[Support] Linuxserver.io - Nextcloud


5000 posts in this topic Last Reply

Recommended Posts

6 hours ago, Wong said:

If my nextcloud docker is 192.168.0.16:444. Do I need to adjust anything in subdomain.conf file? Do I need to change the listen 443 ssl to 444 ssl?

I'm not sure where your problem is.  You should probably put nextcloud on 443 like it's supposed to be and see if that works.  I'd also see if you can get nextcloud to work with a dynamic ip service like duckdns.  If that works like it should then you know it's a problem with the cloudfare stuff.

 

I had never used nextcloud, letsencrypt, or reverse proxies and mine worked right away with duckdns so something you are doing is not working right.

Link to post
  • Replies 5k
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

Application Name: Nextcloud Application Site: https://nextcloud.com/ Docker Hub: https://hub.docker.com/r/linuxserver/nextcloud/ Github: https://github.com/linuxserver/docker-nextcl

Here's my list of instructions....    Use them at your own risk.....   If upgrading to v12 please see here:   ##Turn on maintenance mode docker exec -it nextcloud occ m

I replaced these lines in the '/mnt/cache/appdata/nextcloud/nginx/site-confs/default' file. (Adjust path to your appdata path, if it's different)   location = /.well-known/carddav { return

Posted Images

On 8/7/2020 at 7:38 PM, Wong said:

Hi guys, I require some help. I can't get let's encrypt docker to redirect to my NextCloud container as shown in the screenshot as it is stuck in the Let's Encrypt Web UI. I have posted my nextcloud.subdomain.conf and config.php file below for reference. I can't spot the mistake. Let me know if I am doing anything wrong.

 

image.thumb.png.5489f0905ad0f1bd87e54b618918419f.png

 

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => '**********************',
  'passwordsalt' => '************************',
  'secret' => '**************************',
  'trusted_domains' => 
  array (
    0 => '192.168.0.16:444',
    1 => 'nextcloud.protech.my',
  ),
  'dbtype' => 'mysql',
  'version' => '19.0.1.1',
  'trusted_proxies' => ['letsencrypt'],
  'overwrite.cli.url' => 'https://nextcloud.protech.my',
  'overwritehost' => 'nextcloud.protech.my',
  'overwriteprotocol' => 'https',
  'dbname' => 'nextcloud',
  'dbhost' => '192.168.0.16:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => '**********',
  'installed' => true,
);
 

# make sure that your dns has a cname set for nextcloud
# assuming this container is called "letsencrypt", edit your nextcloud container's config
# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
#  'trusted_proxies' => ['letsencrypt'],
#  'overwrite.cli.url' => 'https://nextcloud.your-domain.com/',
#  'overwritehost' => 'nextcloud.your-domain.com',
#  'overwriteprotocol' => 'https',
#
# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
#  array (
#    0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
#    1 => 'nextcloud.your-domain.com',
#  ),

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name nextcloud.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app nextcloud;
        set $upstream_port 443;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

        proxy_max_temp_file_size 2048m;
    }
}
 

 

For What its worth, I have the 2 lines below underneath 'overwriteprotocol' => 'https',

'dbtype' => 'mysql',
  'version' => '19.0.1.1',

Link to post
On 8/7/2020 at 10:35 PM, Wong said:

@Energen I removed the port and still not working. I attached my nextcloud and letsencrpyt docker configuration screenshot below for reference. It there any problem with my configuration?

image.thumb.png.9e7fc8455330648e622ee8af9d1ae36a.png

image.thumb.png.4253642f7367a3e2f66ba9306a876374.png

image.thumb.png.acb2f783def4cba34b00ad1071c42274.png

To me, this looks ok. I've never used dns validation though.  Is there any reason you can't use http?  What do the letsencrypt logs look like.  Were the certificates generated?  If they were and it still doesn't work then blow the letsencrypt docker away. Remove files and reinstall a fresh one.  Don't know why but it works for me sometimes.

