Posts by Alomon

Quote from zomboided

duckdns address. Local traffic shouldn’t be going through the VPN. It should come into the router (which isn’t using the VPN) and be forwarded over your local network to your Pi. It’s exactly how I run mine, albeit with a different dynamic DNS service

That's what I understand. And I have no problem connecting to Libreelec from my local network when the VPN is activated. The problem occurs only when trying to connect to Librelec from outside. I can only reach my router, but not my Raspberry hosting Librelec. Port forwarding should'nt be an issue as everything work fine when VPN is deactivated, am I right? I'm running out of ideas, it seems pretty simple but doesn't work, should I try a different VPN service provider?

Thanks

Just tried it. When I do ps -ef, I have:

Quote

25197 root 0:00 openvpn /storage/.kodi/addons/service.vpn.manager/CyberGhost/United States (UDP).ovpn

Then ping works perfectly. But I still can't SSH into Libreelec from outside ("Timeout connecting to xxx.duckdns.org").

My Pi is connected to my router (ISP box), on which port forwarding is setup so as I can access my home network via my duckdns address. That's pretty simple, ports 22 and 443 are redirected to the Pi.

When the VPN is activated, should I still be able to connect via my duckdns address? Or should I use the VPN address?

Thanks again.

Hi,

Thanks for your easy-to-use add-on!

I have set it up using a paid Cyberghost VPN. However I'm facing an issue. Libreelec is installed on a Raspberry Pi. It hosts, among other stuff, Docker and a Nextcloud instance (+ letsencrypt with duckdns). When I connect the VPN, then I cannot access Nextcloud from outside my network. I do not have any error message, it just tries to loads the page indefinitely...

Is there a way to understand where the issue comes from and, finally, to solve it?

Thanks

Quote from Alomon

Hi,

I do have a Rpi 4. But Libreelec is installed on a Rpi 2 for now. How easy would it be to move my Libreelec setup from the 2 to the 4? It seems that just moving the SD card from one to the other is not enough? Would I lose anything if I export my Libreelec to settings from the GUI and import it back on the new one (parameters, add-ons,...)?

Thanks

For further reference, I would advise anyone who wants to migrate from a Rpi to another to install a fresh Libreelec on the new one and use the backup/restore function of Libreelec. That worked perfectly for me from a Pi2 to a Pi4, just had to adjust some add-ons but it was no big deal.

Hi,

I do have a Rpi 4. But Libreelec is installed on a Rpi 2 for now. How easy would it be to move my Libreelec setup from the 2 to the 4? It seems that just moving the SD card from one to the other is not enough? Would I lose anything if I export my Libreelec to settings from the GUI and import it back on the new one (parameters, add-ons,...)?

Thanks

Great, th'as up and running, now The certificate is valid and my browers and other apps are happy!

Thank you again for the help and the great job with all those docker add-ons! Sorry if I missed some information in the docs sometimes, but one can admit that there are a lot of sources of information: your website, readme files, multiple forum posts here... And some of them are outdated, so it is quite hard for a beginner to find the right information.

That's what I thought it was due to, thanks for the confirmation. So if I'm right, letsencrypt container should be created with -e SUBDOMAINS=wildcard \. But then, I can't find a way to make the server automatically load Nextcloud when we access http://www.domain.duckdns.org. Do I understand well?

And ultimately, will it allow browsers and external applications to access my instance without doubting about the certificate? Our should I use another validation method for that?

Thanks.

Hi,

Now I think I've got it installed, I used CLI to be able to monitor everything:

docker create \
  --name=nextcloud \
  --net=lsio \
  -e PUID=65534 \
  -e PGID=100 \
  -e TZ=Europe/London \
  -v /storage/.kodi/userdata/addon_data/docker.linuxserver.nextcloud/config:/config \
  -v /storage/.kodi/userdata/docker.linuxserver.nextcloud/data:/data \
  --restart unless-stopped \
  linuxserver/nextcloud

docker create \
  --name=mariadb \
  --net=lsio \
  -e PUID=65534 \
  -e PGID=100 \
  -e MYSQL_ROOT_PASSWORD= _SQL_PASS_\
  -e TZ=Europe/London \
  -e MYSQL_DATABASE=nc \
  -e MYSQL_USER= _SQL_USER_ \
  -e MYSQL_PASSWORD=_SQL_USER_PASS_ \
  -p 3306:3306 \
  -v /storage/.kodi/userdata/addon_data/docker.linuxserver.mariadb/config:/config \
  --restart unless-stopped \
  linuxserver/mariadb

docker create \
  --name=letsencrypt \
  --cap-add=NET_ADMIN \
  --net=lsio \
  -e PUID=65534 \
  -e PGID=100 \
  -e TZ=Europe/London \
  -e URL=_MY_DOMAIN_.duckdns.org \
  -e SUBDOMAINS=nextcloud \
  -e VALIDATION=duckdns \
  -e DUCKDNSTOKEN=_MY_TOKEN_ \
  -e EMAIL=_MY_MAIL_ \
  -e DHLEVEL=2048 \
  -e STAGING=false \
  -p 443:443 \
  -v /storage/.kodi/userdata/addon_data/docker.linuxserver.letsencrypt/config:/config \
  --restart unless-stopped \
  linuxserver/letsencrypt

Then:

docker start mariadb
docker start nextcloud
docker start letsencrypt

I used a custom dhparams to speed things up as explained here. I also had to edit nextcloud.subdomain.conf file with proxy_max_temp_file_size 1024m; as explained there. Then docker restart letsencrypt.

