Unable to have remote access, localhost is ok

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP, AIO)
, ,
1
Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version 3.4.2-1ubuntu1
Using Qt 5.15.3, built against Qt 5.15.2
Using Qt platform plugin 'xcb'
Using 'OpenSSL 3.0.2 15 Mar 2022'
Running on Ubuntu 22.04.2 LTS, x86_64

The issue you are facing:
I’ve performed a recent system update which already got me some headaches. (see this issue). I am trying to access the cloud from outside the local network through a registered domain (ludoviko.me).

  • Ports 80 and 443 are open and forwarded to the local IP address of the server (see below)
  • DDNS appears to be properly configured since it successfully resolves to my current public address.
  • I am able to access other services (ssh, transmission remote) in other ports using that domain. Those services are in other non-conflicting ports.
  • https://localhost/ works without issues.
  • The domain is in the trusted_domains config

image
image1169×264 37.6 KB

Is this the first time you’ve seen this error? (Y/N): yes

The output of your Nextcloud log in Admin > Logging:

Only a theming issue Error: Undefined array key “breezedark” at /snap/nextcloud/33908/htdocs/apps/theming/lib/Service/ThemesService.php#91

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):
This is from yesterday, i only modified the logging parameters

<?php
$CONFIG = array (
  'apps_paths' => 
  array (
    0 => 
    array (
      'path' => '/snap/nextcloud/current/htdocs/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 => 
    array (
      'path' => '/var/snap/nextcloud/current/nextcloud/extra-apps',
      'url' => '/extra-apps',
      'writable' => true,
    ),
  ),
  'supportedDatabases' => 
  array (
    0 => 'mysql',
  ),
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'memcache.local' => '\\OC\\Memcache\\Redis',
  'redis' => 
  array (
    'host' => '/tmp/sockets/redis.sock',
    'port' => 0,
  ),
  'log_type' => 'file',
  'logfile' => '/var/snap/nextcloud/current/logs/nextcloud.log',
  'logfilemode' => 416,
  'passwordsalt' => =====REDACTED======
  'secret' => =====REDACTED======
  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 => 'ludoviko.me',
    2 => '192.168.0.25',
    3 => '66.131.197.88',
  ),
  'datadirectory' => '/var/snap/nextcloud/common/nextcloud/data',
  'dbtype' => 'mysql',
  'version' => '25.0.4.1',
  'overwrite.cli.url' => 'http://localhost',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost:/tmp/sockets/mysql.sock',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => =====REDACTED======
  'installed' => true,
  'instanceid' => 'oc3nbxn74y0h',
  'maintenance' => false,
  'app_install_overwrite' => 
  array (
    0 => 'files_reader',
    1 => 'files_ebookreader',
  ),
  'mail_from_address' => 'ludoviko',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => 'gmx.com',
  'mail_smtpsecure' => 'tls',
  'mail_smtphost' => 'mail.gmx.com',
  'mail_smtpport' => '587',
  'mail_smtpauthtype' => 'LOGIN',
  'mail_smtpauth' => 1,
  'mail_smtpname' => 'kuatolives@gmx.com',
  'mail_smtppassword' => '=====REDACTED======',
  'theme' => '',
  'loglevel' => 2,
);

The output of your Apache/nginx/system log in /var/log/____:
Latest relevant lines.

[Mon Apr 10 13:03:28.467632 2023] [ssl:warn] [pid 133641:tid 140037607560384] AH01909: 127.0.1.1:443:0 server certificate does NOT include an ID which matches the server name
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
[Mon Apr 10 13:03:28.469331 2023] [ssl:warn] [pid 133641:tid 140037607560384] AH01909: 127.0.1.1:443:0 server certificate does NOT include an ID which matches the server name
[Mon Apr 10 13:03:28.469473 2023] [lbmethod_heartbeat:notice] [pid 133641:tid 140037607560384] AH02282: No slotmem from mod_heartmonitor
[Mon Apr 10 13:03:28.470111 2023] [mpm_event:notice] [pid 133641:tid 140037607560384] AH00489: Apache/2.4.56 (Unix) OpenSSL/1.1.1 configured -- resuming normal operations
[Mon Apr 10 13:03:28.470135 2023] [core:notice] [pid 133641:tid 140037607560384] AH00094: Command line: 'httpd -d /snap/nextcloud/33908 -D EnableHTTPS -D EnableHSTS -D FOREGROUND'
[Mon Apr 10 13:03:28.470579 2023] [unixd:alert] [pid 133643:tid 140037607560384] AH02155: getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive
[Mon Apr 10 13:03:28.470579 2023] [unixd:alert] [pid 133642:tid 140037607560384] AH02155: getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive
[Mon Apr 10 13:03:28.470681 2023] [unixd:alert] [pid 133644:tid 140037607560384] AH02155: getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive
[Mon Apr 10 13:03:29.472305 2023] [unixd:alert] [pid 133731:tid 140037607560384] AH02155: getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive
[Mon Apr 10 13:03:41.389159 2023] [proxy_fcgi:error] [pid 133731:tid 140037056354048] [client 139.144.150.23:39046] AH01071: Got error 'Primary script unknown'

Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors. Use a pastebin service if necessary.

{"reqId":"CfL7vql6sGJvXeGCWAuE","level":3,"time":"April 10, 2023 17:17:29","remoteAddr":"127.0.0.1","user":"kuato","app":"PHP","method":"PUT","url":"/ocs/v2.php/apps/theming/api/v1/theme/default/enable","message":"Undefined array key \"breezedark\" at /snap/nextcloud/33908/htdocs/apps/theming/lib/Service/ThemesService.php#91","userAgent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:107.0) Gecko/20100101 Firefox/107.0","version":"25.0.4.1","exception":{"Exception":"Error","Message":"Undefined array key \"breezedark\" at /snap/nextcloud/33908/htdocs/apps/theming/lib/Service/ThemesService.php#91","Code":0,"Trace":[{"file":"/snap/nextcloud/33908/htdocs/apps/theming/lib/Service/ThemesService.php","line":91,"function":"onError","class":"OC\\Log\\ErrorHandler","type":"::"},{"function":"OCA\\Theming\\Service\\{closure}","class":"OCA\\Theming\\Service\\ThemesService","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/snap/nextcloud/33908/htdocs/apps/theming/lib/Service/ThemesService.php","line":90,"function":"array_map"},{"file":"/snap/nextcloud/33908/htdocs/apps/theming/lib/Controller/UserThemeController.php","line":92,"function":"enableTheme","class":"OCA\\Theming\\Service\\ThemesService","type":"->"},{"file":"/snap/nextcloud/33908/htdocs/lib/private/AppFramework/Http/Dispatcher.php","line":225,"function":"enableTheme","class":"OCA\\Theming\\Controller\\UserThemeController","type":"->"},{"file":"/snap/nextcloud/33908/htdocs/lib/private/AppFramework/Http/Dispatcher.php","line":133,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/snap/nextcloud/33908/htdocs/lib/private/AppFramework/App.php","line":172,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/snap/nextcloud/33908/htdocs/lib/private/Route/Router.php","line":298,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/snap/nextcloud/33908/htdocs/ocs/v1.php","line":63,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/snap/nextcloud/33908/htdocs/ocs/v2.php","line":23,"args":["/snap/nextcloud/33908/htdocs/ocs/v1.php"],"function":"require_once"}],"File":"/snap/nextcloud/33908/htdocs/lib/private/Log/ErrorHandler.php","Line":92,"CustomMessage":"--"}}
2

Could the last two lines in the apache log have something to do about it? Particularly this one.

3

And what actually happens when trying to access it? You get some error?

If you get a timeout, I would start by running tcpdump to verify incoming connections are actually making it to the box.

4

No errors, it times out.
Ping to the domain also gets no reply, all packets get lost.
What pattern should I be looking at the tcpdump?

