Sorry, I'm dropping multiple files, not a folder.Yepp, previously only the first of multiple files would upload. Now all files that I drop end up being uploaded.
Sorry, I'm dropping multiple files, not a folder.Yepp, previously only the first of multiple files would upload. Now all files that I drop end up being uploaded.
Did you remove the lines from the download.php that you added earlier?Sorry, I'm dropping multiple files, not a folder.
Yes I did, but unfortunately, I spoke too soon.Did you remove the lines from the download.php that you added earlier?
I think it might be a nextcloud issue. Some folks over on the nextcloud forum are lamenting about the new upload design.Yes I did, but unfortunately, I spoke too soon.
It is NOT working now actually (uploading multiple files)... It's strange because it definitely worked when trying to upload three files the first time. Now when I'm trying again, it only uploads one of the files as before...
Yes, a lot of complaints about having to target the "upload area" whereas before you could drop anywhere on the page more or less. Now, if you try to drop somewhere else nothing happens...I think it might be a nextcloud issue. Some folks over on the nextcloud forum are lamenting about the new upload design.
Ya not very helpful sometimes. But oh well, I think we solved the rewrite issue.Yes, a lot of complaints about having to target the "upload area" whereas before you could drop anywhere on the page more or less. Now, if you try to drop somewhere else nothing happens...
But at least the upload of multiple files via drag and drop IS accepted as a bug as far as I understand.
The issue with downloading multiple files seems to have been rejected however, and rather considered a misconfiguration, and comments like the one I got : "Do not use a script e.g. danb35/freenas-iocage-nextcloud. Use a normal installation guide that you can understand all parts of installation."
Definitely, great job!! And good to have two different solutions, just in case... Caddyfile and download.phpYa not very helpful sometimes. But oh well, I think we solved the rewrite issue.
It works for me doing it this way--I haven't yet tried dragging onto a folder. I tested with Firefox, not yet with Chrome.or into the box on top that says "Drag and Drop Files Here to Upload"?
Yes, I own several domains. But only 1 of them has an SSL cert. My public IP is dynamic. I anticipated that would be an issue and (before all of this) tried to setup a dynamic DNS update tool, but to no avail. I have set the IP address in the DNS record manually on my hosting service. Long term, I will definitely either get a static IP, or fix the DNS update tool. I have everything trying to go through cloudflare, and I think that's where I have things not set correctlyThe reason it redirect to your local IP is because you have the overwrite_host option set to that.
1. Do you own a domain?
2. Is your public IP static?
You can absolutely get it running securely. But it depends on if you have a domain, or if your just going to access it locally.
You can remove the overwrite_cli_url and overwrite_host options and add your public IP to the list of trusted domains to access it from outside your network.
But I would recommend getting a domain…
You can turn off cloudflares proxy and simply point your dns domain (or subdomain) to your public IP and make sure it’s forwarded to your Nextcloud server. Caddy will handle the certificate and ssl. Generally I haven’t got much experience with cloudflares proxy and ssl settings so I won’t be much help there.Yes, I own several domains. But only 1 of them has an SSL cert. My public IP is dynamic. I anticipated that would be an issue and (before all of this) tried to setup a dynamic DNS update tool, but to no avail. I have set the IP address in the DNS record manually on my hosting service. Long term, I will definitely either get a static IP, or fix the DNS update tool. I have everything trying to go through cloudflare, and I think that's where I have things not set correctly
I'm thinking the first hurdle to clear is getting nextcloud to work securely. I can't set the primary host to go to nextcloud, but will a subdomain of the domain with an SSL cert suffice to point to my (future) secured nextcloud server? If so, I can set that quickly and easily. After that, do I just go back and revert the changes made to Caddyfile and config.php, but insteads using the new subdomain name? I made copies of the original Caddyfile and config.php on my nextcloud installation, so I can easily go back and forth if necessary.
Secondly, can I have a 'secure' connection to nextcloud that can bypass cloudflare for now? So essentially, I can use 'https:' again.
Many thanks.
Now all of a sudden I'm not able to log in... but the places where I am already logged in are working fine...It works for me doing it this way--I haven't yet tried dragging onto a folder. I tested with Firefox, not yet with Chrome.
