[Support] Linuxserver.io - Nextcloud


4868 posts in this topic Last Reply

Recommended Posts

1 minute ago, goodstartola said:

I still cant get rid of this problem. Someone suggested i tried to disable maintenance mode but that didnt work either.

I have uninstalled the docker and reinstalled but same problem.

 

Is OwnCloud better?

Please help me.

 

Can't help you with the information we know, best guess I got is you attempted to upgrade from V10 to V12 or something major like that.  If I were you, I'd delete my appdata but keep your /data and install from fresh with a new mariadb database.  That way you won't lose all your files.

Link to post
  • Replies 4.9k
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

Application Name: Nextcloud Application Site: https://nextcloud.com/ Docker Hub: https://hub.docker.com/r/linuxserver/nextcloud/ Github: https://github.com/linuxserver/docker-nextcl

Here's my list of instructions....    Use them at your own risk.....   If upgrading to v12 please see here:   ##Turn on maintenance mode docker exec -it nextcloud occ m

Thanks, fixed for me as well, and I also added this line add_header Referrer-Policy no-referrer always; to appdata/nextcloud/nginx/site-confs/default   And now I have a green

Posted Images

On 6/6/2017 at 2:18 PM, aleary said:

 

 

 

Hi guys,

I had still been having problems with protected SMB/CIFS shares on releases after 60, but I've found a solution.

 

I don't have an actual windows domain on my home network so, like most, my Unraid host and Windows clients are using the default workgroup called "WORKGROUP".

When originally adding my shares I had left the "Domain" field empty and authentication for shares on my Unraid host worked fine with just username and password configured.

 

@CHBMB I noticed in your screenshot that you had the domain set as "WORKGROUP", so having added that to each of mine they now work perfectly.

 

Looks like something changed in the handling of the "Domain" field from release 61 onwards, with an empty domain no longer being treated like a workgroup.

 

/Alan.

 

Thanks, your advice worked like a charm! In my case, if the SMB Security level was set to "Secure", the share was accessible from within Nextcloud even without adding the domain in the External Storages settings. The issue arose only when the SMB Security level was set to "Private"; in this case, even if the user was granted full access to the share, Nextcloud wasn't able to connect to it without specifying the domain.

Edited by Drakknar
Link to post

Has any one had issues with response times with this docker.  I have been using it for a while now.  Something happened around the upgrade to version 11.  I think in particular v11.03. Nextcloud slowed down to a point of being unusable.  I have uninstalled.  Cleared out all the files. Reinstalled mariadb/nextcloud/letsencrypt.  It is currently running the latest version 12. Everything works but way too slow.

 

Have I missed something in setup to make it so slow?

 

I am also having issues connecting to the android client.  It fails with a "Server took too long to respond message"

 

Any clues.

 

Failing that is it possible to get the version 10 nextcloud docker for unraid.  That seemed to be the last one that worked for me.

Link to post
1 hour ago, Jessie said:

Has any one had issues with response times with this docker.  I have been using it for a while now.  Something happened around the upgrade to version 11.  I think in particular v11.03. Nextcloud slowed down to a point of being unusable.  I have uninstalled.  Cleared out all the files. Reinstalled mariadb/nextcloud/letsencrypt.  It is currently running the latest version 12. Everything works but way too slow.

 

Have I missed something in setup to make it so slow?

 

I am also having issues connecting to the android client.  It fails with a "Server took too long to respond message"

 

Any clues.

 

Failing that is it possible to get the version 10 nextcloud docker for unraid.  That seemed to be the last one that worked for me.

 

I had similar client timeout issues after changing my letsencrypt/nextcloud settings. (I was changing from www.mydomain.com/nextcloud to nextcloud.mydomain.com)

It turned out that the Android and Windows clients repeatedly attempted to connect using the old URL before I managed to change their settings to the new URL.

 

The BruteForce Login Protection in Nextcloud kicked in and slowed/prevented all my client apps from connecting.

 

You may have run into the effects of this feature too.

