[Support] Linuxserver.io - Nextcloud


Recommended Posts

[SOLVED]

 

Hey all,

 

I'm still trying to setup swag and nextcloud, to my liking. I know nextcloud has some burteforce protection (25 second timeout) on login attempts, but i want ban those ips. So, use fail2ban, since it already in swag. I found a some information about it, and basically you want to pass the nginx log on nextcloud to fail2ban in the swag container. In fail2ban you would configure a filter for that logfile on which it triggers. (see linked post) 

The problem is what gets written in the access log of nextcloud "\nextcloud\log\nginx\access.log". If i make a couple of wrong login attempts from an outside ip, I kind of expected something like "login failed" but it doenst mention anything like that. The nexcloud documentation, also shows a filter looking at "login. failed" https://docs.nextcloud.com/server/19/admin_manual/installation/harden_server.html?highlight=fail2ban

 

Thanks,

 

Edit: wrong log file, I needed nextcloud.log located in host pasth 2 I set in the config.

Thank you, Glasti

Edited by ZekerPixels
Link to comment

Hi suddenly could not longer access my nextcloud. both remote and local is unavailable

 

When entering the server there was loads and loads of error messages regarding the cache disk. It is an intel SSD and for some reason it had plenty of read errors.

This might cause the entire nextcloud to go down, I do not know. 

 

I will see if changing the ssd can fix the issue, but I guess that there is more to it than that.

 

The error message i get is:

 

Internal Server Error

The server was unable to complete your request.

If this happens again, please send the technical details below to the server administrator.

More details can be found in the server log.

 

Technical details

Remote Address: 192.168.0.92

Request ID: gAiXEogaBirsFLW0AM59

 

Not sure why it is referring to 92 when I am using 100. I have checked the server and the router and it is both confirming that the server is at 100. I also use 100 when logging into the server so where the 92 is comming from is unknown for me

Link to comment
On 2/4/2021 at 8:17 AM, Coy said:

Im having issues with a nextcloud update that I just did. It tells me "This version of Nextcloud is not compatible with > PHP 7.3. You are currently running 7.4.14." Im really not sure what to do. Can anyone help me?

 

 

EDIT: I finally figured out how to change versions. I tried 20.0.7,20.0.6,20.0.5. I landed on 20.0.4 and im working again.

I got the same error, how do you change the version?

Link to comment

which version of onlyoffice I should use to connect with this nextcloud docker. I am on the latest NC 20.0.7 (fresh install) using reverse proxy, using my own subdoamin and able to access from Local and external network.

 

I see that official onlyoffice docker is no longer in the app store, that is why I am checking here.

 

TIA!

Edited by GGabs
Link to comment

I am still getting the X-Frame-Options error in my Nextcloud Overview:

 

https://i.imgur.com/1dowoxG.png

 

I have tried all the fixes I've found online, including the ones in this thread, and none have worked

 

Here is my \appdata\swag\nginx\ssl.conf file:

 

## Version 2020/10/29 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/ssl.conf

### Mozilla Recommendations
# generated 2020-06-17, Mozilla Guideline v5.4, nginx 1.18.0-r0, OpenSSL 1.1.1g-r0, intermediate configuration
# https://ssl-config.mozilla.org/#server=nginx&version=1.18.0-r0&config=intermediate&openssl=1.1.1g-r0&guideline=5.4

ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
ssl_session_tickets off;

# intermediate configuration
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers [removed];
ssl_prefer_server_ciphers off;

# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;


### Linuxserver.io Defaults

# Certificates
ssl_certificate /config/keys/letsencrypt/fullchain.pem;
ssl_certificate_key /config/keys/letsencrypt/privkey.pem;
# verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /config/keys/letsencrypt/fullchain.pem;

