I am having an issue where I selected all the other containers for installation and they installed, but are not showing up in the nextcloud interface. I also wanted to install the facial recognition app, but only the currently installed apps are showing up under the list of apps. Some other reading is telling me maybe a DNS issue, but I have been unable to resolve this.
Here is my setup. I do not have a way to directly host through T-mobile internet, so I use a VPS with wireguard. Docker is running on my local server with Ubuntu connected to the VPS through wireguard. I then use duckdns.org to get a domain name.
With this configuration I was able to complete the installation fine and even been using it with the android app already. Below are lines from the containers that I hope are helping to point at the issue.
Apache container
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.15. Set the 'ServerName' directive globally to suppress this message
Talk container
No IPs configured for the stats endpoint, only allowing access from 127.0.0.1
main.go:339: Listening on 0.0.0.0:8081
Master container
{"level":"error","ts":1667517805.8123784,"logger":"tls.obtain","msg":"will retry","error":"[172.17.0.6] Obtain: subject does not qualify for a public certificate: 172.17.0.6","attempt":2,"retrying_in":120,"elapsed":60.00209359,"max_duration":2592000}
The master container error looks like it’s from Let’s Encrypt. It seems like it’s trying to obtain a certificate with a private IP as the subject.
Did you use a FQDN when you set it up that matches your duckdns.org FQDN?
Also just out of curiosity, did you forward all outbound traffic from the server to the VPS? I tested a similar setup for a mail server because my ISP blocks port 25.
I like the way you are thinking KarlF12. It sounds like I need to change the naming for DNS of my ubuntu instance, and/or change the etc/hosts file. This project has shown me how much my knowledge is lacking on CGNATS, IPv6, DNS, FQDN, and Domains. My Ubuntu instance is just using the standard “ubuntu” DNS. I just did a ping to it from my windows laptop and it resolves to a IPv6 as shown below.
Pinging ubuntu.local [fe80::4372:da8:a66b:9ea%23] with 32 bytes of data:
Reply from fe80::4372:da8:a66b:9ea%23: time=2ms
Here is my etc/hosts file
127.0.0.1 localhost
127.0.1.1 ubuntu
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
I used https://github.com/mochman/Bypass_CGNAT to setup the wireguard VPN settings. The script worked nicely and then I setup wireguard in docker on ubuntu and moved my configuration into it. The configuration below is being used. You will notice I have a couple other IP’s hosting other services too. Those other services will no longer open using steversons.duckdns.org I believe because of the SSL certificate nextcloud has on it. So I must use a different URL I also have registered on duckdns.org
Here is the log on a restart from the nextcloud-aio-nextcloud container. I am also working on getting the log from when the container was first built.
[04-Nov-2022 06:45:03] NOTICE: Terminating ...
[04-Nov-2022 06:45:03] NOTICE: exiting, bye-bye!
now
-------------------------------
2022-11-04 06:45:12.386546-05
(1 row)
Configuring Redis as session handler...
Setting php max children...
System config value tempdirectory set to string /mnt/ncdata/tmp/
Applying one-click-instance settings...
System config value one-click-instance set to boolean true
System config value one-click-instance.user-limit set to integer 100
Adjusting log files...
System config value logfile set to string /var/www/html/data/nextcloud.log
Config value logfile for app admin_audit set to /var/www/html/data/audit.log
Applying network settings...
System config value trusted_domains => 1 set to string steversons.duckdns.org
System config value overwrite.cli.url set to string https://steversons.duckdns.org/
System config value htaccess.RewriteBase set to string /
.htaccess has been updated
System config value files_external_allow_create_new_local set to boolean false
Error: Could not download app notify_push
System config value trusted_proxies => 0 set to string 127.0.0.1
System config value trusted_proxies => 1 set to string ::1
Config value base_endpoint for app notify_push set to https://steversons.duckdns.org/push
Error: Could not download app richdocuments
Config value wopi_url for app richdocuments set to https://steversons.duckdns.org/
System config value allow_local_remote_servers set to boolean true
Error: Could not download app spreed
Config value stun_servers for app spreed set to ["steversons.duckdns.org:3478"]
Config value turn_servers for app spreed set to [{"server":"steversons.duckdns.org:3478","secret":"hiding","protocols":"udp,tcp"}]
Config value signaling_servers for app spreed set to {"servers":[{"server":"https://steversons.duckdns.org/standalone-signaling/","verify":true}],"secret":"Hiding"}
Error: Could not download app files_antivirus
Config value av_mode for app files_antivirus set to daemon
Config value av_port for app files_antivirus set to 3310
Config value av_host for app files_antivirus set to nextcloud-aio-clamav
Config value av_stream_max_length for app files_antivirus set to 104857600
Config value av_max_file_size for app files_antivirus set to -1
Config value av_infected_action for app files_antivirus set to only_log
System config value enabledPreviewProviders => 0 set to string OC\Preview\Imaginary
System config value preview_imaginary_url set to string http://nextcloud-aio-imaginary:9000
Error: Could not download app fulltextsearch
Error: Could not download app fulltextsearch_elasticsearch
Error: Could not download app files_fulltextsearch
There are no commands defined in the "fulltextsearch" namespace.
There are no commands defined in the "fulltextsearch_elasticsearch" namespa
ce.
There are no commands defined in the "files_fulltextsearch" namespace.