Interesting. Can you share your Caddyfile? Remove sensitive values. I'm having no issues right now.Now all of a sudden I'm not able to log in... but the places where I am already logged in are working fine...
Going back to the fix using changes in download.php
Ok, there is progress! I created a subdomain and pointed it to my public IP. I can now type in the subdomain in an address bar and it takes me to the warning screen of an unsecure connection. I click through that, and I can access my nextcloud server. So the security hasn't been implemented.Esentially it isn't very hard to get it working.
1. Own a domain (you don't need an SSL cert from cloudflare, Caddy does all that automatically and free)
2. Point it to your public IP (or use a DDNS service for dynamic IP)
3. Open your ports (80 and 443)
4. Have caddy configured to receive the connection and do SSL
5. Have the config.php file set up to do https
{ # debug acme_ca https://acme-staging-v02.api.letsencrypt.org/directory email XXXX # default_sni XXXX } nextcloud.XXXX.com { root * /usr/local/www/nextcloud file_server log { output file /var/log/www.XXXX.com.log } php_fastcgi 127.0.0.1:9000 { env front_controller_active true } # tls { # dns cloudflare XXXX # } header { # enable HSTS # Strict-Transport-Security max-age=31536000; } # client support (e.g. os x calendar / contacts) redir /.well-known/carddav /remote.php/dav 301 redir /.well-known/caldav /remote.php/dav 301 redir /.well-known/webfinger /index.php/.well-known/webfinger 301 redir /.well-known/nodeinfo /index.php/.well-known/nodeinfo 301 # .htaccess / data / config / ... shouldn't be accessible from outside @forbidden { path /.htaccess path /data/* path /config/* path /db_structure path /.xml path /README path /3rdparty/* path /lib/* path /templates/* path /occ path /console.php } respond @forbidden 404 }
<?php $CONFIG = array ( 'passwordsalt' => 'XXXX', 'secret' => 'XXXX', 'trusted_domains' => array ( 0 => 'localhost', 1 => 'nextcloud.XXXX.com', 2 => '192.168.86.200', ), 'datadirectory' => '/mnt/files', 'dbtype' => 'mysql', 'version' => '28.0.3.2', 'overwrite.cli.url' => 'https://nextcloud.XXXX.com', 'dbname' => 'nextcloud', 'dbhost' => 'localhost:/var/run/mysql/mysql.sock', 'dbport' => '', 'dbtableprefix' => 'oc_', 'mysql.utf8mb4' => true, 'dbuser' => 'nextcloud', 'dbpassword' => 'XXXX', 'installed' => true, 'instanceid' => 'XXXX', 'logtimezone' => 'America/Chicago', 'default_phone_region' => 'US', 'log_type' => 'file', 'logfile' => '/var/log/nextcloud/nextcloud.log', 'loglevel' => '2', 'logrotate_size' => '104847600', 'memcache.local' => '\\OC\\Memcache\\APCu', 'redis' => array ( 'host' => '/var/run/redis/redis.sock', 'port' => 0, ), 'memcache.distributed' => '\\OC\\Memcache\\Redis', 'memcache.locking' => '\\OC\\Memcache\\Redis', 'overwritehost' => 'nextcloud.XXXX.com', 'overwriteprotocol' => 'https', 'htaccess.RewriteBase' => '/', 'trusted_proxies' => array ( 1 => 'localhost', ), 'maintenance_window_start' => 5, );
So right now caddy is getting a cert from acme staging environment. At the top of your Caddyfile, and a comment # in front of the line that starts with acmeOk, there is progress! I created a subdomain and pointed it to my public IP. I can now type in the subdomain in an address bar and it takes me to the warning screen of an unsecure connection. I click through that, and I can access my nextcloud server. So the security hasn't been implemented.
