kamhighway Posted August 28, 2016 Share Posted August 28, 2016 There are four files that need to be edited. First: On my system is at /mnt/cache/appdata/letsencrypt/nginx/site-confs/default. The exact location of your file depends on where you mapped /config to for Aptalca's docker. Here is my file: server { listen 443 ssl default_server; root /config/www; index index.html index.htm index.php; server_name kamhighway.com www.kamhighway.com ; ssl_certificate /config/keys/fullchain.pem; ssl_certificate_key /config/keys/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on; client_max_body_size 0; location / { try_files $uri $uri/ /index.html /index.php?$args =404; } location /nextcloud { include /config/nginx/proxy.conf; proxy_pass https://192.168.x.xxx:xxx/nextcloud; } } Second: /mnt/cache/letsecrypt/nginx/proxy.conf. This file does not exist in a fresh install. It must be created. I copied this from Aptalca's post on page 5 of the support forum for letsencript. Here's mine: client_max_body_size 10m; client_body_buffer_size 128k; #Timeout if the real server is dead proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; # Advanced Proxy Config send_timeout 5m; proxy_read_timeout 240; proxy_send_timeout 240; proxy_connect_timeout 240; # Basic Proxy Config proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_redirect http:// $scheme://; proxy_http_version 1.1; proxy_set_header Connection ""; proxy_cache_bypass $cookie_session; proxy_no_cache $cookie_session; proxy_buffers 32 4k; Third: /mnt/cache/appdata/nextcloud/config/nginx/site-confs/defaults. Look for this: # Path to the root of your installation root /config/www/nextcloud/; # set max upload size client_max_body_size 10G; fastcgi_buffers 64 4K; Change it to this: # Path to the root of your installation root /config/www/; # set max upload size client_max_body_size 10G; fastcgi_buffers 64 4K; Fourth: /mnt/cache/appdata/nextcloud/config/www/nextcloud/config/config.php. Here is mine: <?php $CONFIG = array ( 'memcache.local' => '\\OC\\Memcache\\APCu', 'datadirectory' => '/data', 'instanceid' => 'xxxxxxxxxxxxxxx', 'passwordsalt' => 'xxxxxxxxxxxxxxxxxxxxxxxx', 'secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', 'trusted_domains' => array ( 0 => '192.168.x.xxx', 1 => 'www.kamhighway.com', 2 => 'kamhighway.com', ), 'trusted_proxies' => array ( 0 => '192.168.x.xxx', ), 'overwritewebroot' => '/nextcloud', 'overwritehost' => 'kamhighway.com', 'overwrite.cli.url' => 'https://192.168.x.xxx', 'dbtype' => 'mysql', 'version' => '9.0.51.0', 'dbname' => 'nextcloud', 'dbhost' => '192.168.x.xxx:3306', 'dbtableprefix' => 'oc_', 'dbuser' => 'xxxxxxx', 'dbpassword' => 'xxxxxxxxxxxxxxxxxxxxxxxx', 'logtimezone' => 'UTC', 'installed' => true, 'mail_smtpmode' => 'smtp', 'ldapIgnoreNamingRules' => false, ); After you make these changes to the four files, make these changes to the dockers Map port 443 on Aptalca's docker to port 443 on the host. Set your router to forward port 443 to port 443 on your unraid server. On LSIO's nextcloud docker change the web UI to point to https://192.168.x.xxx:xxx/nextcloud/. Restart both dockers. You should now be able to a reach nextcloud from outside of your network at https://domain.com/nextcloud/ From inside your network, you can reach nextcloud at https://192.168.x.xxx:xxx/nextcloud/. Hope this is helpful to someone. Quote Link to comment
Kewjoe Posted September 10, 2016 Share Posted September 10, 2016 Thanks Kam, this helped me get some things sorted out. Quote Link to comment
Azza666 Posted September 10, 2016 Share Posted September 10, 2016 Worked for me. I'd been having trouble getting this to work. Cheers! Quote Link to comment
kamhighway Posted September 10, 2016 Author Share Posted September 10, 2016 @Azza666 and @Kewjoe, Glad this post was helpful to you. I tried a lot of things, and when I finally got it working I knew that if I didn't write it down I'd never be able to redo it if I had to. Thought this was a good place to write it down so I could find it again if needed and also to see if I am the only one having these problems. Quote Link to comment