# Diffie-Hellman Parameters
ssl_dhparam /config/nginx/dhparams.pem;

# Resolver
resolver 127.0.0.11 valid=30s; # Docker DNS Server

# Enable TLS 1.3 early data
ssl_early_data on;

# HSTS, remove # from the line below to enable HSTS
#add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;

# Optional additional headers
#add_header Cache-Control "no-transform" always;
#add_header Content-Security-Policy "upgrade-insecure-requests; frame-ancestors 'self'";
#add_header Referrer-Policy "same-origin" always;
#add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
#add_header X-UA-Compatible "IE=Edge" always;
#add_header X-XSS-Protection "1; mode=block" always;

 

and here is my nextcloud.subdomain.conf file:

 

## Version 2020/12/09
# make sure that your dns has a cname set for nextcloud
# assuming this container is called "swag", edit your nextcloud container's config
# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
#  'trusted_proxies' => ['swag'],
#  'overwrite.cli.url' => 'https://nextcloud.your-domain.com/',
#  'overwritehost' => 'nextcloud.your-domain.com',
#  'overwriteprotocol' => 'https',
#
# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
#  array (
#    0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
#    1 => 'nextcloud.your-domain.com',
#  ),

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name nextcloud.*;
	
	add_header X-Frame-Options "SAMEORIGIN" always;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;


    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app nextcloud;
        set $upstream_port 443;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

        proxy_max_temp_file_size 2048m;
    }
}

 

Edited by Stubbs
Link to comment
On 2/13/2021 at 6:31 AM, mrvilla said:

Hi suddenly could not longer access my nextcloud. both remote and local is unavailable

 

When entering the server there was loads and loads of error messages regarding the cache disk. It is an intel SSD and for some reason it had plenty of read errors.

This might cause the entire nextcloud to go down, I do not know. 

 

I will see if changing the ssd can fix the issue, but I guess that there is more to it than that.

 

The error message i get is:

 

Internal Server Error

The server was unable to complete your request.

If this happens again, please send the technical details below to the server administrator.

More details can be found in the server log.

 

Technical details

Remote Address: 192.168.0.92

Request ID: gAiXEogaBirsFLW0AM59

 

Not sure why it is referring to 92 when I am using 100. I have checked the server and the router and it is both confirming that the server is at 100. I also use 100 when logging into the server so where the 92 is comming from is unknown for me

What is at 92 on your network? It sounds like something is requesting from that address - I'd say look at see if anything is mapped to that IP. Also I think you are right about the SSD, swap it out and see if that makes any improvement.

Edited by Rick_Sanchez
Link to comment
17 hours ago, GGabs said:

which version of onlyoffice I should use to connect with this nextcloud docker. I am on the latest NC 20.0.7 (fresh install) using reverse proxy, using my own subdoamin and able to access from Local and external network.

 

I see that official onlyoffice docker is no longer in the app store, that is why I am checking here.

 

TIA!

Anyone?

Link to comment

@skois@whitedwarf

 

Update on the situation.

I ended up buying Ubiquiti's UniFi USG, setting our Huawei modem to work in Bridge mode, so that the USG is the main router, and after the basic setup, everything just worked.

 

NAT Loopback finally works, I can access my server through the domain name within the same network, and with that, OpenOffice connected with NextCloud without any issues at all.

 

I can finally breath!

  • Like 2
Link to comment
6 minutes ago, REllU said:

@skois@whitedwarf

 

Update on the situation.

I ended up buying Ubiquiti's UniFi USG, setting our Huawei modem to work in Bridge mode, so that the USG is the main router, and after the basic setup, everything just worked.

 

NAT Loopback finally works, I can access my server through the domain name within the same network, and with that, OpenOffice connected with NextCloud without any issues at all.

 

I can finally breath!

Great!! I'm looking for a UDM pro, but i can't justify it.. because i have a pfsense box that does more! 
But damn, this dashboard is sexy

Link to comment
On 2/14/2021 at 1:09 PM, Rick_Sanchez said:

What is at 92 on your network? It sounds like something is requesting from that address - I'd say look at see if anything is mapped to that IP. Also I think you are right about the SSD, swap it out and see if that makes any improvement.

