Nextcloud, your personal cloud server, GNU nano blank page

    • Hi Agricola, I was going to do some other videos with Let's Encrypt, but I got distracted with other things. I tend to get distracted and go off on another topic. I will get back around to them. I have a list of over 50 different topics that people have asked me to cover. Sorry for the confusion.
      Build, Learn, Create.

      How to Videos for OMV

      Post any questions to the forum, so others can benefit from your curiosity. :thumbsup:
    • @'TechnoDadLife
      I am trying to do this guide Securely Login to Nextcloud Remotely on Openmediavault

      I opened the port on my router but no matter what, when I do docker logs -f letsencrypt
      I am getting this below. I am wondering if pihole is preventing to reach the server or how to configure letsencrypt without a Dynamic DNS server since my IP never change not static but almost since my provider is uverse?

      Source Code

      1. Failed authorization procedure. leXXXXnt.duckdns.org (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://leXXXXXXXX.duckdns.org/.well-known/acme-challenge/CqaUOJn496CV5b6sri0Q-5Yc3acXbmDojmeaVSqjppI: Connection refused
      2. IMPORTANT NOTES:
      3. - The following errors were reported by the server:
      4. Domain: lefXXXXXXt.duckdns.org
      5. Type: connection
      6. Detail: Fetching
      7. http://lefXXXXXXXXt.duckdns.org/.well-known/acme-challenge/CqaUOJn496CV5b6sri0Q-5Yc3acXbmDojmeaVSqjppI:
      8. Connection refused
      9. To fix these errors, please make sure that your domain name was
      10. entered correctly and the DNS A/AAAA record(s) for that domain
      11. contain(s) the right IP address. Additionally, please check that
      12. your computer has a publicly routable IP address and that no
      13. firewalls are preventing the server from communicating with the
      14. client. If you're using the webroot plugin, you should also verify
      15. that you are serving files from the webroot path you provided.
      16. ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container
      Display All
      Images
      • 2018-10-06_091654.jpg

        56.25 kB, 946×334, viewed 52 times
      • 2018-10-06_091739.jpg

        65 kB, 981×345, viewed 49 times
    • @TechnoDadLife, I'm not as far along on this one as Nefertiti is. I am still stuck at port forwarding. In your example you have "internal" and "external" ports where your forwarding info is placed. I'm on a Macintosh using Airport Extreme and my settings for port forwarding looks like what's below. I have found the mac address of my Odroid. In the settings below, does "public" and "private" correlate to "external" and "internal"? And then the 80/90 & 443/450 ports: which is LDP and which is TCP? Am I speaking Greek? Do I need to go out and get a "real" modem?

      Which brings me to the question of of this "Tomato" router you mentioned in the video. Your mention was the first I'd ever heard of such a thing. Are they easier to work with or what? I know this is probably a whole new topic, so you can skip that. My son has a spare Asus router that I am going to try to set up in place of this Apple router, and see if I can make any headway. Thanks for the video. It really is good. I'm just a bit dense and sheltered (at 62) in an Apple world all my life.


      Retired. Love to garden and mess with computers. The more I mess with both the less I know about either.
      OMV 4.1.14-1, Odroid hc2 w/ 4TB WD Blue.
    • Agricola wrote:

      Which brings me to the question of of this "Tomato" router you mentioned in the video. Your mention was the first I'd ever heard of such a thing. Are they easier to work with or what? I know this is probably a whole new topic, so you can skip that. My son has a spare Asus router that I am going to try to set up in place of this Apple router, and see if I can make any headway. Thanks for the video. It really is good. I'm just a bit dense and sheltered (at 62) in an Apple world all my life.
      Tomato vs. DD-WRT This will show the basics of Tomato and DD_WRT. They are firmware to replace what is currently on your router. I don't know anything about apple products, so you'll have to ask someone else about that.

      I found this article though. I have an Apple router. How do I set up port forwarding on this one?
      Build, Learn, Create.

      How to Videos for OMV

      Post any questions to the forum, so others can benefit from your curiosity. :thumbsup:
    • TechnoDadLife wrote:

      Take a picture of your Let's Encrypt container and show what variables you put in.
      The strange thing when I go to modify letsencrypt container the port forwarding is empty although I keep putting in but it does not look to be saved.