Kewjoe Posted September 10, 2016 Share Posted September 10, 2016 btw Kam, Is this a correct path for you? "Fourth: /mnt/cache/appdata/nextcloud/config/www/nextcloud/config/config.php. Here is mine:" for me it's "/mnt/cache/appdata/nextcloud/www/nextcloud/config/config.php" Wasn't sure if it's a typo in your post or if your setup is different than mine Quote Link to comment
kamhighway Posted September 11, 2016 Author Share Posted September 11, 2016 @kewjoe, That is the correct path on my system. For the docker I have the container's /config mapped to /mnt/cache/appdata/nextcloud/config. If you have your's mapped to /mnt/cache/appdata/nextcloud then I can your path is correct. Thanks for pointing that out. It just goes to show you how hard it is to write instructions that will work for everyone's configuration. Quote Link to comment
Bjonness406 Posted September 17, 2016 Share Posted September 17, 2016 Thanks for this guide! I got a little problem, this is working fine when I access it from a web browser, but when I try to access the server from my phone with the nextcloud app (android), it does not find the server. Any idea what is causing this? Quote Link to comment
CHBMB Posted September 17, 2016 Share Posted September 17, 2016 Thanks for this guide! I got a little problem, this is working fine when I access it from a web browser, but when I try to access the server from my phone with the nextcloud app (android), it does not find the server. Any idea what is causing this? Sort out the first issue before starting on the next! And I thought you were using Apache?! Quote Link to comment
Bjonness406 Posted September 17, 2016 Share Posted September 17, 2016 Thanks for this guide! I got a little problem, this is working fine when I access it from a web browser, but when I try to access the server from my phone with the nextcloud app (android), it does not find the server. Any idea what is causing this? Sort out the first issue before starting on the next! And I thought you were using Apache?! I switch between apache and nginx with letsencrypt. I originally did set up apache, but later find out about nginx with letsencrypt so had to try that. Only changes between nginx and apache is the one line in nextcloud, so easy to switch. with apache I can't connect to the local server, and with nginx I can't connect to my phones.. The differnce between them is this line (first post), I keep the "nextcloud/" part it in apache, but remove it in nginx. root /config/www/nextcloud/; Quote Link to comment
CHBMB Posted September 17, 2016 Share Posted September 17, 2016 Thanks for this guide! I got a little problem, this is working fine when I access it from a web browser, but when I try to access the server from my phone with the nextcloud app (android), it does not find the server. Any idea what is causing this? Sort out the first issue before starting on the next! And I thought you were using Apache?! I switch between apache and nginx with letsencrypt. I originally did set up apache, but later find out about nginx with letsencrypt so had to try that. Only changes between nginx and apache is the one line in nextcloud, so easy to switch. with apache I can't connect to the local server, and with nginx I can't connect to my phones.. The differnce between them is this line (first post), I keep the "nextcloud/" part it in apache, but remove it in nginx. root /config/www/nextcloud/; If you'd told me that in your other post it might have saved me a fair bit of time trying to work out a solution for you. I've replied in our support thread. Quote Link to comment
Bjonness406 Posted September 18, 2016 Share Posted September 18, 2016 Set this up on a new server now just to test. I copied everything you did, just put on my own dns name instead. Now I can access nextcloud from my browser on both the local and external ip/dns name and from the iOS app, but NOT from the android app. I can access nextcloud from the browser on my phone, but not the app. Anyone has any idea? Can someone test if it is the same to you, or if it works for you with the setup in first post. Quote Link to comment
kamhighway Posted September 20, 2016 Author Share Posted September 20, 2016 I just tested accessing nextcloud from Chrome on Android and it works. The settings I used to reverse proxy nextcloud with aptalca's nginx-letsencrypt container are identical to what is posted in the original posting. Quote Link to comment
