Posts by Alomon

    Hi,


    Now I'm facing anothher issue. I would like to access my Nextcloud instance via (for example) https://www.domain.duckdns.org:2222.

    For that, I've forwarded port 2222 to port 443 on my router, as Nextcloud and letsencrypt are accessed on port 443. But it doesn't seem to be sufficient, I've got a timeout error when trying to access Nextcloud on port 2222 and even from my local network.


    Where am I wrong? Do I have to change some settings somewhere on nextcloud and/or letsencrypt? Or even to rebuild the containers?


    Thanks

    Different providers use different ports. Some providers allow connections on multiple ports. If you switch off 'Use VPN provider default UDP port' on the VPN Config tab in settings, then you can choose the port you use. It won't work unless your VPN provider allows it though.

    And what about the ipv6 warning? Should I worry about it?

    Hi,


    Still trying to connect frmo oustide when CG VPN is activated. Reading the logs, I can see this:


    Quote

    [...]

    2020-06-29 14:28:35.080 T:2580542320 NOTICE: proto udp

    2020-06-29 14:28:35.081 T:2580542320 NOTICE: remote 87-1-gb.cg-dialup.net 443

    [...]


    Is it normal to use port 443 here. I would've expected port 1194 when I chose UDP, where am I wrong? I didn't change anything in VPN Manager settings. Logs copied on pastebin, after UDP and TCP connection tests.


    Note that I have Nextcloud running on port 443, that could matter if this port has to be used as well for the VPN.

    I'm also wondering about the ipv6 warning you can see in the logs:


    Quote


    2020-06-29 14:35:18.224 T:2672530288 NOTICE: Mon Jun 29 14:34:43 2020 WARNING: OpenVPN was configured to add an IPv6 route over tun0. However, no IPv6 has been configured for this interface, therefore the route installation may fail or may not work as expected.


    Thanks.

    duckdns address. Local traffic shouldn’t be going through the VPN. It should come into the router (which isn’t using the VPN) and be forwarded over your local network to your Pi. It’s exactly how I run mine, albeit with a different dynamic DNS service

    That's what I understand. And I have no problem connecting to Libreelec from my local network when the VPN is activated. The problem occurs only when trying to connect to Librelec from outside. I can only reach my router, but not my Raspberry hosting Librelec. Port forwarding should'nt be an issue as everything work fine when VPN is deactivated, am I right? I'm running out of ideas, it seems pretty simple but doesn't work, should I try a different VPN service provider?


    Thanks

    Just tried it. When I do ps -ef, I have:


    Quote

    25197 root 0:00 openvpn /storage/.kodi/addons/service.vpn.manager/CyberGhost/United States (UDP).ovpn

    Then ping works perfectly. But I still can't SSH into Libreelec from outside ("Timeout connecting to xxx.duckdns.org").


    My Pi is connected to my router (ISP box), on which port forwarding is setup so as I can access my home network via my duckdns address. That's pretty simple, ports 22 and 443 are redirected to the Pi.


    When the VPN is activated, should I still be able to connect via my duckdns address? Or should I use the VPN address?


    Thanks again.

    Hi,


    Thanks for your easy-to-use add-on!

    I have set it up using a paid Cyberghost VPN. However I'm facing an issue. Libreelec is installed on a Raspberry Pi. It hosts, among other stuff, Docker and a Nextcloud instance (+ letsencrypt with duckdns). When I connect the VPN, then I cannot access Nextcloud from outside my network. I do not have any error message, it just tries to loads the page indefinitely...


    Is there a way to understand where the issue comes from and, finally, to solve it?


    Thanks

    Hi,

    I do have a Rpi 4. But Libreelec is installed on a Rpi 2 for now. How easy would it be to move my Libreelec setup from the 2 to the 4? It seems that just moving the SD card from one to the other is not enough? Would I lose anything if I export my Libreelec to settings from the GUI and import it back on the new one (parameters, add-ons,...)?

    Thanks

    For further reference, I would advise anyone who wants to migrate from a Rpi to another to install a fresh Libreelec on the new one and use the backup/restore function of Libreelec. That worked perfectly for me from a Pi2 to a Pi4, just had to adjust some add-ons but it was no big deal.

    Hi,

    I do have a Rpi 4. But Libreelec is installed on a Rpi 2 for now. How easy would it be to move my Libreelec setup from the 2 to the 4? It seems that just moving the SD card from one to the other is not enough? Would I lose anything if I export my Libreelec to settings from the GUI and import it back on the new one (parameters, add-ons,...)?