      Brainfuck Source Code

      1. Brought to you by linuxserver.io
      2. We gratefully accept donations at:
      3. https://www.linuxserver.io/donate/
      4. -------------------------------------
      5. GID/UID
      6. -------------------------------------
      7. User uid: 1000
      8. User gid: 100
      9. -------------------------------------
      10. [cont-init.d] 10-adduser: exited 0.
      11. [cont-init.d] 20-config: executing...
      12. [cont-init.d] 20-config: exited 0.
      13. [cont-init.d] 30-keygen: executing...
      14. using keys found in /config/keys
      15. [cont-init.d] 30-keygen: exited 0.
      16. [cont-init.d] 50-config: executing...
      17. Variables set:
      18. PUID=1000
      19. PGID=100
      20. TZ=America/Los_Angeles
      21. URL=duckdns.org
      22. SUBDOMAINS=lefouvolant
      23. EXTRA_DOMAINS=
      24. ONLY_SUBDOMAINS=true
      25. DHLEVEL=2048
      26. VALIDATION=http
      27. DNSPLUGIN=
      28. EMAIL=p..........@gmail.com
      29. STAGING=
      30. 2048 bit DH parameters present
      31. SUBDOMAINS entered, processing
      32. SUBDOMAINS entered, processing
      33. Only subdomains, no URL in cert
      34. Sub-domains processed are: -d lefouvolant.duckdns.org
      35. E-mail address entered: philglic@gmail.com
      36. http validation is selected
      37. Different validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created
      38. Generating new certificate
      39. Saving debug log to /var/log/letsencrypt/letsencrypt.log
      40. Plugins selected: Authenticator standalone, Installer None
      41. Obtaining a new certificate
      42. Performing the following challenges:
      43. http-01 challenge for lefouvolant.duckdns.org
      44. Waiting for verification...
      45. Cleaning up challenges
      46. IMPORTANT NOTES:
      47. Failed authorization procedure. lefouvolant.duckdns.org (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://lefouvolant.duckdns.org/.well-known/acme-challenge/0YLatvyuNfcFNUZvtMCwRaP6W-BzNUVcefLTFpJLQy8: Connection refused
      48. - The following errors were reported by the server:
      49. Domain: lefouvolant.duckdns.org
      50. Type: connection
      51. Detail: Fetching
      52. http://lefouvolant.duckdns.org/.well-known/acme-challenge/0YLatvyuNfcFNUZvtMCwRaP6W-BzNUVcefLTFpJLQy8:
      53. Connection refused
      54. To fix these errors, please make sure that your domain name was
      55. entered correctly and the DNS A/AAAA record(s) for that domain
      56. contain(s) the right IP address. Additionally, please check that
      57. your computer has a publicly routable IP address and that no
      58. firewalls are preventing the server from communicating with the
      59. client. If you're using the webroot plugin, you should also verify
      60. that you are serving files from the webroot path you provided.
      61. - Your account credentials have been saved in your Certbot
      62. configuration directory at /etc/letsencrypt. You should make a
      63. secure backup of this folder now. This configuration directory will
      64. also contain certificates and private keys obtained by Certbot so
      65. making regular backups of this folder is ideal.
      66. ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container
      Display All
      Images
      • 2018-10-09_093708.jpg

        80.73 kB, 779×672, viewed 58 times
      • 2018-10-09_095347.jpg

        79.74 kB, 648×646, viewed 52 times
      • 2018-10-09_095507.jpg

        74.14 kB, 648×668, viewed 54 times
      • 2018-10-09_095535.jpg

        46.53 kB, 674×393, viewed 50 times
      • 2018-10-09_101338.jpg

        72.82 kB, 651×639, viewed 48 times
      • 2018-10-09_102636.jpg

        79.77 kB, 646×695, viewed 51 times

      The post was edited 1 time, last by Nefertiti ().

    • Agricola wrote:

      Which brings me to the question of of this "Tomato" router you mentioned in the video. Your mention was the first I'd ever heard of such a thing. Are they easier to work with or what? I know this is probably a whole new topic, so you can skip that. My son has a spare Asus router that I am going to try to set up in place of this Apple router, and see if I can make any headway. Thanks for the video. It really is good. I'm just a bit dense and sheltered (at 62) in an Apple world all my life
      I almost thought you said "Thank you mulchly". I guess I was reading your tag.

      Nefertiti wrote:

      e strange thing when I go to modify letsencrypt container the port forwarding is empty although I keep putting in but it does not look to be saved.
      Where are you trying to put the ports to forward?
      Build, Learn, Create.

      How to Videos for OMV

      Post any questions to the forum, so others can benefit from your curiosity. :thumbsup:
    • TechnoDadLife wrote:

      Agricola wrote:

      Which brings me to the question of of this "Tomato" router you mentioned in the video. Your mention was the first I'd ever heard of such a thing. Are they easier to work with or what? I know this is probably a whole new topic, so you can skip that. My son has a spare Asus router that I am going to try to set up in place of this Apple router, and see if I can make any headway. Thanks for the video. It really is good. I'm just a bit dense and sheltered (at 62) in an Apple world all my life
      I almost thought you said "Thank you mulchly". I guess I was reading your tag.