I can now access to my Nextcloud instance via https://nextcloud._MY_DOMAIN_.duckdns.org. Howerver, my browsers still trigger a safety alert regarding the certificate because the certificate is for _MY_DOMAIN_.duckdns.org and not for nextcloud._MY_DOMAIN_.duckdns.org.

I tried as well to install letsencrypt with wildcard as SUBDOMAINS but got the same error because the certificate was for *._MY_DOMAIN_.duckdns.org.

This seems to provide other applications to access Nextcloud (in my case, Home Assistant).

Is there a solution fot that?

Thanks again

OK, I will give it another try 🤞 Hope I'll come back with some good news soon.

Hi,

I've read your well written guide and I've understood a lot of things now. But still, if I follow the instructions about Nextcloud installation and adapt them to LE, I understand I just have to install Nextcloud add-on, Mariadb add-on and letsencrypt add-on, then adapt config files (for Nextcloud ans letsencrypt) and router configuration as explained. However, I still think that Nextcloud and Letsencrypt listen to the same port (443), which prevents the setup to work. What did I miss in your guide? Should I change a port somewhere?

Thanks again

P.S.: I forgot to mention that I keep on getting an error on letsencrypt logs: [emerg] "proxy_max_temp_file_size" directive invalid value in /config/nginx/proxy-confs/nextcloud.subdomain.conf:33

OK, thanks.

Just one thing which is not really documented: can I keep my Nextcloud instance on port 443? I've read somewhere that with letsencrypt, no other application should listen to port 443. If not, I would have to uninstall it completely before going further.

Moreover, I've read that a docker network might be necessary, is it mandatory here with linuxserver containers? [Edit: while trying to setup a docker network, I've seen one is already created, named lsio]

Sorry if it's a lot of questions, but the doc is not so easy to find (lot of pages/posts on different websites, especially due to Libreelec integration...).

Thanks again

Hi,

Sorry but I will need help here.

I've installed Letsencrypt addon and configured it with:

- Port 80: 85 (and, on my router, redirected port 80 from outside to port 85 on the Raspberry)

- URL: my personal url which is registered at no-ip.com (xxx.ddns.net) and configured as a Dyndns on my router. This DNS works as I can still access my Nextcloud instance which is on port 443 (is that a problem?)

- subdomains: I don't really know what to write here as I don't have any registered subdomain. It could be great to be able to access, i.e. Nextcloud via nc.xxx.ddns.net, but I don't have any idea if it is possible and how to do that. So I've tried to write "www,nc" for further use.

- validation method: http

I waited for the log to show the result of the installation, I don't have it anymore but I got a message saying that subdomains were unreachable so I had to check my config.

Could you please help me in understanding what I missed?

Thanks

Logs don't show anything suspicious. I will have a look at letsencrypt, then.

Just to know: if a Raspberry is too weak for Nextcloud, which platform would you better suggest?

Thanks

Nextcloud web ui log doesn't show anything in particular. Do we have access to other logs? docker logs docker.linuxserver.nextcloud returns nothing.

Is there a way to switch to http instead of https to avoid any certificate problem when interfacing Nextcloud with other apps?

Thanks

Hi,

My setup is running for more than 2 months, but I find it very slow. On local network, it could last up to 40 seconds to load the Files page, which I find very long.

Do you have some clues how to speed it up?

Thanks.

You're right, it does the job Thank you very much!

Hi,

Now I have a fully functional Nextcloud setup (to sum up: Nextcloud as linuxserver Docker add-on on Libreelec with a shared external storage), I would like to be able to automatically save my calendars on a daily basis. I have found a script made on that purpose, but it doesn't seem to be adapted to my setup. It asks for mariadb-client package to be installed, which I don't really understand.

Moreover, I have found some commands using wget, but it requires to login to my Nextcloud account, however wget in Libreelec (from Busybox) does not accept any authentification parameter:

BusyBox v1.31.0 (2020-03-03 16:31:30 EST) multi-call binary.

Usage: wget [-c|--continue] [--spider] [-q|--quiet] [-O|--output-document FILE]
[-o|--output-file FILE] [--header 'header: value'] [-Y|--proxy on/off]
[-P DIR] [-S|--server-response] [-U|--user-agent AGENT] [-T SEC] URL...

Retrieve files via HTTP or FTP

--spider        Only check URL existence: $? is 0 if exists
-c              Continue retrieval of aborted transfer
-q              Quiet
-P DIR          Save to DIR (default .)
-S              Show server response
-T SEC          Network read timeout is SEC seconds
-O FILE         Save to FILE ('-' for stdout)
-o FILE         Log messages to FILE
-U STR          Use STR for User-Agent header
-Y on/off       Use proxy

Could you please help me finding the right command for my setup?

Thanks.

I've already tried that on a fresh install. It did not work, then I saw the switch to enable USB pass through, which I activated and entered /dev/ttyACM0 as parameter just below.

P.S.: I just tried a new install with your suggested parameter and I confirm I get the same error messages. Actually, previously I typed "--device /dev/ttyACM0:/dev/ttyACM0", which seems to be the same...