    Thanks

    Great, th'as up and running, now ;) The certificate is valid and my browers and other apps are happy!


    Thank you again for the help and the great job with all those docker add-ons! Sorry if I missed some information in the docs sometimes, but one can admit that there are a lot of sources of information: your website, readme files, multiple forum posts here... And some of them are outdated, so it is quite hard for a beginner to find the right information.

    That's what I thought it was due to, thanks for the confirmation. So if I'm right, letsencrypt container should be created with -e SUBDOMAINS=wildcard \. But then, I can't find a way to make the server automatically load Nextcloud when we access http://www.domain.duckdns.org. Do I understand well?


    And ultimately, will it allow browsers and external applications to access my instance without doubting about the certificate? Our should I use another validation method for that?


    Thanks.

    Hi,


    Now I think I've got it installed, I used CLI to be able to monitor everything:


    Code
    1. docker create \
    2. --name=nextcloud \
    3. --net=lsio \
    4. -e PUID=65534 \
    5. -e PGID=100 \
    6. -e TZ=Europe/London \
    7. -v /storage/.kodi/userdata/addon_data/docker.linuxserver.nextcloud/config:/config \
    8. -v /storage/.kodi/userdata/docker.linuxserver.nextcloud/data:/data \
    9. --restart unless-stopped \
    10. linuxserver/nextcloud



    Then:

    Code
    1. docker start mariadb
    2. docker start nextcloud
    3. docker start letsencrypt

    I used a custom dhparams to speed things up as explained here. I also had to edit nextcloud.subdomain.conf file with proxy_max_temp_file_size 1024m; as explained there. Then docker restart letsencrypt.


    I can now access to my Nextcloud instance via https://nextcloud._MY_DOMAIN_.duckdns.org. Howerver, my browsers still trigger a safety alert regarding the certificate because the certificate is for _MY_DOMAIN_.duckdns.org and not for nextcloud._MY_DOMAIN_.duckdns.org.

    I tried as well to install letsencrypt with wildcard as SUBDOMAINS but got the same error because the certificate was for *._MY_DOMAIN_.duckdns.org.


    This seems to provide other applications to access Nextcloud (in my case, Home Assistant).

    Is there a solution fot that?


    Thanks again

    Hi,

    I've read your well written guide and I've understood a lot of things now. But still, if I follow the instructions about Nextcloud installation and adapt them to LE, I understand I just have to install Nextcloud add-on, Mariadb add-on and letsencrypt add-on, then adapt config files (for Nextcloud ans letsencrypt) and router configuration as explained. However, I still think that Nextcloud and Letsencrypt listen to the same port (443), which prevents the setup to work. What did I miss in your guide? Should I change a port somewhere?

    Thanks again


    P.S.: I forgot to mention that I keep on getting an error on letsencrypt logs: [emerg] "proxy_max_temp_file_size" directive invalid value in /config/nginx/proxy-confs/nextcloud.subdomain.conf:33

    OK, thanks.

    Just one thing which is not really documented: can I keep my Nextcloud instance on port 443? I've read somewhere that with letsencrypt, no other application should listen to port 443. If not, I would have to uninstall it completely before going further.

    Moreover, I've read that a docker network might be necessary, is it mandatory here with linuxserver containers? [Edit: while trying to setup a docker network, I've seen one is already created, named lsio]

    Sorry if it's a lot of questions, but the doc is not so easy to find (lot of pages/posts on different websites, especially due to Libreelec integration...).


    Thanks again

    Hi,

    Sorry but I will need help here.

    I've installed Letsencrypt addon and configured it with:

    - Port 80: 85 (and, on my router, redirected port 80 from outside to port 85 on the Raspberry)

    - URL: my personal url which is registered at no-ip.com (xxx.ddns.net) and configured as a Dyndns on my router. This DNS works as I can still access my Nextcloud instance which is on port 443 (is that a problem?)

    - subdomains: I don't really know what to write here as I don't have any registered subdomain. It could be great to be able to access, i.e. Nextcloud via nc.xxx.ddns.net, but I don't have any idea if it is possible and how to do that. So I've tried to write "www,nc" for further use.

    - validation method: http


    I waited for the log to show the result of the installation, I don't have it anymore but I got a message saying that subdomains were unreachable so I had to check my config.


    Could you please help me in understanding what I missed?


    Thanks