 

Check the admin log for entries like the following:

 

   Bruteforce attempt from "172.17.0.1" detected for action ...

 

Also check  the "oc_bruteforce_attempts" table in your database. Clearing out the relevant entries in this table resolved the problem for me.

 

/Alan.

Link to post

Thanks for this and for all the previous members who have helped others out.

Your information helps a lot :)

Had a few hiccups, but with no prior knowledge I had this all up and running within 2 hours.

Added in all my programs, port forwards, outside access with nextcloud etc.

 

Scored an A on SSLlabs.

100/95/90/90.

Way in over my head here but these are what dragged my score down.

Would love to get the A+ but a bit scared to tinker with this.

 

DNS CAA No (more info)

TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)   WEAK

Java 6u45   No SNI 2 Client does not support DH parameters > 1024 bits
RSA 4096 (SHA256)   |  TLS 1.0  |  TLS_DHE_RSA_WITH_AES_128_CBC_SHA  |  DH 2048


 

Link to post
On 14.6.2017 at 6:26 PM, aleary said:

 

I had similar client timeout issues after changing my letsencrypt/nextcloud settings. (I was changing from www.mydomain.com/nextcloud to nextcloud.mydomain.com)

It turned out that the Android and Windows clients repeatedly attempted to connect using the old URL before I managed to change their settings to the new URL.

 

The BruteForce Login Protection in Nextcloud kicked in and slowed/prevented all my client apps from connecting.

 

You may have run into the effects of this feature too.

 

Check the admin log for entries like the following:

 

   Bruteforce attempt from "172.17.0.1" detected for action ...

 

Also check  the "oc_bruteforce_attempts" table in your database. Clearing out the relevant entries in this table resolved the problem for me.

 

/Alan.

 

Thanks, this solved my issues with logon performance.

 

Br,

Johannes

Link to post

So I'm having a b**ch of a time trying to expose my Nextcloud docker to the internet. I have OwnCloud running already (works fine).

I have installed the docker and pointed it at port 8888 (which is NAT forwarded on my router to my unraid host IP, same as owncloud).

 

The config.php is allowing my external domain and internal scope as trusted networks (same as owncloud):

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => 'ocjd0rpgflo6',
  'passwordsalt' => 'ssssshhhhhh',
  'secret' => 'sssshhhhhh',
  'trusted_domains' =>
  array (
    0 => 'xxx.xxx.xxx.xxx:8888',
    1 => 'myhost.mydomain.com:8888',
  ),
  'overwrite.cli.url' => 'https://xxx.xxx.xxx.xxx:8888',
  'dbtype' => 'sqlite3',
  'version' => '12.0.0.29',
  'dbname' => 'nextcloud',
  'dbhost' => 'xxx.xxx.xxx.xxx:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'oc_tophicles',
  'dbpassword' => 'mydbpass',
  'installed' => true,
);

 

No matter what I cannot get to this from the outside. I've tried numerous ports, no luck.

The port forward on my router is attached as a PNG.

Everything else is standard as the docker has installed in as far as nginx configurations etc.

 

Here's the output from the docker launch:

 

root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name="nextcloud" --net="bridge" -e TZ="America/New_York" -e HOST_OS="unRAID" -e "PUID"="99" -e "PGID"="100" -p 8888:443/tcp -v "/mnt/user/nextcloud/":"/data":rw -v "/mnt/extra/dockers/nextcloud":"/config":rw linuxserver/nextcloud
c582df2eaf02da6e3a22910e047c6f7c2fccbdfb29e17a480373d1f13218b92f

The command finished successfully!

 

It seems that something is blocking the NAT but I don't know what. No stranger to port forwarding, just totally lost on this one.

do I *have* to setup a reverse-proxy to get this outside? I shouldn't think so, but most guides seem to have this as a component.

Any pointers would be greatly appreciated, any clarification or supplemental information can be given upon request.