 

Hi there is nothing on 92 on my network. I am trying to figure out how to change the cache now and will come back when done.

Link to comment
On 2/14/2021 at 2:58 AM, Stubbs said:

I am still getting the X-Frame-Options error in my Nextcloud Overview:

 

https://i.imgur.com/1dowoxG.png

 

I have tried all the fixes I've found online, including the ones in this thread, and none have worked

 

Here is my \appdata\swag\nginx\ssl.conf file:

 


## Version 2020/10/29 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/ssl.conf

### Mozilla Recommendations
# generated 2020-06-17, Mozilla Guideline v5.4, nginx 1.18.0-r0, OpenSSL 1.1.1g-r0, intermediate configuration
# https://ssl-config.mozilla.org/#server=nginx&version=1.18.0-r0&config=intermediate&openssl=1.1.1g-r0&guideline=5.4

ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
ssl_session_tickets off;

# intermediate configuration
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers [removed];
ssl_prefer_server_ciphers off;

# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;


### Linuxserver.io Defaults

# Certificates
ssl_certificate /config/keys/letsencrypt/fullchain.pem;
ssl_certificate_key /config/keys/letsencrypt/privkey.pem;
# verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /config/keys/letsencrypt/fullchain.pem;

# Diffie-Hellman Parameters
ssl_dhparam /config/nginx/dhparams.pem;

# Resolver
resolver 127.0.0.11 valid=30s; # Docker DNS Server

# Enable TLS 1.3 early data
ssl_early_data on;

# HSTS, remove # from the line below to enable HSTS
#add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;

# Optional additional headers
#add_header Cache-Control "no-transform" always;
#add_header Content-Security-Policy "upgrade-insecure-requests; frame-ancestors 'self'";
#add_header Referrer-Policy "same-origin" always;
#add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
#add_header X-UA-Compatible "IE=Edge" always;
#add_header X-XSS-Protection "1; mode=block" always;

 

and here is my nextcloud.subdomain.conf file:

 


## Version 2020/12/09
# make sure that your dns has a cname set for nextcloud
# assuming this container is called "swag", edit your nextcloud container's config
# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
#  'trusted_proxies' => ['swag'],
#  'overwrite.cli.url' => 'https://nextcloud.your-domain.com/',
#  'overwritehost' => 'nextcloud.your-domain.com',
#  'overwriteprotocol' => 'https',
#
# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
#  array (
#    0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
#    1 => 'nextcloud.your-domain.com',
#  ),

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name nextcloud.*;
	
	add_header X-Frame-Options "SAMEORIGIN" always;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;


    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app nextcloud;
        set $upstream_port 443;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

        proxy_max_temp_file_size 2048m;
    }
}

 

You shouldn't be changing anything in your ssl.conf, all your changes should happen in proxy-confs. 

I leave my ssl.conf alone, haven't touched it in years. 

Duck DNS?

Link to comment

Hello,

I've just set up Nextcloud, by following Space Invader One's video's about it.

 

When I was done with his videos it came up with the error about untrusted domains, and gave me this link:
https://docs.nextcloud.com/server/20/admin_manual/installation/installation_wizard.html#trusted-domains

So I went in, and added my subdomain, and rebooted.

 

Then it gave another error I forgot, so I tried to reverse it, by removing the sub domain, and now it says;

"Your data directory is invalid Ensure there is a file called ".ocdata" in the root of the data directory."

- So I checked if the file was missing, and it's not.

image.png.91b8f8d768099e3c9a61f837a5e1a1ae.png

 

I tried googling the error, and some places it says something about cron jobs.

I'm not sure how to proceed from now on, and I would prefer not to set it up again.

 

Does anyone have a solution?

Edited by Nanobug
Link to comment
17 hours ago, exist2resist said:

You shouldn't be changing anything in your ssl.conf, all your changes should happen in proxy-confs. 