Dont forget to forward ports 443 and 80 in the router. (443ext to 1443 int) and (80ext to 180 int)

Link to post
On 8/13/2020 at 10:29 PM, Jessie said:

To me, this looks ok. I've never used dns validation though.  Is there any reason you can't use http?  What do the letsencrypt logs look like.  Were the certificates generated?  If they were and it still doesn't work then blow the letsencrypt docker away. Remove files and reinstall a fresh one.  Don't know why but it works for me sometimes.

Dont forget to forward ports 443 and 80 in the router. (443ext to 1443 int) and (80ext to 180 int)

Hi, so for the reason I can't use http is there is an error in my Letsenrypt log (same error as shown in the 1st version of SpaceInvander Reverse Proxy video). I think my ISP blocked port 80. Thats why I proceed with dns verification.

 

ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container

 

However, there was no error in my log after using dns verification. And stated server ready at the end. Yes I port forward port 80 to 180, 443 to 1443 with TCP/UDP. Just a note, if I only port forward with TCP only of 80 to 180 to my unraid server. I was kick out of my unraid server interface for some reason. But TCP/UDP works for me regardless if is need TCP only. Yes, it is still stuck in the Letencrypt WebUI after setting up Letsencrypt docker again. So I can conclude that my ISP blocked port 80. It is still possible to work with Letencrypt without port 80? 

 

Let say I dont want to use Reverse Proxy anymore to redirect me to my docker container, do I have another option to try with step by step guide? Cause my purpose is really to get onlyoffice working with nextcloud, can I get onlyoffice to work without reverse proxy?

Edited by Wong
Link to post

Hi, i moved my "data path" from cache disk to the normal "data" pool. This works fine, but the i'm not able anymore to spin down all disk, because it looks like nextcloud permanently writes to the data path.

Does anyone has a solution for that?

thx

Link to post
14 minutes ago, Wong said:

Hi, so for the reason I can't use http is there is an error in my Letsenrypt log (same error as shown in the 1st version of SpaceInvander Reverse Proxy video). I think my ISP blocked port 80. Thats why I proceed with dns verification.

 

ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container

 

However, there was no error in my log after using dns verification. And stated server ready at the end. Yes I port forward port 80 to 180, 443 to 1443 with TCP/UDP. Just a note, if I only port forward with TCP only of 80 to 180 to my unraid server. I was kick out of my unraid server interface for some reason. But TCP/UDP works for me regardless if is need TCP only. Yes, it is still stuck in the Letencrypt WebUI after setting up Letsencrypt docker again. So I can conclude that my ISP blocked port 80. It is still possible to work with Letencrypt without port 80? 

 

Let say I dont want to use Reverse Proxy anymore to redirect me to my docker container, do I have another option to try with step by step guide? Cause my purpose is really to get onlyoffice working with nextcloud, can I get onlyoffice to work without reverse proxy?

You don't need port 80 at all. And this should be in the letsencrypt thread and not here.

https uses port 443 for all communication.

Link to post
1 hour ago, malac said:

Hi, i moved my "data path" from cache disk to the normal "data" pool. This works fine, but the i'm not able anymore to spin down all disk, because it looks like nextcloud permanently writes to the data path.

Does anyone has a solution for that?

thx

I think if the .log and the .db files should stay in the "config" path, then everything should be fine....

Link to post
On 8/17/2020 at 3:43 PM, malac said:

but normally log file are located in appdata,or?

Normally, but I don't know about next nextcloud.

The database depends on the setup. If you use an external database, it will be in that softwares appdata and if you use sqlite, please don't as it's  slooow, it's in the data volume.

Link to post
On 8/16/2020 at 8:11 PM, saarg said:

You don't need port 80 at all. And this should be in the letsencrypt thread and not here.

https uses port 443 for all communication.

If you use the http method, letsencrypt requires port 80 for validation when it generates the certificates.

443 is used for communication, but no port 80 = no certificate.

 

Link to post
On 8/16/2020 at 7:55 PM, Wong said:

Hi, so for the reason I can't use http is there is an error in my Letsenrypt log (same error as shown in the 1st version of SpaceInvander Reverse Proxy video). I think my ISP blocked port 80. Thats why I proceed with dns verification.

