Nextcloudpi connection from outside does not work via domain (spdyn nor noip), but with direct entry of the ipv6

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP, AIO)
1

[/details]

Nextcloud version: 16.0.3
Operating system and version: Raspbian Buster
Apache or nginx version: Apache 2
PHP version: 7.3

The issue you are facing:

Hello, I have a problem. I set up a raspberry pi with nextcloudpi and everythings works fine except one thing. I cannot connect to nextcloud through ipv6 using only my dynDNS Domain. It works with the ipv6 IP address though, but in this case it of course shows an error message saying not allowed through this domain.

I use spdyn as a dynDNS and updates the correct IP adresses. Ipv4 through my Router fritz.box and ipv6 through nextcloudpi software itself.
I tried using noip but I have the same problem.

With ipv4 everything works fine.
I think it cant be the router or the firewall because I can connect through the ip.

Can somebody help me?

Below is may nextcloud config.php which I hopefulle sensored correctly :wink:

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'passwordsalt' => 'uyr',
  'secret' => 'QKr',
  'trusted_domains' => 
  array (
    0 => 'localhost',
    11 => '2003:::::::4738',
    1 => '192.168.178.100',
    5 => 'nextcloudpi.local',
    7 => 'nextcloudpi',
    8 => 'nextcloudpi.lan',
    4 => 'xxx.spdns.de',
    3 => 'xxx.ddns.net',
  ),
  'datadirectory' => '/mnt/Nextcloud/NextcloudData',
  'dbtype' => 'mysql',
  'version' => '16.0.3.0',
  'overwrite.cli.url' => 'https://xxx.ddns.net/',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'ncadmin',
  'dbpassword' => 'uZY=',
  'installed' => true,
  'instanceid' => 'ocdj',
  'memcache.local' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' => 
  array (
    'host' => '/var/run/redis/redis.sock',
    'port' => 0,
    'timeout' => 0.0,
    'password' => 'GTnmF4=',
  ),
  'tempdirectory' => '/mnt/Nextcloud/NextcloudData/tmp',
  'mail_smtpmode' => 'sendmail',
  'mail_smtpauthtype' => 'LOGIN',
  'mail_from_address' => 'admin',
  'mail_domain' => 'ownyourbits.com',
  'preview_max_x' => '2048',
  'preview_max_y' => '2048',
  'jpeg_quality' => '60',
  'overwriteprotocol' => 'https',
  'loglevel' => '2',
  'log_type' => 'file',
  'maintenance' => false,
  'logfile' => '/mnt/Nextcloud/NextcloudData/nextcloud.log',
  'htaccess.RewriteBase' => '/',
  'mail_sendmailmode' => 'smtp',
);
2

Check first if your apache listens to ipv6 (https://httpd.apache.org/docs/2.4/bind.html).

sudo netstat -tulpen

if yes there should be two entries:

root@nextcloud~ # netstat -tulpen | grep apache
tcp6       0      0 :::80                   :::*                    LISTEN      0          1945215900  7408/apache2
tcp6       0      0 :::443                  :::*                    LISTEN      0          1945215904  7408/apache2

Check your apache configuration, there should be name-based virtual hosts (probably):
https://httpd.apache.org/docs/2.4/vhosts/name-based.html

Make sure it is like in this example with asterix and no ipv4-address.

Or there is a problem with your DNS entry, so you could check manually your DNS record.

dig nextcloud.example.org -AAAA

Like for ripe.net you should have a A and an AAAA record:

ripe.net.               286     IN      AAAA    2001:67c:2e8:22::c100:68b
ripe.net.               300     IN      A       193.0.6.139

Well if it is not that, we have to think again, you don’t have a proxy installed or something. It’s always worth trying a different device also from a different network.

3

Thank you for the fast reply. I checked the first step and it seems alright:

tcp6 0 0 :::80 :::* LISTEN 0 17239 714/apache2
tcp6 0 0 :::443 :::* LISTEN 0 17243 714/apache2

For the second step, I dont know how to do that ad dont understand the apache website where to find it. Sorry, I am a total noob.

At spydy my ipv4 hst and my ipv6 host update perfectly and I can open nextcloud through ipv4 using my domain. Why do I have to set a name server then for ipv6 and for ipv4?

5

This is my apache2 config for nextcloud:

<IfModule mod_ssl.c>
  <VirtualHost _default_:443>
    DocumentRoot /var/www/nextcloud
ServerName xxx.spdns.de
    CustomLog /var/log/apache2/nc-access.log combined
    ErrorLog  /var/log/apache2/nc-error.log
    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/xxx.spdns.de/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/xxx.spdns.de/privkey.pem
  </VirtualHost>
  <Directory /var/www/nextcloud/>
    Options +FollowSymlinks
    AllowOverride All
    <IfModule mod_dav.c>
      Dav off
    </IfModule>
    LimitRequestBody 0
    SSLRenegBufferSize 10486000
  </Directory>
</IfModule>
6

I think I solved it, but dont understand the reason.
I can reach my server with the specific spdyn dns over ipv6 only when ports are also opened for ipv4 is that normal?

7

I just disabled ipv6 on my rpi3b for that reason

To force dhclient to us IPv4 for current session:

sudo dhclient -4 -v eth0

To permanently disable IPv6

sudo nano /etc/sysctl.conf

Add

net.ipv6.conf.all.disable_ipv6=1

save and exit

It seems depending model router you need to configure both ipv4 and ipv6 port forwards for it to work. I did not know that, so used above to disable ipv6.

1 Like