 

Thank you for your time

 

 

 

 

Capture.PNG

Edited by Tophicles
Link to post
1 hour ago, Tophicles said:

 

Capture.PNG

 

Silly question I know but don't you need the IP address of your docker on unraid entered into that empty box?

 

Or is that what you have blanked? which would be odd as it should be an internal address on your LAN. 

Link to post
17 minutes ago, local.bin said:

 

Silly question I know but don't you need the IP address of your docker on unraid entered into that empty box?

 

Or is that what you have blanked? which would be odd as it should be an internal address on your LAN. 

 

That's what I have blanked... the first one is an (optional) source network IP. Don't need that in that any of the other NAT rules I have that are working. I just blanked it out of habit.... lol

Edited by Tophicles
Link to post

Hello all, I asked for assistance regarding this issue before but have not been able to get it figured out. Basically my unRAID server is behind a VPN (AirVPN) running on my Asus Merlin Router with OpenVPN and everything behind the router goes through the VPN. I am trying to figure out a way to have a single address where I can access my Nextcloud whether it is remotely vs at home instead of having to switch from remote address to local IP address. Not sure if I must setup a reverse proxy or purchase a domain to redirect in order to do this. Any assistance would be appreciated. Please is my setup. Thank you in advance!!

I am trying to setup access to Nextcloud on my home server running on unRAID. I currently have the local IP of next cloud as:

https://192.168.1.75:443

This port has been forward on AirVPN port forwarding as TCP/UDP 3800 to local port 443.

I have the following nat-start script on my ASUS router running Merlin in /jffs/scripts:

 

iptables -I FORWARD -i tun11 -p udp -d 192.168.1.75 --dport 443 -j ACCEPT
iptables -I FORWARD -i tun11 -p tcp -d 192.168.1.75 --dport 443 -j ACCEPT
iptables -t nat -I PREROUTING -i tun11 -p tcp --dport 443 -j DNAT --to-destination 192.168.1.75
iptables -t nat -I PREROUTING -i tun11 -p udp --dport 443 -j DNAT --to-destination 192.168.1.75


The router has a static IP set for 192.168.1.75. 

Also there is a setting under OpenVPN client in the router to "Redirect internet traffic" for which I have selected Policy rules and set 192.168.1.75 to be directed through the VPN instead of WAN.

I can easily access Nextcloud via https://****.airdns.org:3800.

However when I try to access internally, on local WiFi, via this address it times out. I tried to setup a forwarding through no-ip.com, eg., https://****.ddns.net redirected to AirVPN-exitIP:3800 but that doesn't seem to work either.

Any ideas how I can get this to work both externally and internally through a single address? Do I need to setup a relay?

Thank you!!

Link to post
15 hours ago, blahblah0385 said:

Hello all, I asked for assistance regarding this issue before but have not been able to get it figured out. Basically my unRAID server is behind a VPN (AirVPN) running on my Asus Merlin Router with OpenVPN and everything behind the router goes through the VPN. I am trying to figure out a way to have a single address where I can access my Nextcloud whether it is remotely vs at home instead of having to switch from remote address to local IP address. Not sure if I must setup a reverse proxy or purchase a domain to redirect in order to do this. Any assistance would be appreciated. Please is my setup. Thank you in advance!!

I am trying to setup access to Nextcloud on my home server running on unRAID. I currently have the local IP of next cloud as:

https://192.168.1.75:443

This port has been forward on AirVPN port forwarding as TCP/UDP 3800 to local port 443.

I have the following nat-start script on my ASUS router running Merlin in /jffs/scripts:

 


iptables -I FORWARD -i tun11 -p udp -d 192.168.1.75 --dport 443 -j ACCEPT
iptables -I FORWARD -i tun11 -p tcp -d 192.168.1.75 --dport 443 -j ACCEPT
iptables -t nat -I PREROUTING -i tun11 -p tcp --dport 443 -j DNAT --to-destination 192.168.1.75
iptables -t nat -I PREROUTING -i tun11 -p udp --dport 443 -j DNAT --to-destination 192.168.1.75


The router has a static IP set for 192.168.1.75. 

