When you say add my domain do you mean my external URL? Like the DNS name I configured?
Would it be helpful if I posted my Apache conf files? Not sure if that is where the problem is or if it’s in one of the Nextcloud files.
I added my DNS name followed by the port to the list of trusted domains and am still having issues. I restarted the server but that didn’t fix anything. Any other advice or things to look into?
I suggest running tcpdump to verify if your port forward is working.
Heya Robert, some thoughts as I had a little fun with this too.
Is your NC working on port 8080 internally?
Can you connect internally on 8080?
Are you using plain HTTP (for testing of course) or HTTPS?
If https, is it the same URL internal and external?
Can you drop https and prove http first to rule out TLS / certificate issues?
As @KarlF suggests you need to prove basic IP comms first. If you use port forwarding to a different port that can get messy - especially if you’re using the router to attempt rewriting too. Yuk.
It might be worth stopping nextcloud and putting up a simple “hello_world.html” page on port 8080 first to prove basic connectivity. Or use a different host for this test. Once you can see that inside and out, then look to get nextcloud working.
My lesson was to use an alias for access to nextcloud servers e.g. nc.example.com. I have a public DNS domain anyway, and internal DNS domains too (router “lan dns” feature, also use dnsmasq) that both reply to the same alias with my WAN or internal IP as appropriate so this was easy to set up and lets the host be part of my internal domain if I ever get the urge to implement SSO.
If exposing to internet then a proxy (eg haproxy) can get around some port-forward issues and you can also restrict which bits of nextcloud are accessible from outside. Well worth the hassle.
Good luck - first time setting up this sort of thing is a learning experience.
-R
How do I do that? Do I just run the tcpdump command?
I stood up my old webserver that was running on port 80 to now run on port 8080 and I can reach it now from the internet. I think my issue is somewhere in my Apache or Nextcloud configuration. I had tried to setup an SSL configuration but that may have messed it up. I have been trying to access it using http and https and neither works.
Here are my two Apache conf files if these are any help…
This is the one that certbot made…
<IfModule mod_ssl.c>
<VirtualHost *:443>
DocumentRoot "/var/www/nextcloud.learnlinux.cloud"
ServerName XXXXX
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
<Directory "/var/www/nextcloud.learnlinux.cloud/">
Options MultiViews FollowSymlinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
TransferLog /var/log/apache2/XXXXX
ErrorLog /var/log/apache2/XXXXX
SSLCertificateFile /etc/letsencrypt/live/XXXXX/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/XXXXX/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
and this is the main one…
<VirtualHost *:8080>
DocumentRoot "/var/www/nextcloud.learnlinux.cloud"
ServerName XXXXX
<Directory "/var/www/nextcloud.learnlinux.cloud/">
Options MultiViews FollowSymlinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
TransferLog /var/log/apache2/XXXXX
ErrorLog /var/log/apache2/XXXXX
RewriteEngine on
RewriteCond %{SERVER_NAME} =XXXXX
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
Does any of that look like it would be causing the issue?
BTW, all of the XXXXX have my DNS name in them. That part isn’t the issue.
Thanks again for all of your help!
This is forwarding it to HTTPS. You won’t be able to open it on port 8080 with this here.
So I just need to remove those 3 lines?
I got rid of those three lines and I still can’t access it. Do I need to remove the ssl conf file? I restarted apache2 BTW
Perhaps. You’ll need to reload the Apache service to take effect. I can just tell you that they will forward any access attempt to HTTPS on port 443. It would be advisable to learn more about Apache.
They were probably added when you ran certbot which does not work without port 80. Did you have it running certbot and then changed the port later?
No, I had it running on port 8080 to not mess with my webserver running on port 80 then I ran Certbot on Nextcloud which runs on port 8080… if that makes sense.
I just removed the ssl conf file and the certbot certificate. I just tested it again and I still can’t hit that port and DNS name from outside of my home network. As previously mentioned I swapped my homeserver to run on port 8080 and that worked just fine. I don’t think it’s the port. I think it’s still something in how I have it configured. Not sure what else that could be. We already changed that other conf file… When I add the array values to my Nextcloud conf file will it just look like this? What is the overwrite.cli.url field for? Is that something I need to change?
'trusted_domains' =>
array (
0 => '10.0.0.128:8080',
1 => 'nc.example.com:8080',
),
Apache reference https://httpd.apache.org/docs/current/mod/directives.html
Nextcloud reference https://docs.nextcloud.com/server/stable/admin_manual/
If your page doesn’t load at all, then it probably isn’t the Nextcloud setup that’s the problem. It’s going to be something else on your system. Apache or your firewall probably.
What do you get from this?
apachectl -t -D DUMP_VHOSTS
This is the output from that command. I used the same conf file and pointed it to an html folder with an index.html file in it and I couldn’t reach that either. I could however reach my other webserver when I changed it to run on port 8080… I just modified its conf file. That just makes me think it’s either an apache conf issue or a Nextcloud conf issue. The port and Nextcloud works just fine when I access the site across port 8080 on my local network.
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:80 127.0.1.1 (/etc/apache2/sites-enabled/000-default.conf:1)
*:8080 nc.example.org (/etc/apache2/sites-enabled/nc.example.org.conf:1)
I still can’t get this to work. I have tried several other things. I have changed the port, modified the configuration files but to no avail. I also tried to install Nextcloud via snap but I couldn’t get that to work either. Is there anything else that I should try?
Are there any logs that I can look at that would tell me why this isn’t working?
I stood up a different webserver on a seperate port and it worked just fine. I have used the port 8080 before and it works great. It allows me to access it from outside of my home network and everything. I think Nextcloud isn’t configured correctly to allow the remote traffic. If the issue wasn’t Nextcloud the other tests I ran that worked wouldn’t have worked.
I am not going to do the self install anymore, I am now trying to setup the AIO docker image. I am having trouble with that too though. I just opened a new thread…