL=duckdns.org
SUBDOMAINS=*****List of my subdomains****
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=true
DHLEVEL=2048
VALIDATION=http
DNSPLUGIN=
EMAIL=***my email
STAGING=

2048 bit DH parameters present
SUBDOMAINS entered, processing
SUBDOMAINS entered, processing
Only subdomains, no URL in cert
Sub-domains processed are: -***listed at -d mysubdomains 
E-mail address entered: ***@gmail.com
http validation is selected
Certificate exists; parameters unchanged; starting nginx
[cont-init.d] 50-config: exited 0.
[cont-init.d] 99-custom-files: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
Server ready
nginx: [warn] could not build optimal proxy_headers_hash, you should increase either proxy_headers_hash_max_size: 512 or proxy_headers_hash_bucket_size: 64; ignoring proxy_headers_hash_bucket_size
nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)
nginx: [error] lua_load_resty_core failed to load the resty.core module from https://github.com/openresty/lua-resty-core; ensure you are using an OpenResty release from https://openresty.org/en/download.html (rc: 2, reason: module 'resty.core' not found:
no field package.preload['resty.core']
no file './resty/core.lua'
no file '/usr/share/luajit-2.1.0-beta3/resty/core.lua'
no file '/usr/local/share/lua/5.1/resty/core.lua'
no file '/usr/local/share/lua/5.1/resty/core/init.lua'
no file '/usr/share/lua/5.1/resty/core.lua'
no file '/usr/share/lua/5.1/resty/core/init.lua'
no file '/usr/share/lua/common/resty/core.lua'
no file '/usr/share/lua/common/resty/core/init.lua'
no file './resty/core.so'
no file '/usr/local/lib/lua/5.1/resty/core.so'
no file '/usr/lib/lua/5.1/resty/core.so'
no file '/usr/local/lib/lua/5.1/loadall.so'
no file './resty.so'
no file '/usr/local/lib/lua/5.1/resty.so'
no file '/usr/lib/lua/5.1/resty.so'
no file '/usr/local/lib/lua/5.1/loadall.so')

Link to comment
4 hours ago, Aceriz said:

Hey wondering if anyone else is having problem with their NC docker.  I had everything up and running with NC going through Letsencrypt. 

Just finished updating the dockers and now getting the following error

"Internal Server Error The server encountered an internal error and was unable to complete your request. Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report. More details can be found in the server log."

 

Had not changed anything but updating the docker through unraid interface.. 

Here is also my nextcloud log

 

-------------------------------------
_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/


Brought to you by linuxserver.io
We gratefully accept donations at:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid: 99
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 40-config: executing...
[cont-init.d] 40-config: exited 0.
[cont-init.d] 50-install: executing...
[cont-init.d] 50-install: exited 0.
[cont-init.d] 60-memcache: executing...
[cont-init.d] 60-memcache: exited 0.
[cont-init.d] 99-custom-files: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.

Link to comment

I am experiencing the following error when trying to enter the web GUI to finalize my setup of NextCloud. I have successfully crated a Mariadb with a db user and password as well as a database within Mariadb. I have triple checked all my info on this web page including  database user, database password, database name and local host. Any help or guidance would be appreciated. Let me know if I need to submit anymore info to help resolve this problem.

 

Thank you,

 

Jeff

Screenshot_2020-03-04 Nextcloud.png

Link to comment

Hey guys, I am wanting to use External Storages to link an unRAID share into NC. I have read through here that you can do this either by "local" if I pass through the parameters in the docker settings or "SMB / CIFS" which seems to be preferred so that the folder permissions are respected.

 

My issue, is that my NC docker is on a custom br0 network with a fixed ip address so that I could give letsencrypt that ip address. Since NC is on the br0 network, I am unable to ping my unRAID ip address from within the NC docker and thus I am unable to connect to my unRAID share.

 

Does anyone know of a way to allow NC to see my unRAID ip?

 

EDIT: Another interesting development, I can ping any other device on my local network from within the NC docker, expect my unRAID ip... hmmm

 

EDIT #2: As it turns out, it was not an interesting development that i could not access my unRAID ip. It is very well documented that this is by design. Anyway, I decided I would just test out using the local option and it appears to be working just fine.

Edited by archedraft
Link to comment
On 2/29/2020 at 10:30 AM, Aceriz said:

Hope that someone can help me out..  I have managed to set up Nextcloud via the Spaceinvader videos. Everything appears to be working well. 

 

I am wanting however to setup the Clamav  Antivirus,  I have added the app for this in NC. Gone to the the settings tab in security. but I am having trouble figuring out how to configure clamav with my external docker container available on the apps tab 

ClamAV
tquinnelly
Tools:Utilities, Security

 

I have tried to add this a a daemon with links to clamav docker with added port of 3310.  

 

but I get error of 

[files_antivirus] Error: RuntimeException: The ClamAV module is not in daemon mode. at <<closure>> in the logs of NC. 

Any thoughts and help would be great:) 

 

thanks

 

I've gotten ClamAV working fine by using this clamAV image: https://hub.docker.com/r/mk0x/docker-clamav/

 

It has the Clamd daemon running by default, so worked for me out of the box when I changed the ClamAV mode to daemon in Nextcloud and added my host server ip and port 3310.

 

Let me know if you run into any problems. 

 

 

  • Thanks 1
Link to comment
On 2/22/2020 at 11:25 PM, Kewjoe said:

Yes.

 

1) If i go to "onlyoffice.mydomain.com", it gives me the green checkmark and welcome page

2) If I add "onlyoffice.mydomain.com" to the Only Office settings in Nextcloud, it is accepted

3) When i create a new doc or spreadsheet. I just get a blank page and Only Office doesn't launch.

 

 

Except it isn't 😀

 

 

** I think I found a solution to fix this @Kewjoe **

 

I was having this exact same issue:

Set up the official OnlyOfficeDocumentServer docker container with a reverse proxy to port 4430 (also with a secret key variable set as JWT_SECRET).

If I went to https://documentserver.mydomain.com I would get the green checkmark and welcome page. 

If I added https://documentserver.mydomain.com and the secret key I created to the OnlyOffice settings in Nextcloud these settings were accepted and saved. 

Then finally, if I tried to open an EXISTING .doc or .docx document I would just get a blank white screen under the Nextcloud header bar. The same thing would happen if I created a new document. 

 

My assumption was that perhaps some setting in my general NGINX ssl.conf was preventing the frame from opening OnlyOffice Documentserver. So, I went to the Github page for the Linuxserver LetsEncrypt container and pulled the most recent code from the ssl.conf (located here: https://github.com/linuxserver/docker-letsencrypt/blob/master/root/defaults/ssl.conf) and updated the ssl.conf in my Letsencrypt appdata folder. After restarting Letsencrypt and Nextcloud everything is now working! Hopefully that helps you as well. 

 

My only concern is that I now get an A at SSLLabs, rather than an A+ like I used to get with my previous, more complicated ssl.conf...

Edited by xthursdayx
Updated with solution.
  • Like 2
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.