Also there is a setting under OpenVPN client in the router to "Redirect internet traffic" for which I have selected Policy rules and set 192.168.1.75 to be directed through the VPN instead of WAN.

I can easily access Nextcloud via https://****.airdns.org:3800.

However when I try to access internally, on local WiFi, via this address it times out. I tried to setup a forwarding through no-ip.com, eg., https://****.ddns.net redirected to AirVPN-exitIP:3800 but that doesn't seem to work either.

Any ideas how I can get this to work both externally and internally through a single address? Do I need to setup a relay?

Thank you!!

 

I'm not quite sure how to fix your specific setup, i.e. using AirVPN, etc., but I've got mine set up so I can use the same URL whether internally, externally or over VPN.

 

Basically, I'm using the LetsEncrypt docker to provide SSL and Reverse-Proxy for Nextcloud and other dockers. My router is then configured to forward port 443 from outside to the LetsEncrypt docker, which in turn proxies connections to the NextCloud docker. Internally, I'm using DNSMasq for DNS and to override the external hostname with the IP address of the LetsEncrypt docker.

 

In all cases I'm connecting to the URL https://nextcloud.mydomain.com:443/ which connects to the LetsEncrypt docker. I don't connect to NextCloud directly.

 

So, from outside I connect to https://nextcloud.mydomain.com:443/  which the router forwards to the LetsEncrypt docker at https://192.168.x.x:443/. This then proxies on to the NextCloud instance at https://192.168.x.x:943/

 

On my local network, DNSMasq is configured to resolve "nextcloud.mydomain.com" to "192.168.x.x", which means that I can use the same hostname to connect to the LetsEncrypt proxy internally.

 

When connected over VPN, I have DNS configured to resolve over the VPN connection, so this works as if I were on the internal network, again using DNSMasq to provide the internal IP address for "nextcloud.mydomain.com".

 

Hope that might give you some ideas.

 

/Alan.

Link to post
4 hours ago, aleary said:

 

I'm not quite sure how to fix your specific setup, i.e. using AirVPN, etc., but I've got mine set up so I can use the same URL whether internally, externally or over VPN.

 

Basically, I'm using the LetsEncrypt docker to provide SSL and Reverse-Proxy for Nextcloud and other dockers. My router is then configured to forward port 443 from outside to the LetsEncrypt docker, which in turn proxies connections to the NextCloud docker. Internally, I'm using DNSMasq for DNS and to override the external hostname with the IP address of the LetsEncrypt docker.

 

In all cases I'm connecting to the URL https://nextcloud.mydomain.com:443/ which connects to the LetsEncrypt docker. I don't connect to NextCloud directly.

 

So, from outside I connect to https://nextcloud.mydomain.com:443/  which the router forwards to the LetsEncrypt docker at https://192.168.x.x:443/. This then proxies on to the NextCloud instance at https://192.168.x.x:943/

 

On my local network, DNSMasq is configured to resolve "nextcloud.mydomain.com" to "192.168.x.x", which means that I can use the same hostname to connect to the LetsEncrypt proxy internally.

 

When connected over VPN, I have DNS configured to resolve over the VPN connection, so this works as if I were on the internal network, again using DNSMasq to provide the internal IP address for "nextcloud.mydomain.com".

 

Hope that might give you some ideas.

 

/Alan.

 

 Did you purchase a domain name in order to set this up or were you able to use a dynamic DNS service like no – IP.com 

Link to post
31 minutes ago, blahblah0385 said:

 

 Did you purchase a domain name in order to set this up or were you able to use a dynamic DNS service like no – IP.com 

 

I had a domain name already, so I haven't tried it with a DDNS domain name. 

 

From doing a quick search, it seems that it is possible to use LetsEncrypt with sub-domains from DDNS services. It looks like there were problems in the past with limits on the number of certificates issued per domain, but as long as the domain used is on the public suffix list (https://publicsuffix.org), that shouldn't be a problem.

 

Some of the guys on the LetsEncrypt docker forum may be able to provide more info on that type of setup.