Here's my updated Caddyfile:
Code:{ # debug acme_ca https://acme-staging-v02.api.letsencrypt.org/directory email XXXX # default_sni XXXX } nextcloud.XXXX.com { root * /usr/local/www/nextcloud file_server log { output file /var/log/www.oroshiba.com.log } php_fastcgi 127.0.0.1:9000 { env front_controller_active true } # tls { # dns cloudflare XXXX # } header { # enable HSTS # Strict-Transport-Security max-age=31536000; } # client support (e.g. os x calendar / contacts) redir /.well-known/carddav /remote.php/dav 301 redir /.well-known/caldav /remote.php/dav 301 redir /.well-known/webfinger /index.php/.well-known/webfinger 301 redir /.well-known/nodeinfo /index.php/.well-known/nodeinfo 301 # .htaccess / data / config / ... shouldn't be accessible from outside @forbidden { path /.htaccess path /data/* path /config/* path /db_structure path /.xml path /README path /3rdparty/* path /lib/* path /templates/* path /occ path /console.php } respond @forbidden 404 }
And here's my updated config.php
Code:<?php $CONFIG = array ( 'passwordsalt' => 'XXXX', 'secret' => 'XXXX', 'trusted_domains' => array ( 0 => 'localhost', 1 => 'nextcloud.XXXX.com', 2 => '192.168.86.200', ), 'datadirectory' => '/mnt/files', 'dbtype' => 'mysql', 'version' => '28.0.3.2', 'overwrite.cli.url' => 'https://nextcloud.XXXX.com', 'dbname' => 'nextcloud', 'dbhost' => 'localhost:/var/run/mysql/mysql.sock', 'dbport' => '', 'dbtableprefix' => 'oc_', 'mysql.utf8mb4' => true, 'dbuser' => 'nextcloud', 'dbpassword' => 'XXXX', 'installed' => true, 'instanceid' => 'XXXX', 'logtimezone' => 'America/Chicago', 'default_phone_region' => 'US', 'log_type' => 'file', 'logfile' => '/var/log/nextcloud/nextcloud.log', 'loglevel' => '2', 'logrotate_size' => '104847600', 'memcache.local' => '\\OC\\Memcache\\APCu', 'redis' => array ( 'host' => '/var/run/redis/redis.sock', 'port' => 0, ), 'memcache.distributed' => '\\OC\\Memcache\\Redis', 'memcache.locking' => '\\OC\\Memcache\\Redis', 'overwritehost' => 'nextcloud.XXXX.com', 'overwriteprotocol' => 'https', 'htaccess.RewriteBase' => '/', 'trusted_proxies' => array ( 1 => 'localhost', ), 'maintenance_window_start' => 5, );
Oh and do aSo right now caddy is getting a cert from acme staging environment. At the top of your Caddyfile, and a comment # in front of the line that starts with acme
But then it will obtain one using http validation.
If you want to obtain one using DNS validation, I comment the three lines in the TLS block
service caddy reload
That absolutely worked! I now have a secure connection to the nextcloud server through the domain name. I'm thrilled. :-DSo right now caddy is getting a cert from acme staging environment. At the top of your Caddyfile, and a comment # in front of the line that starts with acme
But then it will obtain one using http validation.
If you want to obtain one using DNS validation, I comment the three lines in the TLS block
As far as security goes, Cloudflare might have some things that they implement. But I feel if you aren’t google or Amazon you should be ok with an SSL (secure) connection using Caddy. Caddy has some built in things, as does Nextcloud to stay secure.That absolutely worked! I now have a secure connection to the nextcloud server through the domain name. I'm thrilled. :-D
I'm not sure how much I need cloudflare now. I'm pretty sure that was where my problem was. How strongly do you recommend implementing that? As it is now, is a secure connection good enough?
Thanks so, so much for your help with this. I'm certain I would've given up on this a long time ago.
Got it. Than I will stick to what I have. You're AWESOME. Thanks also to @danb35 for your help getting the script set up. I appreciate the both of you. Have a great day!As far as security goes, Cloudflare might have some things that they implement. But I feel if you aren’t google or Amazon you should be ok with an SSL (secure) connection using Caddy. Caddy has some built in things, as does Nextcloud to stay secure.
I don’t use Cloudflare proxy or SSL because I forward some stuff to other ports besides 443 and 80
I only use Cloudflare to host my DNS.
I’m fairly sure there is a bug in your Caddyfile somewhere. As it works flawlessly right now for me. Could be wrong though…Interesting. Can you share your Caddyfile? Remove sensitive values. I'm having no issues right now.