Bjonness406 Posted September 23, 2016 Share Posted September 23, 2016 Finally got it working, copied kamhighway's configs in the excact same order then it worked.. Posting my config below /mnt/cache/appdata/Nginx-letsencrypt/nginx/site-confs/default server { listen 80; listen 443 ssl default_server; if ($scheme = http) { return 301 https://xxx.ddns.net$request_uri; } root /config/www; index index.html index.htm index.php; server_name xxx.ddns.net; ssl_certificate /config/keys/fullchain.pem; ssl_certificate_key /config/keys/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on; client_max_body_size 0; location / { try_files $uri $uri/ /index.html /index.php?$args =404; } location /nextcloud { include /config/nginx/proxy.conf; proxy_pass https://192.168.1.2:444/nextcloud; } location /request { include /config/nginx/proxy.conf; proxy_pass http://192.168.1.2:3579/request; } } /mnt/cache/appdata/nextcloud/www/nextcloud/config/config.php <?php $CONFIG = array ( 'memcache.local' => '\\OC\\Memcache\\APCu', 'datadirectory' => '/data', 'instanceid' => xxxxxxxxxx', 'passwordsalt' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx', 'secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', 'trusted_domains' => array ( 0 => '192.168.1.2:444', ), 'trusted_proxies' => array ( 0 => '192.168.1.2', ), 'overwritewebroot' => '/nextcloud', 'overwritehost' => 'xxx.ddns.net', 'overwrite.cli.url' => 'https://192.168.1.2:444/nextcloud', 'dbtype' => 'mysql', 'version' => '9.1.0.16', 'dbname' => 'NextCloud', 'dbhost' => '192.168.1.2:3306', 'dbtableprefix' => 'oc_', 'dbuser' => 'oc_xxxxxxxxxx', 'dbpassword' => 'xxxxxxxxxxxxxxxxxxxxxxxxxx', 'logtimezone' => 'UTC', 'installed' => true, 'maintenance' => false, 'loglevel' => 2, 'mail_smtpmode' => 'php', ); "/mnt/cache/appdata/Nginx-letsencrypt/nginx/proxy.conf" and "/mnt/cache/appdata/nextcloud/nginx/site-confs/default" is the same as in OP Quote Link to comment
Bjonness406 Posted September 23, 2016 Share Posted September 23, 2016 Anyone know how to get rid of these warnings? Not very important, but would be nice. The "X-XSS-Protection" HTTP header is not configured to equal to "1; mode=block". This is a potential security or privacy risk and we recommend adjusting this setting. The "X-Content-Type-Options" HTTP header is not configured to equal to "nosniff". This is a potential security or privacy risk and we recommend adjusting this setting. The "X-Robots-Tag" HTTP header is not configured to equal to "none". This is a potential security or privacy risk and we recommend adjusting this setting. The "X-Frame-Options" HTTP header is not configured to equal to "SAMEORIGIN". This is a potential security or privacy risk and we recommend adjusting this setting. Quote Link to comment
peter_sm Posted September 23, 2016 Share Posted September 23, 2016 Check Nextcloud threed , I posted a solution to this Skickat från min iPhone med Tapatalk Quote Link to comment
Bjonness406 Posted September 23, 2016 Share Posted September 23, 2016 Check Nextcloud threed , I posted a solution to this Skickat från min iPhone med Tapatalk Thanks, that fixed it! Posting link here, if anyone later need it. https://lime-technology.com/forum/index.php?topic=50090.msg497684#msg497684 Quote Link to comment
kamhighway Posted September 23, 2016 Author Share Posted September 23, 2016 @bjonness406, Can you post the changes you made. If I can duplicate your results I'll update the instructions in the original post. Quote Link to comment
Bjonness406 Posted September 23, 2016 Share Posted September 23, 2016 @bjonness406, Can you post the changes you made. If I can duplicate your results I'll update the instructions in the original post. I realised my config was a bit different than yours, then I copied your config exact it worked. I think the issue was the order I had some of the lines in, after I changed that everything worked. (in the /mnt/cache/appdata/nextcloud/www/nextcloud/config/config.php file). Thank you very much for the great post btw! Quote Link to comment