 

Edited by aleary
Link to post
2 hours ago, aleary said:

 

I had a domain name already, so I haven't tried it with a DDNS domain name. 

 

From doing a quick search, it seems that it is possible to use LetsEncrypt with sub-domains from DDNS services. It looks like there were problems in the past with limits on the number of certificates issued per domain, but as long as the domain used is on the public suffix list (https://publicsuffix.org), that shouldn't be a problem.

 

Some of the guys on the LetsEncrypt docker forum may be able to provide more info on that type of setup.

 

 

Ok thanks I will give it a try.

 

Noob question. I plan on following the guide here: https://www.linuxserver.io/2017/05/10/installing-nextcloud-on-unraid-with-letsencrypt-reverse-proxy/

 

Do I need to install Apache? Doesn't seem like I need to with LetsEncrypt and reverse proxy.

 

How do you setup DNSMasq? I don't see an app for it. Is it just a script? thanks. 

Link to post
8 hours ago, blahblah0385 said:

 

Ok thanks I will give it a try.

 

Noob question. I plan on following the guide here: https://www.linuxserver.io/2017/05/10/installing-nextcloud-on-unraid-with-letsencrypt-reverse-proxy/

 

Do I need to install Apache? Doesn't seem like I need to with LetsEncrypt and reverse proxy.

 

How do you setup DNSMasq? I don't see an app for it. Is it just a script? thanks. 

 

I highly recommend that guide by @CHBMB.

 

No need to go near Apache. The LetsEncrypt docker uses Nginx, which is also a web server. It works well for this and I believe is less resource hungry than Apache.

 

DNSMasq is a light weight DNS & DHCP server and is actually used in many routers. Yours may be using it already. Other DNS services should be able to easily configure the same.

 

Basically, I have a static IP address assigned to my Unraid server "unraid.localdomain", but have additional alternative names configured too, i.e. "nextcloud.mydomain.com", so the router resolves requests for both names to the same local static IP address, e.g. 192.168.x.x.

 

Edited by aleary
Link to post

So, I've followed the linuxsever install guide, and have letsencrypt working, as well as my mariadb nextcloud db. However when I install the nextcloud container and open the ui for the first time I'm unable to access via https and can only get to the login page by normal http. Any idea why this is?

Link to post
41 minutes ago, zandrsn said:

So, I've followed the linuxsever install guide, and have letsencrypt working, as well as my mariadb nextcloud db. However when I install the nextcloud container and open the ui for the first time I'm unable to access via https and can only get to the login page by normal http. Any idea why this is?

 

Also, after I setsetup my nextcloud via http and set up a letsencrypt reverse proxy (following the LS guide), when I try to access my nextcloud Webui I just get the default index page instead of the nextcloud Webui:

Welcome to our server

The website is currently being setup under this address.

For help and support, please contact: me@example.com

or, if I get rid of my default letsencrypt ngix site-conf and just leave the nextcloud conf, when I try to open my nextcloud WebUI (via my Unraid dashboard), I get a https version of my nextcloud.server.com page that times out ERR_TIMED_OUT.

Do I need to change anything in my default site-conf file to be able to access my nextcloud ui or is this a problem with https access on my server perhaps?

Edited by zandrsn
updating
Link to post

I have an issue where I need to set the binlog format to MIXED every time I restart my MariaDB for Nextcloud.

 

I have BINLOG_FORMAT = MIXED set in the custom.cnf file, but every single time I restart the database container I have to reset the global binlog format.

 

Any ideas where to begin?

Screen Shot 2017-07-05 at 7.31.57 AM.png

 

EDIT: Ah, turns out it was a permissions issue (isn't everything?). 

 

FWIW, the error I was getting in the MariaDB log was:

 

"Warning: World-writable config file '/etc/mysql/conf.d/custom.cnf' is ignored"

 

Fix that seems to have worked: sudo chmod 0644 /mnt/user/appdata/mariadb/custom.cnf

Edited by nlash
Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.