Connectivity issues: not adapting to new local DNS provider

ā„¹ļø Support šŸ“¦ Appliances (Docker, Snappy, VM, NCP, AIO)
, ,
1

System details

Nextcloud version: 22.2.3
Operating system and version: OpenMediaVault 5.6
Apache or nginx version: NPM 2.9.11
PHP version: 8.0.13

The issue

Iā€™ve recently started running NextCloud for testing on a local server using Docker-compose. Iā€™ve managed to get this running properly using Nginx Proxy Manager for reverse proxy, with only some minor issues indicated by the Security & Setup self-check. Following this, I changed my upstream DNS setup (a local PiHole) to a new device with a different corresponding IP address (correspondingly changing this on my router). All my local devices changed accordingly to the new upstream DNS, but in my NextCloud installation I started seeing the following problems in my installation:

  • App overview was no longer showing installable apps, only installed apps.

  • Security & Setup self-check gives the error Error occurred while checking server setup

  • A variety of errors in the logs, including:

    Error: dns_get_record(): A temporary server error occurred. at /var/www/html/lib/private/Http/Client/DnsPinMiddleware.php#83

    and

    GuzzleHttp\Exception\ConnectException: cURL error 6: Could not resolve host: www.eff.org (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for http://www.eff.org/

This all indicated to me that inbound traffic was somehow compromised, but only for my NextCloud container (my other containers did change to the new upstream DNS). After redeploying my old upstream DNS setup on the old local IP address, I was once again seeing a normally behaving NextCloud installation (not giving the above problems). In fact, the only client that was doing requests to my old DNS upstream was the NextCloud installation. Note that I can still access my installation via reverse proxy from outside of my network (so it seems to be unrelated to Nginx).

To this, the only thing I can conclude is that my NextCloud installation is ā€˜stuckā€™ to the upstream DNS server it was initially deployed with, which seems quite unusual. I tried finding some hardcoded upstream DNS IP in configs and whatnot, but I was not able to find any.

Any advice on how to change the upstream DNS server for my installation?

Replication steps

  1. Have a PiHole or similar running as main and only upstream DNS provider
  2. Setup Docker-compose installation
  3. Change PiHole IP (I changed it from a PiZero to a freshly installed PiHole container running on the same system as NextCloud, not sure if this is relevant but other containers seem to be able to cope with this)
  4. Revert PiHole IP to ā€˜oldā€™ IP address to resolve the issue

NextCloud log

Literally overflowing with the same errors over and over again.

[internet_connection_check] Error: Cannot connect to: www.edri.org
GET /settings/ajax/checksetup
from x.x.x.x by xxx at 2021-11-23T09:00:18+00:00

[PHP] Error: dns_get_record(): A temporary server error occurred. at /var/www/html/lib/private/Http/Client/DnsPinMiddleware.php#83
GET /settings/ajax/checksetup
from x.x.x.x by xxx at 2021-11-23T09:00:08+00:00

[OC\Log\Rotate] Warning: Log file "/var/www/html/data/nextcloud.log" was over 104857600 bytes, moved to "/var/www/html/data/nextcloud.log.1"
at 2021-11-23T09:00:01+00:00

Config.php

<?php
$CONFIG = array (
  'htaccess.RewriteBase' => '/',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' => 
  array (
    0 => 
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 => 
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' => 
  array (
    'host' => 'redis',
    'password' => '',
    'port' => 6379,
  ),
  'passwordsalt' => 'xxx',
  'secret' => 'xxx',
  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 => 'my.domain.com',
    2 => '192.168.xxx.xxx',
    3 => '192.168.xxx.0/24',
  ),
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'pgsql',
  'version' => '22.2.3.0',
  'overwrite.cli.url' => 'https://my.domain.com',
  'dbname' => 'nextcloud',
  'dbhost' => 'db',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'xxx',
  'dbpassword' => 'xxx',
  'installed' => true,
  'instanceid' => 'xxx',
  'maintenance' => false,
  'overwritehost' => 'my.domain.com',
  'overwriteprotocol' => 'https',
);

Docker-compose.yaml

My docker-compose (based on the examples provided by the NextCloud docker github page):

version: '3.2'

services:
  db:
    container_name: nc_postgres
    image: postgres
    restart: always
    volumes:
      - db:/var/lib/postgresql/data
    environment:
      - POSTGRES_DB_FILE=/run/secrets/postgres_db
      - POSTGRES_USER_FILE=/run/secrets/postgres_user
      - POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
    secrets:
      - postgres_db
      - postgres_password
      - postgres_user
    networks:
      - backend
      
  redis:
    container_name: nc_redis
    image: redis
    restart: always
    volumes:
      - redis:/data
    networks:
      - backend
      
  nextcloud:
    container_name: nextcloud
    image: nextcloud
    restart: always
    ports:
      - 8080:80
    volumes:
      - nextcloud:/var/www/html
      - nc_data:/var/www/html/data
    environment:
      - POSTGRES_HOST=db
      - POSTGRES_DB_FILE=/run/secrets/postgres_db
      - POSTGRES_USER_FILE=/run/secrets/postgres_user
      - POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
      - NEXTCLOUD_ADMIN_PASSWORD_FILE=/run/secrets/nextcloud_admin_password
      - NEXTCLOUD_ADMIN_USER_FILE=/run/secrets/nextcloud_admin_user
      - REDIS_HOST=redis
    depends_on:
      - db
      - redis
    secrets:
      - nextcloud_admin_password
      - nextcloud_admin_user
      - postgres_db
      - postgres_password
      - postgres_user
    networks:
      - npm_default
      - backend
 
# Cronjob executed by host OS: docker exec --user www-data nextcloud php -f /var/www/html/cron.php
      
volumes:
  db:
  nextcloud:
  nc_data:
    driver: local-persist
    driver_opts:
      mountpoint: /location/to/data/  
  redis:
  
networks:
  npm_default:
    external: true
  backend:

secrets:
  nextcloud_admin_password:
    file: ./nextcloud_admin_password.txt # put admin password to this file
  nextcloud_admin_user:
    file: ./nextcloud_admin_user.txt # put admin username to this file
  postgres_db:
    file: ./postgres_db.txt # put postgresql db name to this file
  postgres_password:
    file: ./postgres_password.txt # put postgresql password to this file
  postgres_user:
    file: ./postgres_user.txt # put postgresql username to this file

Apache/Nginx logs

Canā€™t provide this at the moment as Iā€™m not in my local network. Will share if necessary at a later moment.

2

usually docker should adopt the DNS server from host system - which seems to be the case as

the config you publish didnā€™t explain why only one NC container didnā€™t adopt the new dnsā€¦ there are ways to configure specific DNS server for a container in docker-compose.yml:

service:
  dns:
    - "1.0.0.1"
    - "1.1.1.1"

of for the whole docker daemon in docker.json:

  "dns" : [
    "8.8.8.8"
  ]

as other containers adopt the change it sounds you did not change it globally. the problem must be related to the Nextcloud container. I would start the troubleshooting by recreating the container (docker-compose down/prune container/pull/up)ā€¦ hopefully this fixes the issue alreadyā€¦ if not start troubleshooting inside the container using

docker exec -it nextcloud bash

and trying to ping and checking if there is something wrong with with you nameserver e.g. /etc/resolv.conf