Hello,
I have tested this endless times and it just works out of the box. There is no need to upgrade anything, and automatic security updates are enabled by default.
Did you make any other configuration changes, such as transfering the database dir to an external USB drive?
Are apache2, mysql and php-fpm processes up and running? check the status of mysqld ?
If you want we can troubleshoot this together at https://github.com/nextcloud/nextcloudpi/issues
Hi,
thanks a lot for your offer.
At the moment I canāt experiment but I might come back at a later time.
In the meantime I installed everything manually and itās working.
Again, thank you. 
Hi
Thanks for the NextCloudPi images. This is indeed great work.
Iāve installed it both on a Pi2 and a Pi3 though and it is very slow - beyond being usable. Could someone please help me solve this?
So far I couldnāt do some other things, too: canāt enable HTTPS and canāt access from outside my LAN.
I donāt know much about networks, so Iām kind of in the dark as to what other info would be relevant for you to help me solve this. Sorry about that, but just ask and Iāll give you whichever info you need about this.
Thanks in advance
check your power source for the raspberry pi. There have been cases of very bad performance due to a cheap/unstable PSU.
HTTPS comes enabled by default.
In order to access from outside, read this
https://ownyourbits.com/2017/03/09/dnsmasq-as-dns-cache-server-for-nextcloudpi-and-raspbian/
Try to read these articles, many things are already covered here
Thank you. Iāll check all this in the weekend.
Proposal for a new nextcloudpi-config function
First, thanks a lot for making a simple nextcloud server for raspberry pi reality 
.
I personally think, that simplicity is the key for getting normal private households interested in their own (next) private cloud.
One proposal for making nextcloud pi even more simple.
The so called ātrusted domainā issue seems to be a common problem with Nextcloud and I encountered it now too, with the nextcloud pi. I started my nextcloud pi server with connecting it over Ethernet. Later I activated WiFi and disconnected Ethernet, during this process the IP address of the Raspberry Pi changed. As result I received at the next login an error message from nextcloud that it can not be accessed with running at the new IP address. Same issue was coming up, when adding then a letās encrypt certificate and accessing the Nextcloud via Domain address.
The issue is known and described for example at following link:
Solution is to change/add the trusted_domains array at config.php. An easy task for some, but very difficult for a ānormalā person. When it comes down to IP address only it is possible of course to ensure, that the raspberry pi does not change IP address when switching for example from Ethernet to WiFi, but again this is easy for some, but difficult for others.
Proposal: Add a new function at nextcloudpi-config, which makes it easy to edit the trusted_domains array at config.php. Meaning adding, removing, editing entries.
Hi,
When did this happen to you?
I have considered too adding this option, but I decided that it was better to make it transparent if possible.
For this reason, I improved the integration of nc-wifi with trusted domains some time ago, as you can see here. Specifically, this was added the 22nd of May, version v0.14.0.
Could you run ncp-update and then try again? According to my testing your trusted domain list should update accordingly. Same goes for noip, letsencrypt and dnsmasq
Otherwise, please post a bug in github.
Thanks for you feedback. Ideas are very welcome.
Talking about thisā¦ do you see value in providing an easy way in nextcloudpi-config to format an external USB drive as ext4? AFAIK is the only manual step that is required right now for NextCloudPi
Nextcloud Pi & trusted domain
The Nextcloud Pi Version running was 0.13.0.
When starting nextcloudpi-config first time (version 0.12.x) I got a message that a new version is available and then a question if I want to update (yes/no). I updated straightaway.
Just triggered nc-update and output is NextCloudPi updated to version v0.13.0. A version v0.14.0 is not visible.
It is actually difficult to determine what is really supposed to be the latest version. Neither at the website ownyourbits nor at github this information is displayed in an eye-catching way. Further I could not find structured release notes for each particular version released.
I tested the v0.13.0 version concerning switching between two IP Addresses (e.g. WLAN and Eth) further and observed that a reboot does fix the trusted domain issue (i.e. the IP address assigned during boot process seems to be always the trusted one for the nextcloud server with v0.13.0). Something that easily can be explained to a user. As result this looks to me a minor item in the end. If v0.14.0 makes this even more transparent, the better.
Nextcloud Pi & format USB drive to ext4
Defining a ānormalā user as someone who is not comfortable with the command line, formatting of an external drive could be easier. I personally did first mount the USB drive, determined via df -T command the path where the drive itself is located, unmounted the drive, formatted the drive via mkfs.ext4 <path> command and mounted the drive again. Likely not the most elegant solution, but it worked for me. Most difficult part was to ensure the path for the format command is right.
