Scale - Nextcloud and ingress

[dustojnikhummer]

Certificate generated. Using nextcloud from truecharts.org. Traefik installed.

I go through the Nextcloud setup, Nextcloud picks port 10020. Under Networking nad Services, ClusterIP

In Network settings, hostname is nextcloud.home.mydomain.eu, path is /, pathType Prefix. Traefik entrypoint is websecure.

Traefik adds Nextcloud under HTTP Router

When I click Open on the app page, it tries to open nextcloud.home.mydomain.eu:9443. Which doesn't lead anywhere. Neither does nextcloud.home.mydomain.eu

Yes I have nextcloud.home.mydomain.eu A DNS record with Cloudflare.

Why is it picking 9443?

Also this guide mentions port forwarding?

TrueNAS Scale Nextcloud and reverse proxy (https) - From Y to X

In this guide, step-by-step instructions for installing Nextcloud, reverse proxy, database, and certification on TrueNAS Scale are provided.

windsketch.cc

Correct me if I'm blind but wouldn't that redirect all 443/80 traffic into the 9443/9080. I'm using Mikrotik.

 

[dustojnikhummer]

 

[DaSnipe]

Certificate generated. Using nextcloud from truecharts.org. Traefik installed.

I go through the Nextcloud setup, Nextcloud picks port 10020. Under Networking nad Services, ClusterIP

In Network settings, hostname is nextcloud.home.mydomain.eu, path is /, pathType Prefix. Traefik entrypoint is websecure.

Traefik adds Nextcloud under HTTP Router

When I click Open on the app page, it tries to open nextcloud.home.mydomain.eu:9443. Which doesn't lead anywhere. Neither does nextcloud.home.mydomain.eu

Yes I have nextcloud.home.mydomain.eu A DNS record with Cloudflare.

Why is it picking 9443?

Also this guide mentions port forwarding?

TrueNAS Scale Nextcloud and reverse proxy (https) - From Y to X

In this guide, step-by-step instructions for installing Nextcloud, reverse proxy, database, and certification on TrueNAS Scale are provided.

windsketch.cc

Correct me if I'm blind but wouldn't that redirect all 443/80 traffic into the 9443/9080. I'm using Mikrotik.

That guide tells you an extra redirect to move 9443 to 443.

To me the easiest/simplest thing is the way they show in the TrueCharts videos, where they move the TrueNAS webUI to 81/444, and directly install Traefik to 80/443, but I mean you do you lol

 

[dustojnikhummer]

That guide tells you an extra redirect to move 9443 to 443.

To me the easiest/simplest thing is the way they show in the TrueCharts videos, where they move the TrueNAS webUI to 81/444, and directly install Traefik to 80/443, but I mean you do you lol

Yeah, noticed that earlier this morning. And why didn't 9443 work? Because I had my port forward directed to a wrong machine lol. Shame I can't edit my own post

 

[DaSnipe]

Lol as long as you figured it out that's key.

 

[dustojnikhummer]

Lol as long as you figured it out that's key.

Yep. Point of the story, RTFM.

 

[li_chang]

Hi @dustojnikhummer,

It's because the entrypoint for websecure (https) is on port 9443 by default. I believe if you have router connected to TrueNAS, you have to setup port forwarding:

For example, ip address for nextcloud.home.mydomain.eu is 1.2.3.4

when query nextcloud.home.mydomain.eu:9443, it will query 1.2.3.4 with port 9443. If your TrueNAS is directly connected to WAN and the assigned ip is 1.2.3.4, it should work. However, if you have a router and NAT, your TrueNAS is assigned to private ip (e.g., 192.168.1.100). In the latter case, your router won't know which destination should this query (1.2.3.4:9443) be forwarded to (should forward to 192.168.1.100:9443). That's why you need a port forwarding setup in your router as mentioned in my guide.

I am also running MikroTik router (hap ac2), if you have trouble setting up, feel free to dm me.