 

ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container

 

However, there was no error in my log after using dns verification. And stated server ready at the end. Yes I port forward port 80 to 180, 443 to 1443 with TCP/UDP. Just a note, if I only port forward with TCP only of 80 to 180 to my unraid server. I was kick out of my unraid server interface for some reason. But TCP/UDP works for me regardless if is need TCP only. Yes, it is still stuck in the Letencrypt WebUI after setting up Letsencrypt docker again. So I can conclude that my ISP blocked port 80. It is still possible to work with Letencrypt without port 80? 

 

Let say I dont want to use Reverse Proxy anymore to redirect me to my docker container, do I have another option to try with step by step guide? Cause my purpose is really to get onlyoffice working with nextcloud, can I get onlyoffice to work without reverse proxy?

In unraid, I set Use SSL/TLS: to no.  (In settings/Management access) This means I access unraid via the ip address and it stays fully enclosed within my network.  To get to it from outside, I use ipsec tunnels.  This frees up port 443 for letsencrypt.

 

So I pass port 443 through letsencrypt intact.

It might be interesting to see if that works.  It would prove beyond doubt if port 80 is blocked.  I still redirect port 80 to another port. eg 180

 

If port 80 is blocked, it is possible you might be able to unblock it by logging into you ISP user area.  In Australia IInet block it but you can optionally turn blocking off.

 

If using dns verification port 80 is irrelevant.  If the log said server ready, it sounds like it generated the certificate.

 

It is important not to miss that step in spaceinvaders tutorial about "proxynet". After you create it, you need to point Mariadb, nextcloud, letsencrypt and onlyoffice to it in your docker settings rather than "Bridge".

 

The letsencrypt proxy will allow you to run multiple servers through the same isp IP address.  eg Multiple Nextcloud instances, collabora, onlyoffice and any other docker or vm which require port 443.  Otherwise you would require multiple ISP addresses.

Link to post
On 6/30/2020 at 2:57 AM, gacpac said:

Hi I've had a problem since forever and nobody seem to care. 

 

Does someone knows how to get rid of this problem message preventing me to upload files bigger than 50MB?

 

Server replied "413 Request Entity Too Large" to "PUT https://nextcloud.mydomain.com/remote.php/dav/uploads/myprofile/213883260/00000001

 

 

Had a problem like that a long time ago.

 

Use notepad++ and have a look in appdata/letsencrypt/nginx/proxy.conf

 

At the top there should be a line 

# client_max_body_size 2048m;

If it doesn't read 2048m, make it 2048m.

 

or as above block that line out with a #

I've found max filesize will be 2gb when you drag it to the web interface, but unlimited if the client does the transfer.

 

Link to post
Had a problem like that a long time ago.
 
Use notepad++ and have a look in appdata/letsencrypt/nginx/proxy.conf
 
At the top there should be a line 
# client_max_body_size 2048m;
If it doesn't read 2048m, make it 2048m.
 
or as above block that line out with a #
I've found max filesize will be 2gb when you drag it to the web interface, but unlimited if the client does the transfer.
 
Thanks I was able to fix it by looking at the github website and found that developers removed the max_body_size in future releases.

Removed the little line in my setup and all perfect now

https://github.com/nextcloud/d...ues/762#issuecomment-504225433

Sent from my Pixel 2 XL using Tapatalk

Link to post
8 hours ago, Jessie said:

If you use the http method, letsencrypt requires port 80 for validation when it generates the certificates.

443 is used for communication, but no port 80 = no certificate.

 

He said he was using DNS verification, so he don't need port 80. And this belongs in the correct thread, not here.

Link to post
4 hours ago, saarg said:

He said he was using DNS verification, so he don't need port 80. And this belongs in the correct thread, not here.

Point taken, but at the end of the day it is really about getting nextcloud working. The fault could be in either.

My gut feeling is the problem will lie in the port 443 to 1443 translation. 

 

Link to post

Hi, just installed LSIO Nextcloud on Unraid 6.9.25.  Just nextraid and mariaDB at the moment.  No letsencrypt/reverse proxy yet.  Did a photo sync from the mobile app and it worked great.  But tried to comment on a photo from mobile gives me a strange 405 error.  Any ideas?