FYI, I just did an ncp-update ( at 16:00UTC) and was told 0.13 was the latest. Not that it matters to me as NCP is working perfectly.
Edit to add: Yes, I think itās valuable to have an external disk format option.
Yeah, I am sorry, I made a mistake. v0.14.0 is on the devel branch, so that is why v0.13.0 is the last one available.
The one where the wifi fix took place was v0.10.1. link
It is true that it is a bit hard to see the versions on github if you donāt know where they are.
You can look in the Release section for a listing of the versions. If you click the three dot icon [ā¦] you can see the notes for that version.
Then, you can also see all the notes together at the Commits section, but there they donāt come associated to the version. That would be an improvement.
Iāll retest the wifi issue, but it worked for me last time.
@Mattias @Jeffery_Frederick thx, I will probably implement that soon
So,
I read your recommendations and tried some tweaks, but it seems like I canāt get the ports on my network forwarded. I do everything right, as explained in the routerās manual, but when I check them I get connection timed out. It happens to when I try to enable letsencrypt tooā¦
It looks like itās a problem Iāll have to solve with my ISP, so I decided to just use it on my local network. After the first install, which was slow, Iāve reinstalled it twice and now I canāt connect to it. I enter the local IP then I get connection not secure, I create an exception rule in my browser, but when I get to the NextCloud screen it says the domain is untrusted and if I click to add as trusted domain, bam: Unable to connect.
I really donāt know where to go from here. I canāt find the config file it says I should edit. Could someone please help?
Thanks a lot.
EDIT: removed unnecessary info and gave some more detail.
You need to be able to forward ports, in order to access from outside. Also for letās encrypt, or you will have to add a permanent exception.
If your trusted domain stopped working, that means that you have changed your IP at some point since booting, or your ethernet cable was not connected when you turned the RPi on. Any details on this?
Did you do any network setup in your Raspberry Pi? NextCloudPi tries to configure your trusted domain for you.
Can you paste the output of
ip address
and
ip route
You can try two things in order to configure the trusted domain
sudo systemctl start nextcloud-domain should work for you, if it doesnāt,192.168.1.15 and typecd /var/www/nextcloud sudo -u www-data php occ config:system:set trusted_domains 1 --value=192.168.1.15
Apparently port forwarding is not working. I called my ISP and the guy did something there and asked me to wait half an hour, but it didnāt work, so Iāll have to phone them again.
EDIT
Some further info: Now my ISP says if I want to open ports Iāll have to pay for an enterprise plan, BUT, I just tried to configure a p2p application that needs opened ports to work properly and does a test during install to see how it goes. The same port forwarding procedure worked for the specific port where this application is listening, but not for the ones NCPi needs, which makes me think about two possibilities:
1- thereās nothing listening on ports 80 and 443 on my NextcloudPi install, and so I get closed ports when testing;
2- my ISP blocks these two ports (80 and 443 - I tried opening 8080 too, no luck).
Regarding 1, is there a test I can do to make sure this isn't the issue?
Regarding 2, can I - and if yes how - do I change the ports NCPi uses?
END OF EDIT
Yes, it changed, but I reconfigured accordingly. It wasnāt working before anyway. The only thing I got working was my very first install, and still it was slow and not accessible from outside (my first post here in this thread). I donāt know what I had done then that it worked, because all my following installs donāt even work in this āslow and local-onlyā state.
Iām sorry. Iām not sure what you mean here. I did some configurations on nextcloudpi-config and raspi-config. Letsencrypt doesnāt work, but I set up no-ip and dns masking (as suggested by you) there.
Here you go
ip address:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether b8:27:eb:83:88:c9 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.12/24 brd 192.168.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 2804:14d:5c35:abd7::7/128 scope global deprecated noprefixroute dynamic
valid_lft 13446sec preferred_lft 0sec
inet6 2804:14d:5c35:abd7:7f40:eb60:edc1:c0e3/64 scope global noprefixroute dynamic
valid_lft 86382sec preferred_lft 71982sec
inet6 fe80::47d0:fcb2:d784:bd78/64 scope link
valid_lft forever preferred_lft forever
and ip route:
default via 192.168.0.1 dev eth0 metric 202
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.12 metric 202
systemctl gave no output, which Iām assuming itās ok, but sudo -u www-data etc. says occ doesnāt exist. However I did manage to edit the config file indicated on the āadd trusted domainā NC screen and added my RPi local IP to trusted domains . Now instead of not being able to load, what I get is a totally blank page on my browserā¦
P.S.1: If I could just get it to work locally, no external access, it would be already very handy for me, but not even that is working.