 

[dustojnikhummer]

Hi @dustojnikhummer,

It's because the entrypoint for websecure (https) is on port 9443 by default. I believe if you have router connected to TrueNAS, you have to setup port forwarding:

For example, ip address for nextcloud.home.mydomain.eu is 1.2.3.4

when query nextcloud.home.mydomain.eu:9443, it will query 1.2.3.4 with port 9443. If your TrueNAS is directly connected to WAN and the assigned ip is 1.2.3.4, it should work. However, if you have a router and NAT, your TrueNAS is assigned to private ip (e.g., 192.168.1.100). In the latter case, your router won't know which destination should this query (1.2.3.4:9443) be forwarded to (should forward to 192.168.1.100:9443). That's why you need a port forwarding setup in your router as mentioned in my guide.

I am also running MikroTik router (hap ac2), if you have trouble setting up, feel free to dm me.

Thanks. The whole issue was that I had my dst-nat pointed to a wrong IP address (a VM instead of a truenas host).

 

[sanderb2001]

I am running in to similar issues,
i followed the same write up as mentioned above including the port forwarding of 443 -> 9443 and 80 -> 9080 but i cant reach nextcloud over the nexcloud.”mydomain.com” local over its ip address and port i can reach it

i also tried to change the ports to 443 and 80 (and move the ports of the truenas gui to 81 and 444)
But this does not change anything.

I also read above and in the quick start write up of truecharts that ClusterIP is used if i change this in the setup op nextcloud it still does not work, and i can’t reach nextcloud locally any more.

are there here still any tips?

 

[li_chang]

Hi @sanderb2001 , have you got your problem resolved? I am able to help you surely.
1. Have you seen an TLS entry for nextcloud in Traefik dashboard?
2. What is the error when browsing nextcloud.mydomain.com? (e.g., timeout, not found...)
3. What's the response when you browse https://your.public.ip?
4. For debugging purpose, turn off proxy in cloudflare and try it again.

 

[sanderb2001]

Hey, sorry for my late response.
Yeah it is working now, but is where a few things at the end and to be honest I am not sure why…
I found this (https://truecharts.org/manual/Quick-Start Guides/11-external-services/#requirements) video where they also showed how to make the Truenas UI accessible via Traefik, I decided to also try this out. But first with no luck, after I changed the internal ports of traefik from 9080 and 9443 to 80 and 443 (because this was also mentioned here: https://truecharts.org/manual/Quick-Start Guides/08-installing-Traefik/#requirements ) it worked, then I could reach the Truenas UI via my domain, (not that I want this but only as a test)

Then I also started experimenting with the external service app to use this to point traefik to nextcloud, when I kept using https for nextcloud internal I always got a timeout, but after changing this to http, and after adding my domain also to the trusted domains in the config.php everything worked perfect.
Followed this guide (also from you?) it worked perfect: https://www.truenas.com/community/t...e-gui-anymore-how-accessing-config-php.99069/

So that’s how I’m running it now, like I said I’m not 100% sure if all these things contributed to it working now.
Would like to know why it did work with you in your write up but not with me, maybe some changes in the Nextcloud app and how it handles ingress?

 

[sanderb2001]

Just a quick update on this,

I’ve now set it up using ports 9080 and 9443 and everything seems to work fine. so this is possible.

Another interesting thing that i noticed, if i install nextcloud (from truecharts) with ingress enabled the container does not get active and i get the following error:
Startup probe failed: HTTP probe failed with statuscode: 400

The thing is with the external service "app" you still need to get the trusted domain in, then i found this page with the environment variables you can use.

I added my domain with: NEXTCLOUD_TRUSTED_DOMAINS
and again i got the "Startup probe failed: HTTP probe failed with statuscode: 400" error.

anybody who knows why this happens? if i use the method in my post above (using shell) it works fine

 

[sanderb2001]

srry i forgot the website:

GitHub - nextcloud/docker: ⛴ Docker image of Nextcloud

⛴ Docker image of Nextcloud. Contribute to nextcloud/docker development by creating an account on GitHub.

github.com