Waiting 10s before activating FTS...
Activating fulltextsearch...
There are no commands defined in the "fulltextsearch" namespace.
Fulltextsearch failed. Could not index.
[04-Nov-2022 06:46:43] NOTICE: [pool www] 'user' directive is ignored when FPM is not running as root
[04-Nov-2022 06:46:43] NOTICE: [pool www] 'user' directive is ignored when FPM is not running as root
[04-Nov-2022 06:46:43] NOTICE: [pool www] 'group' directive is ignored when FPM is not running as root
[04-Nov-2022 06:46:43] NOTICE: [pool www] 'group' directive is ignored when FPM is not running as root
[04-Nov-2022 06:46:43] NOTICE: fpm is running, pid 334
[04-Nov-2022 06:46:43] NOTICE: ready to handle connections
172.19.0.11 - bsteverson 04/Nov/2022:06:46:44 -0500 "GET /remote.php" 200
172.19.0.11 - bsteverson 04/Nov/2022:06:46:49 -0500 "PROPPATCH /remote.php" 207
172.19.0.11 - bsteverson 04/Nov/2022:06:46:50 -0500 "GET /remote.php" 200
Activating collabora config...
There are no commands defined in the "richdocuments" namespace.
172.19.0.11 - bsteverson 04/Nov/2022:06:46:56 -0500 "PROPPATCH /remote.php" 207
172.19.0.11 - bsteverson 04/Nov/2022:06:46:57 -0500 "GET /remote.php" 200
172.19.0.11 - 04/Nov/2022:06:47:02 -0500 "HEAD /index.php" 302
172.19.0.11 - bsteverson 04/Nov/2022:06:47:03 -0500 "PROPPATCH /remote.php" 207
172.19.0.11 - bsteverson 04/Nov/2022:06:47:04 -0500 "GET /remote.php" 200
172.19.0.11 - bsteverson 04/Nov/2022:06:47:10 -0500 "PROPPATCH /remote.php" 207
172.19.0.11 - bsteverson 04/Nov/2022:06:47:11 -0500 "GET /remote.php" 200
172.19.0.11 - bsteverson 04/Nov/2022:06:47:16 -0500 "PROPPATCH /remote.php" 207
172.19.0.11 - bsteverson 04/Nov/2022:06:47:17 -0500 "GET /remote.php" 200
172.19.0.11 - 04/Nov/2022:06:47:22 -0500 "PUT /index.php" 412
172.19.0.11 - 04/Nov/2022:06:47:33 -0500 "HEAD /index.php" 302
172.19.0.11 - bsteverson 04/Nov/2022:06:47:33 -0500 "PROPPATCH /remote.php" 207
172.19.0.11 - bsteverson 04/Nov/2022:06:47:39 -0500 "GET /remote.php" 200
Here is what I used to create the master container.
I also just noticed System config value preview_imaginary_url set to string http://nextcloud-aio-imaginary:9000 in the log and I am using that port over the VPN for portainer, so not sure if that will be a problem too.
before I did this I did a “nslookup” in the nextcloud-aio-nextcloud docker container. Below are the results I got before making the change and the results after were exactly the same. I would have expected the Server: ip to change, so maybe I did something wrong. But also the DNS appeared to be working on this container right? Maybe just not on the containers that are using the virtual network between them? I tried a nslookup on the talk container, nslookup appear to not be installed.
I am also using dnsmasq on my router to point the steversons.duckdns.org back to my local server so devices on my WiFi do not go out to the VPS and tunnel back for everything.
The issue with the missing apps was happening before I made that change though.
Actually nothing changed. I was able to resolve google.com before making any changes
I take it that the AIO container stack is trying to use DNS between each container on the virtual network and the logs are pointing to that DNS not working.
As you can see is the problem that the dns resolution inside the nextcloud-aio-nextcloud container not working. My question was if dns resolution inside the container works now?
Yes, the “DNS” was working before inside the container and after. No change. Looking further, it may be a mistake I made when entering the domain. Below is my environment variables from the nextcloud-aio-nextcloud container.
On duckdns.org I just have steversons.duckdns.org connected to my vps IP address. and then I entered steversons.duckdns.org on the configuration page of owncloud AIO. Maybe this is wrong to do it this way? I seen someone elses environment variables does not have the subdomain listed, just the duckdns.org listed.
I should add that when I was doing the initial master AIO container install, I noticed if I had my wireguard connection loaded then the container would get created and come back with like two normal lines of log and then just hang.
If I would shutdown the VPN and run the initial master docker install then it do the normal two lines again, but then create the key and everything was working fine so I connected the VPN and continued setup.
Sounds like some of the traffic is not getting routed properly? So the wireguard configuration may not be correct.
Well that was making sense, until now. So I tried that command again after dropping the wireguard VPN and still just hangs that same as did when VPN was up. Maybe I cannot relate this specifically to the VPN config. Would you have another idea for the cause? I tried removing the “dns” like I had added to the daemon.json too. And just 8.8.8.8 on it. No change.
Yes, I restarted the docker service sudo docker service restart each time and all the containers reloaded. Kept hoping I would see it grab the apps, but always the same logs.
I mean it looks like the DNS is working by resolving to an IP right? Just something after that with traffic or something. Maybe if I could figure out a way to get more of a debug log when it is locking up?