P.S.2: I donāt know if this is intentional, but it seems that some things in the nextcloudpi-config application get broken if you change your Piās (host) name. If you want more info on this, let me know and Iāll do another check to give you the precise points where it fails.
Wow, run away from that ISP if it does not let you open ports.
You can try changing the port in
/etc/apache2/sites-enabled/nextcloud.conf
See the line
<VirtualHost _default_:443>
This is the HTTPS port. You probably will also have to tweak other files, such as the redirection from port 80. If you get stuck, I suggest you google for āapache virtual hosts portā
I think I know what is happening. Are you trying to access by IP? or by hostname? did you setup dnsmasq? Try accessing by IP and see if it works. https://192.168.0.12 should work for you.
The blank page problem usually means that you have moved the database to a USB drive that goes to standby mode. Try reading this thread
Run pgrep mysql and read the post. If it still does not work, write there so we can follow each thing separatedly
Very interested. Please, report anything you find here
Thanks for the feedback
I had some personal stuff going on these days and couldnāt work on it. I plan to do it on the weekend, but before I go further, some clarifications:
It seems the ports are opened for the other p2p application. It is working fine. Any ideas if this can be something related specifically to ports 80 and 443 or if this is an application-dependent situation?
I did set up dnsmasq, but actually Iām always using the local IP address. Anyway, I get the same results either way.
Unfortunately thatās not the case. While I couldnāt get it to work minimally, I havenāt tried anything else, like moving the database etc. Currently everything is on the SD cardā¦
Well, that is strange.
Now NCP is able to open your router ports for you provided you have UPnP activated in your router. You might wanna try that to be sure. Update first ( sudo ncp-update ) and then try from nextcloudpi-config
If your ISP blocks port 443, then just use another one, such as 4433.
Try the pgrep command to see if your database is running. Read the github link from last post also.
Before everything else: did you know that ownyourbits.com is down? It has been down another night this last week too.
So, regarding NextCloudPi, here is where Iām at now:
Launching letsencrypt
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for [MY.DOMAIN]
Waiting for verificationā¦
Cleaning up challenges
Failed authorization procedure. [MY.DOMAIN] (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Timeout
IMPORTANT NOTES:
The following errors were reported by the server:
Domain: [MY.DOMAIN]
Type: connection
Detail: Timeout
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If youāre using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
System config value trusted_domains => 4 set to string [MY.DOMAIN]
Hi,
I know! The hosting company was bought this week by another company and the migration has beenā¦ troublesome. I am sorry about that
You can see if the port forwarding tool worked for you by accessing from outside your house on that port ( for instance, disable wifi on your phone and access from there ).
Regarding letās encryptā¦ you will have to investigate the DNS challenge. The method used by nextcloudpi only works for port 443, so if you are using another port for HTTPS you will have to do it manually.
Thank you!
By the way, the site is up again. Iām checking these suggestions of you.
I just found this comment on your post about Letās Encrypt. I suspect this may be my case too. Iāll try to figure out how to do what you told the guy to do:
grphx says:
May 6, 2017 at 12:01 am
Apparently my ISP blocks port 80 and 443, which is understandable for a residential internet provider. I can just port forward external port 9000 to internal port 443 and then go to website.com:9000 but I cannot enter website.com:9000 when trying to configure letsencrypt.
Is there a better way to enable https so I donāt get the āuntrusted domainā error message?
nachoparker says:
May 6, 2017 at 1:55 pm
You will have to manually run letsencrypt and investigate how to specify the port. Sorry I am on vacation on my phone, but I am sure there has to be a parameter
Run ./letsencrypt --help in the /etc/letsencrypt folder and look for the option to specify port, or google your problem.Weāre up again!! xD
Well, in my opinion, it is not understandable to block certain ports. It goes against internet neutrality. Also you pay for internet access, so whatever you do with X download bandwith and Y download bandwidth is solely your business. You pay for bandwidth, you donāt have to justify to your ISP how you use your bytes.
My advice isā¦ run away from that provider.
I certainly was not able to investigate the message that you quote when I was away, but as of today I can tell you that letās encrypt is not going to work for you on any port other than 443 unless you do it manually though the DNS challenge mechanism, according to what I have read.
Please, check the following issue for all the information