5

Here is a tcpdump filtering port 443 using sudo tcpdump port 443. Just in case I removed the first segment, leaving only the messages:

: Flags [.], ack 150, win 508, options [nop,nop,TS val 1404111192 ecr 2240225343], length 0
: Flags [.], seq 1:1449, ack 150, win 508, options [nop,nop,TS val 1404111192 ecr 2240225343], length 1448
: Flags [P.], seq 1449:2897, ack 150, win 508, options [nop,nop,TS val 1404111192 ecr 2240225343], length 1448
: Flags [P.], seq 2897:4097, ack 150, win 508, options [nop,nop,TS val 1404111193 ecr 2240225343], length 1200
: Flags [P.], seq 4097:4972, ack 150, win 508, options [nop,nop,TS val 1404111209 ecr 2240225343], length 875
: Flags [P.], seq 4972:5023, ack 276, win 508, options [nop,nop,TS val 1404111378 ecr 2240225390], length 51
: Flags [.], ack 548, win 506, options [nop,nop,TS val 1404111585 ecr 2240225431], length 0
: Flags [.], seq 5023:6471, ack 548, win 506, options [nop,nop,TS val 1404111592 ecr 2240225431], length 1448
: Flags [P.], seq 6471:7919, ack 548, win 506, options [nop,nop,TS val 1404111592 ecr 2240225431], length 1448
: Flags [.], seq 7919:9367, ack 548, win 506, options [nop,nop,TS val 1404111592 ecr 2240225431], length 1448
: Flags [P.], seq 9367:10815, ack 548, win 506, options [nop,nop,TS val 1404111592 ecr 2240225431], length 1448
: Flags [.], seq 10815:12263, ack 548, win 506, options [nop,nop,TS val 1404111592 ecr 2240225431], length 1448
: Flags [P.], seq 12263:13244, ack 548, win 506, options [nop,nop,TS val 1404111592 ecr 2240225431], length 981
: Flags [.], seq 13244:14692, ack 548, win 506, options [nop,nop,TS val 1404111593 ecr 2240225431], length 1448
: Flags [P.], seq 14692:16140, ack 548, win 506, options [nop,nop,TS val 1404111593 ecr 2240225431], length 1448
: Flags [.], seq 16140:17588, ack 548, win 506, options [nop,nop,TS val 1404111593 ecr 2240225431], length 1448
: Flags [P.], seq 17588:19036, ack 548, win 506, options [nop,nop,TS val 1404111593 ecr 2240225431], length 1448
: Flags [FP.], seq 19036:19634, ack 548, win 506, options [nop,nop,TS val 1404111593 ecr 2240225431], length 598
: Flags [.], ack 579, win 506, options [nop,nop,TS val 1404111768 ecr 2240225488], length 0
: Flags [.], ack 580, win 506, options [nop,nop,TS val 1404111770 ecr 2240225488], length 0
6

The question is do you see connections coming in from the internet (from non-LAN IPs)?

7

It was a good thing that you rephrased it like that. What I did was to test the domain connected only with my phone data (and not the LANi) connected and it works! Now what I need to sort out is why is it that I cannot access the domain with any computer connected with the router.

8

You are presumably using the domain you mentioned above in the URL when you connect? Does nslookup return the WAN or LAN IP?

A common issue is that your router doesn’t support NAT reflection and you don’t have split-horizon DNS set up. One of the two is typically needed if you use the domain name to connect (as you should). You can test if this is your problem by adding it to your client’s hosts file with the LAN IP and see if that fixes it.

9

yes that’s the url and what bugs me is that before the system update/ upgrade I didn’t had to worry about this because everything worked out-of - the-box without having to think about these stuff.
nslookup shows the wan address under the non-autoritative answer, if that’s what you’re asking.

What is “it” in this case? By lan ip is the ip of the server in my network (192.16x.xxx),right?

10

“It” being your FQDN for Nextcloud. This file overrides the operating system’s DNS resolution for individual names. Look at some example hosts files and you’ll see what I mean.

1 Like
11

Ok yes, modifying the hosts file did the trick. I have no ways to test this right now but does this mean that, for example, if I bring my laptop with the modified hosts file outside the network it won’t be able to find the site, right?

12

ok update: after a server restart now i have ERR_CONNECTION_REFUSED with or without the hosts files edited. ¯_(ツ)_/¯

13

Yes it does, which is why I don’t like it as a long term solution, but it’s an effective troubleshooting step.

That sounds like the web server isn’t running…

14

Send the voodoo team, this NC is cursed… I did not touch anything, just rebooted the server and now everything is gone… ok back to square one, will update in a couple of hours.

15

Ok, reverted the last update and its back to business. Apparently there is a bug in the latest update.

16

Latest update of what?

17

the snap package updated and that broke it, at least it seems so. I only know that reverting that update fixed the server not becoming online.