App or client connection issue

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP, AIO)
, ,
1

Nextcloud version : 29.0.03
Operating system and version: OpenMediaVault-7.2.1-1 /
Traefik Version: v3.0
Docker Version: 5:26.1.4

The issue you are facing:
Unable to connect from android app, or Win Desktop Client, recive error stating “Access Forbidden” and “App Not Enabled”

Is this the first time you’ve seen this error? : N

Steps to replicate it:

  1. Start Docker compose with the following compose file.

networks:
frontend:
external: true
name: FrontEnd
backend:
external: true
name: backend
traefik-proxy:
external: true

volumes:
db:
driver: local
driver_opts:
o: bind
type: none
device: /srv/dev-disk-by-uuid-d1ebcbe5-f573-4a7f-becf-a91b7e43be08/cloud/_data/db

data:
driver: local
driver_opts:
o: bind
type: none
device: /srv/dev-disk-by-uuid-d1ebcbe5-f573-4a7f-becf-a91b7e43be08/cloud/_data/data

main:
driver: local
driver_opts:
o: bind
type: none
device: /srv/dev-disk-by-uuid-d1ebcbe5-f573-4a7f-becf-a91b7e43be08/cloud/_data/main

apps:
driver: local
driver_opts:
o: bind
type: none
device: /srv/dev-disk-by-uuid-d1ebcbe5-f573-4a7f-becf-a91b7e43be08/cloud/_data/main

config:
driver: local
driver_opts:
o: bind
type: none
device: /srv/dev-disk-by-uuid-d1ebcbe5-f573-4a7f-becf-a91b7e43be08/cloud/_data/config

theme:
driver: local
driver_opts:
o: bind
type: none
device: /srv/dev-disk-by-uuid-d1ebcbe5-f573-4a7f-becf-a91b7e43be08/cloud/_data/theme

services:

nextcloud:
image: nextcloud:29.0.3 #:fpm requires access through proxy
container_name: 201_NextCloud
hostname: drive.[mydomain].club
restart: unless-stopped
ports:
- 4480:80
links:
- nextcloud-db
# - nextcloud-collabora
volumes:
- main:/var/www/html
- apps:/var/www/html/custom_apps
- config:/var/www/html/config
- data:/var/www/html/data
- theme:/var/www/html/themes/Penguin
environment:
- MYSQL_PASSWORD=[dbPassword]
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=201_NextCloud-DB
#enable the following 3 if you plan to enable remote desktop apps
- OVERWRITECLIURL=https://drive.[mydomain].club
- OVERWRITEPROTOCOL=https
- OVERWRITEHOST=drive.[mydomain].club
- NEXTCLOUD_TRUSTED_DOMAINS=drive.[mydomain].club
networks:
- traefik-proxy
- frontend
- backend
labels:
- “traefik.enable=true”
- “traefik.docker.network=traefik-proxy”

 - "traefik.http.routers.drive-rtr.rule=Host(`drive.[mydomain].club`)"
 - "traefik.http.routers.drive-rtr.entrypoints=https"
 - "traefik.http.routers.drive-rtr.tls=true"
 - "traefik.http.routers.drive-rtr.service=drive-svc"
 - "traefik.http.services.drive-svc.loadbalancer.server.port=80"

#Day to day stuff: Traefik v2 enable HSTS, Docker and nextcloud
- “traefik.http.middlewares.nextcloudredir.redirectregex.permanent=true”
- “traefik.http.middlewares.nextcloudredir.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav”
- “traefik.http.middlewares.nextcloudredir.redirectregex.replacement=https://$$1/remote.php/dav/”
- “traefik.http.middlewares.nextcloudsts.headers.stsincludesubdomains=false”
- “traefik.http.middlewares.nextcloudsts.headers.stspreload=true”
- “traefik.http.middlewares.nextcloudsts.headers.stsseconds=31536000”
- “traefik.http.middlewares.nextcloudsts.headers.isdevelopment=false”
- “traefik.http.routers.drive-rtr.middlewares=nextcloudredir,nextcloudsts”

#Docker Traefik Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds - #4 by adamshand

#Reverse proxy — Nextcloud latest Administration Manual latest documentation

nextcloud-db:
image: mariadb:10.6
container_name: 201_NextCloud-DB
restart: unless-stopped
command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
volumes:
- db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=[rootPasswprd
- MYSQL_PASSWORD=[dbPassword]
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
networks:
#- frontend
- backend

  1. access through browser at drive[mydomain].club
  2. setup admin account
  3. access nextcloud without issue
  4. try to connect with android app
  5. connect to the server
  6. login
  7. screen responds with “Access forbidden” “App Not Enabled”
    image

The output of your Nextcloud log in Admin > Logging:

PASTE HERE

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):
Not sure how much of the log is viable, here is a excerpt of recent log

https://pastebin.com/5zTXzkqr

The output of your Apache/nginx/system log in /var/log/____:

I’m using traefik, didn’t find anything in its logs that were recent.

PASTE HERE

Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors. Use a pastebin service if necessary.

https://pastebin.com/uZQfx2bQ

I have been running a nextcloud for 2 years, I recently rebuilt my homelab, this time using traefik, I’ve been running in circles for the last week trying to figure out how to get the phone and desktop apps working again.

None of the tricks i used before have worked, and I’m not finding anything useful online.