 

IMG_0218.thumb.jpg.a31778a2d905787cbedcd4622eaef1ca.jpg

Link to post

I installed this from Community Applications, and it just worked. 

I also have a reverse proxy set up.

Can I just use it "out of the box" or do I need to go through the setup described in the OP (e.g., MariaDB)? 

Do I need to change anything in the configuration file?

I've been running it like this for a few days, and it seems to work great. 

Should I delete this docker and start over with the more extensive set up instructions?

Thanks.

Link to post
1 hour ago, volcs0 said:

I installed this from Community Applications, and it just worked. 

I also have a reverse proxy set up.

Can I just use it "out of the box" or do I need to go through the setup described in the OP (e.g., MariaDB)? 

Do I need to change anything in the configuration file?

I've been running it like this for a few days, and it seems to work great. 

Should I delete this docker and start over with the more extensive set up instructions?

Thanks.

If you didn't go through the setup, you have already set it up at an earlier point.

Link to post

Could someone please help me with a strange issue I am having.

It relates to external storages using SFTP.

There are two issues. First (and this isn't that important for now) is that using RSA private key doesn't work. No matter how I configure it, it says cannot read key (RSA 4096 key, generated in linux via ssh-keygen, that connects in fine).

Secondly, and this is a lot more concerning, and I am completely stuck:
Using RSA public key, created by NC, I can connect to external shares, and upload files. But I cannot then download those files again (accessing the server directly, the files are fine, I can download them through other means, they work etc)

Logs are pointing to SFTP.php as the culprit, but that's literally as far as I am able to get. For example:

 

Here is trying to save a file I uploaded

```

 Error: fopen(sftpread://home/[username]/public//gba.7z): failed to open stream: &quot;OCA\Files_External\Lib\Storage\SFTPReadStream::stream_open&quot; call failed at /config/www/nextcloud/apps/files_external/lib/Lib/Storage/SFTP.php#378


GET /remote.php/webdav/[username]Share/gba.7z?downloadStartSecret=[11 character code]
from [IP] by [username] at 2020-08-26T08:13:59+00:00
```

line 378 is
$handle = fopen('sftpread://' . trim($absPath, '/'), 'r', false,

There are other errors for opening files, trying to save uploaded files, copying uploaded files.
Basically anything to do with interacting with a file that's been uploaded to the external share (all SFTP shares) via NC

 

Edited by 4554551n
Link to post
6 hours ago, saarg said:

If you didn't go through the setup, you have already set it up at an earlier point.

I never did any manual setup.

What I did do is install the NextCloud official from Community Applications.

It did not have a GUI - so I deleted that docker and installed the Linuxserver Nextcloud.

As soon as I installed it, it just worked. No configuration needed.

So, is it possible that my first install set up the database? I don't really understand what happened, but I not have a working instance of NextCloud using the default Linuxserver settings.....

Thanks.

Link to post

Anyone had success with the built-in Collabora environment (CODE) in v19.x?

 

I'm having trouble connecting to the new built-in CODE server and I wonder if it has something to do with nginx config. I'm using nginx proxy manager so I'm not sure how to properly edit the config to allow access, e.g. according to this post: https://www.collaboraoffice.com/online/connecting-collabora-online-built-in-code-server-with-nginx/

Link to post

My nextcoud docker isn't accessible anymore on the web interface. Had some problems with the pm.children. Didn't seem to fix it. So now I want to fix it through php.ini but my php folder is empty. Where can I find that config? Or the php files for that matter.

Link to post

Hi, 

 

I was hoping that someone could give me a steer in the right direction. 

 

I have NextCloud setup and everything is great, when I access it via proxy, however when accessing locally, I get a Strict-Transport-Security error. Its not a massive problem, however I would like to learn why this is happening. 

 

For reference, I've added "add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload;" always;" to the "default.conf" in NextCloud but that hasn't made any difference. 

 

Regards. 

 

 

When accessing locally;

20200829_171839.jpg

 

Accessing via proxy;

20200829_171948.jpg

 

Default.conf file;

20200829_172200.jpg

Edited by LoneTraveler
Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.