perhansen Posted October 21, 2016 Share Posted October 21, 2016 Damn... i messed up... i think. This morning everything worked fine. I was trying to add peter_sm fix for the warning in nextcloud, but that ended up i a "502 bad gateway" page. I then removed the line i just add, but that didn't changed anything, still bad gateway. I tried different browsers, restarted nextcloud and letsencrypt docker, without any luck. this is my nextcloud config.php <?php $CONFIG = array ( 'memcache.local' => '\\OC\\Memcache\\APCu', 'datadirectory' => '/data', 'instanceid' => 'octetfa9q409', 'passwordsalt' => 'xxxxxxxxxxxxxxxxxxxx', 'secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', 'trusted_domains' => array ( 0 => '192.168.x.xxx:xxx', 1 => 'www.xxx.dk', 2 => 'xxx.dk', ), 'trusted_proxies' => array ( 0 => '192.168.xx.xxx', ), 'overwritewebroot' => '/nextcloud', 'overwritehost' => 'xxxx.dk', 'overwrite.cli.url' => 'https://192.168.xx.xxx:xxx/nextcloud', 'dbtype' => 'mysql', 'version' => '9.1.1.5', 'dbname' => 'nextcloud', 'dbhost' => '192.168.xx.xxx:3305', 'dbport' => '', 'dbtableprefix' => 'oc_', 'dbuser' => 'oc_xxxxxxx', 'dbpassword' => 'xxxx', 'logtimezone' => 'UTC', 'installed' => true, ); This i added to letsencrypt default site-confs location /nextcloud { include /config/nginx/proxy.conf; proxy_pass https://192.168.x.xxx:xxx/nextcloud; } } ---edit--- started from scratch, now everything is working again. Quote Link to comment
Fma965 Posted November 7, 2016 Share Posted November 7, 2016 Any one else getting this when they try to enable app/plugin on nextcloud? "Error while enabling app" nothing in log. reverse proxying via nginx letsencrypt docker Quote Link to comment
CHBMB Posted November 7, 2016 Share Posted November 7, 2016 Any one else getting this when they try to enable app/plugin on nextcloud? "Error while enabling app" nothing in log. reverse proxying via nginx letsencrypt docker No, and without more detail kind of difficult to help.... What app/plugin? Quote Link to comment
Fma965 Posted November 7, 2016 Share Posted November 7, 2016 Any one else getting this when they try to enable app/plugin on nextcloud? "Error while enabling app" nothing in log. reverse proxying via nginx letsencrypt docker No, and without more detail kind of difficult to help.... What app/plugin? any app, but i have figured out this in my nginx conf is the problem... location / { try_files $uri $uri/ /index.html /index.php?$args =404; } location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } how can i modify this to work for my index.php and various other files in the root of www but also have nextcloud work? UPDATE: For now i have it working by doing this but surely there is a better way? location / { try_files $uri $uri/ /index.html /index.php?$args =404; } location ~ ^/(index.php|setup.php|settings.php|settings.ini.php) { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } These files i'm referencing are for a custom dashboard system i use for my homepage. Quote Link to comment
CHBMB Posted November 7, 2016 Share Posted November 7, 2016 Ah, I see, I run my nextcloud as nextcloud.server.com seen way too many problems running it on server.com/nextcloud Sorry. Quote Link to comment
Fma965 Posted November 9, 2016 Share Posted November 9, 2016 Ah, I see, I run my nextcloud as nextcloud.server.com seen way too many problems running it on server.com/nextcloud Sorry. i don't want more domains on my cloudflare list it's already got loads, i have 1 for unraid (Secure) and 1 for the others this fix above works for me to make PHP files work (whitelist essentially) and also have nextcloud work. Quote Link to comment
poldim Posted January 25, 2017 Share Posted January 25, 2017 I had nextcloud working with mariadb but after trying to get it working with lets encrypt it's broken. I noticed the config file is missing the mysql reference you guys have. Is this part of the problem? <?php $CONFIG = array ( 'memcache.local' => '\\OC\\Memcache\\APCu', 'datadirectory' => '/data', 'instanceid' => 'xxxxxx', 'passwordsalt' => 'xxxxxx', 'secret' => 'xxxxxx', 'trusted_domains' => array ( 0 => '192.168.2.100', 1 => 'www.domain.me', 2 => 'domain.me', ), 'trusted_proxies' => array ( 0 => '192.168.2.100', ), 'overwritewebroot' => '/nextcloud', 'overwritehost' => 'domain.me', 'overwrite.cli.url' => 'https://192.168.2.100', 'dbtype' => 'sqlite3', 'version' => '11.0.0.10', 'logtimezone' => 'UTC', 'installed' => true, ); Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.