I leave my ssl.conf alone, haven't touched it in years. 

Duck DNS?

One of the pieces of advice recommended earlier in this thread was to change exactly that.

I did, and it didn't work.

 

Yes, I set up my CNAMES on LuaDNS, and they're pointing towards a DuckDNS URL.

Link to comment
On 2/13/2021 at 12:31 PM, mrvilla said:

Hi suddenly could not longer access my nextcloud. both remote and local is unavailable

 

When entering the server there was loads and loads of error messages regarding the cache disk. It is an intel SSD and for some reason it had plenty of read errors.

This might cause the entire nextcloud to go down, I do not know. 

 

I will see if changing the ssd can fix the issue, but I guess that there is more to it than that.

 

The error message i get is:

 

Internal Server Error

The server was unable to complete your request.

If this happens again, please send the technical details below to the server administrator.

More details can be found in the server log.

 

Technical details

Remote Address: 192.168.0.92

Request ID: gAiXEogaBirsFLW0AM59

 

Not sure why it is referring to 92 when I am using 100. I have checked the server and the router and it is both confirming that the server is at 100. I also use 100 when logging into the server so where the 92 is comming from is unknown for me

Hi

 

AN update.

 

I have now changed the cache disk and everything is up an running but the Nextcloud is still giving me the same error message. There is nothing on my network on 92.

 

Any ideas?

 

I will see if I find the log files to attach here but not entirely sure where they are saved.

 

EDIT: I figure it out.

 

I remembered that I was struggling with an update a week or two ago.

I therefore went in and tried to update using the terminal. That went like a charm and now everything is working fine.

 

Edited by mrvilla
Link to comment

Would anyone have any thoughts regarding my Nextcloud going into "Maintenance Mode"? I was doing a update to the next stable update released and it seemed to be working fine. Then it said there was a error and went into Maintenance Mode where I can not access anything in my Nextcloud. My Nextcloud app in Unraid is up to date (and was prior to me updating it in Nextcloud.

 

Would anyone here know how I can fix this??  Will I end up having to completely delete and reinstall nextcloud in Unraid??  Surely not, but if I cant even log in to Nextcloud what else could I do???

Edited by SPOautos
Link to comment
8 hours ago, SPOautos said:

Would anyone have any thoughts regarding my Nextcloud going into "Maintenance Mode"? I was doing a update to the next stable update released and it seemed to be working fine. Then it said there was a error and went into Maintenance Mode where I can not access anything in my Nextcloud. My Nextcloud app in Unraid is up to date (and was prior to me updating it in Nextcloud.

 

Would anyone here know how I can fix this??  Will I end up having to completely delete and reinstall nextcloud in Unraid??  Surely not, but if I cant even log in to Nextcloud what else could I do???

Try with opening the Nextcloud console (click on Nextcloud icon on Docker page) and run this command: sudo -u abc php7 /config/www/nextcloud/occ maintenance:mode --off

Link to comment
On 2/16/2021 at 4:03 PM, Nanobug said:

Does anyone have a solution?

Don't know if it will help but I have the IP of my unraid server and the domain name of my nextcloud instance (nextcloud.mydomain.com) in the trusted domains. I would suggest you change that back and try to solve the other error.

Link to comment
3 hours ago, whitedwarf said:

Don't know if it will help but I have the IP of my unraid server and the domain name of my nextcloud instance (nextcloud.mydomain.com) in the trusted domains. I would suggest you change that back and try to solve the other error.

I started over today, and did the same thing.

Now it works.

I don't know why it didn't work the first time.

Link to comment
On 2/15/2021 at 9:36 AM, REllU said:

 

I went through this few weeks ago, I can't quite remember how I ended up with this one, but the "onlyoffice document server" from "Jidovu Marius Adrian's Repository" works for me.

