Nextcloud (snap) behind nginx can't connect to TURN server any more

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP)
, ,
#1
Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version (eg, 20.0.5): 20.0.8 (snap)
Operating system and version (eg, Ubuntu 20.04): Ubuntu 20.04
Apache or nginx version (eg, Apache 2.4.25): Nginx 1.17.10
PHP version (eg, 7.4): version included in the snap

The issue you are facing:
I used to have Nextcloud (snap) running using it’s own Apache web server. My coturn server worked fine then, the test (in NC settings) reported success.
I now put Nextcloud (still snap) behind Nginx reverse proxy. Since then, it doesn’t seem to see my coturn server. The test keeps failing.

The coturn server is installed via apt, and the service is up and running.

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

  1. Run Nextcloud snap behind Nginx reverse proxy.
  2. Install coturn via apt.
  3. Run TURN test from Nextcloud settings.

If there is a specific log or something specific I can look for in the logs, I would appreciate some pointers.
I suspect NC running behind Nginx has something to do with it, but no idea how I could fix it.

#2

Hi @dinosm1 ,

usually coturn uses a different port than normal web (http/https).
The fact that you use a reverse proxy means that it is not directly connected to the internet.
Therefore you will need a port forwarding (NAT) for the chosen port of coturn.
I do not know which port that is in nextcloud snap image but you can look into the configuration yourself. (search for “turnserver.conf”)

#3

Hi @florom,

Thank you for your input.
I am running coturn on port 6666 on the same server as Nextcloud.
Are you saying that NC is not connected directly to the internet? Everything else works fine, including most Talk calls, Collabora connectivity, WebDAV and CalDAV, etc.
Do I need some sort of NAT set up for NC or for coturn?

#4

Hi @dinosm1 ,

I do not know your setup. Let me ask you where and why you use a reverse proxy?
Is in the snap image coturn included?

It would be beneficial to post your reverse config here (be sure to change personal information first).

#5

I am using a reverse proxy because I want to run more than one website on the same server on port 443. This cannot be done if the snap is allowed to manage the web connection.

Coturn is not included in the snap (that I’m aware of), I’ve installed it separately.

My nginx config is below:

server {
listen 443;
server_name my.domain;
ssl on;

    proxy_read_timeout 300;
    proxy_connect_timeout 300;
    proxy_send_timeout 300;

    ssl_certificate         /etc/letsencrypt/live/my.domain/fullchain.pem;
    ssl_certificate_key     /etc/letsencrypt/live/my.domain/privkey.pem;

    location / {
            proxy_pass_header   Server;
            proxy_set_header    Host $host;
            proxy_set_header    X-Real-IP $remote_addr;
            proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header    X-Forwarded-Proto $scheme;
            proxy_set_header    X-Forwarded-Host $host;
            proxy_set_header    X-Forwarded-Server $host;
            proxy_pass          http://localhost:81;

    }

}