Thank you so much. So I tried to set this docker with nextcloud and this is the error i see in the onlyoffice docker logs:

 

[2021-02-18T01:55:51.651] [ERROR] nodeJS - error downloadFile:url=https://nextcloud_local_IP:PORT/apps/onlyoffice/empty?doc=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhY3Rpb24iOiJlbXB0eSJ9.k_tE7DNfNBVA9l62Ze27ISHoDOKGNGNThmrL1TZ-Ex0;attempt=3;code:DEPTH_ZERO_SELF_SIGNED_CERT;connect:null;(id=conv_check_1265043125_docx)
Error: self signed certificate

NOTE: I have removed my local nextcloud IP and port from above error

----------------------------------------------------------------

AND - I see this error in nextcloud when I click on "save" button after entering my document editing service address:

Error when trying to connect (Error occurred in the document service: Error while downloading the document file to be converted.) (version 5.4.2.46)

 

----------------------------------------------------------------

- I see no errors in nextcloud logs

 

is there a workaround or fix for this, seems like something to do with the cert?

 

- I am able to open up onlyoffice docker internally and externally with my domain url no issues using https. and page shows document server is running.

- I am using SWAG, i basically copied the key and crt files from SWAG/keys/ directory to onlyoffice/DocumentServer/data/certs/onlyoffice.crt onlyoffice.key

- I have renamed the onlyoffice docker to documentserver

- in SWAG changed the onlyoffice proxy confg file to the following:

# only office doc server


server {
    listen 443 ssl;

    server_name subdomain.*;   < --removed my actual subdomain

    include /config/nginx/ssl.conf;

    client_max_body_size 0;


    location / {
                include /config/nginx/proxy.conf;
                resolver 127.0.0.11 valid=30s;
                set $upstream_docs documentserver;
                proxy_pass https://$upstream_docs:443;
                proxy_redirect off;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Host $server_name;
                proxy_set_header X-Forwarded-Proto $scheme;
        }
}

 

could someone please look at the details above and able to help me out. Please let me know if any other information is required.

I hope in near future there can be a simpler way to integrate these 2 together.

 

Link to comment

Recently I switched ISP together with their mandatory router. Unfortunately the new router has a different IP range 192.168.1.* instead of my previous 192.168.0.*. and it doesn't allow me to change that.

So that meant that my Nextcloud/mariadb/swag setup wasn't going to work anymore.

I changed a few settings in the /appdata/nextcloud/www/nextcloud/config/config.php file to the correct ip addresses and also the nextcloud.subdomain.conf file in Swag. Also I portmapped everything again on the new router which seem to work, my DNS also works.

But anyone know why Nextcloud won't run when I try to access it locally but does work when accessed outside my own network? I just don't get it why it's doing that?

Link to comment
43 minutes ago, jonasdegent said:

Recently I switched ISP together with their mandatory router. Unfortunately the new router has a different IP range 192.168.1.* instead of my previous 192.168.0.*. and it doesn't allow me to change that.

So that meant that my Nextcloud/mariadb/swag setup wasn't going to work anymore.

I changed a few settings in the /appdata/nextcloud/www/nextcloud/config/config.php file to the correct ip addresses and also the nextcloud.subdomain.conf file in Swag. Also I portmapped everything again on the new router which seem to work, my DNS also works.

But anyone know why Nextcloud won't run when I try to access it locally but does work when accessed outside my own network? I just don't get it why it's doing that?

You need to set the IP in config.php if I remember correctly. Under the trusted domains array.

Link to comment
On 2/3/2021 at 10:17 PM, Coy said:

Im having issues with a nextcloud update that I just did. It tells me "This version of Nextcloud is not compatible with > PHP 7.3. You are currently running 7.4.14." Im really not sure what to do. Can anyone help me?

 

 

EDIT: I finally figured out how to change versions. I tried 20.0.7,20.0.6,20.0.5. I landed on 20.0.4 and im working again.

OK, how do u do that ?

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.