      Nefertiti wrote:

      e strange thing when I go to modify letsencrypt container the port forwarding is empty although I keep putting in but it does not look to be saved.
      Where are you trying to put the ports to forward?
      Like I said in the lets encrypt container but it is not holding it

      The post was edited 1 time, last by Nefertiti ().

    • I do not know exactly what I did since modify the container did not work I decided to to delete the letsencrypt container and recreate it and now Success
      Now I am going to continue with this great guide.

      Brainfuck Source Code

      1. root@raspberrypi:~# docker logs -f letsencrypt
      2. [s6-init] making user provided files available at /var/run/s6/etc...exited 0.
      3. [s6-init] ensuring user provided files have correct perms...exited 0.
      4. [fix-attrs.d] applying ownership & permissions fixes...
      5. [fix-attrs.d] done.
      6. [cont-init.d] executing container initialization scripts...
      7. [cont-init.d] 10-adduser: executing...
      8. -------------------------------------
      9. _ ()
      10. | | ___ _ __
      11. | | / __| | | / \
      12. | | \__ \ | | | () |
      13. |_| |___/ |_| \__/
      14. Brought to you by linuxserver.io
      15. We gratefully accept donations at:
      16. https://www.linuxserver.io/donate/
      17. -------------------------------------
      18. GID/UID
      19. -------------------------------------
      20. User uid: 1000
      21. User gid: 100
      22. -------------------------------------
      23. [cont-init.d] 10-adduser: exited 0.
      24. [cont-init.d] 20-config: executing...
      25. [cont-init.d] 20-config: exited 0.
      26. [cont-init.d] 30-keygen: executing...
      27. using keys found in /config/keys
      28. [cont-init.d] 30-keygen: exited 0.
      29. [cont-init.d] 50-config: executing...
      30. Variables set:
      31. PUID=1000
      32. PGID=100
      33. TZ=America/Los_Angeles
      34. URL=duckdns.org
      35. SUBDOMAINS=lefouvolant
      36. EXTRA_DOMAINS=
      37. ONLY_SUBDOMAINS=true
      38. DHLEVEL=2048
      39. VALIDATION=http
      40. DNSPLUGIN=
      41. EMAIL=p.......@gmail.com
      42. STAGING=
      43. 2048 bit DH parameters present
      44. SUBDOMAINS entered, processing
      45. SUBDOMAINS entered, processing
      46. Only subdomains, no URL in cert
      47. Sub-domains processed are: -d lefouvolant.duckdns.org
      48. E-mail address entered: philglic@gmail.com
      49. http validation is selected
      50. Generating new certificate
      51. Saving debug log to /var/log/letsencrypt/letsencrypt.log
      52. Plugins selected: Authenticator standalone, Installer None
      53. Obtaining a new certificate
      54. Performing the following challenges:
      55. http-01 challenge for lefouvolant.duckdns.org
      56. Waiting for verification...
      57. Cleaning up challenges
      58. IMPORTANT NOTES:
      59. - Congratulations! Your certificate and chain have been saved at:
      60. /etc/letsencrypt/live/lefouvolant.duckdns.org/fullchain.pem
      61. Your key file has been saved at:
      62. /etc/letsencrypt/live/lefouvolant.duckdns.org/privkey.pem
      63. Your cert will expire on 2019-01-07. To obtain a new or tweaked
      64. version of this certificate in the future, simply run certbot
      65. again. To non-interactively renew *all* of your certificates, run
      66. "certbot renew"
      67. - If you like Certbot, please consider supporting our work by:
      68. Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
      69. Donating to EFF: https://eff.org/donate-le
      70. [cont-init.d] 50-config: exited 0.
      71. [cont-init.d] done.
      72. [services.d] starting services
      73. [services.d] done.
      74. Server ready
      Display All
    • TechnoDadLife wrote:

      I almost thought you said "Thank you mulchly". I guess I was reading your tag.
      That's funny.

      Well, the article on Airport Extreme was a wash. Thanks for the effort though. I have just about decided-based on the total lack of pertinent internet info-that an Airport Extreme is not able to do what "we" want. I have ordered a Netgear R7000 which should be here tomorrow.

      At the point in ssh where you enter "docker logs -f letsencrypt" you say in the video that this will take a while. I found it humorous that the print out down a bit says "This is going to take a long time". Just in front of that is the information "Generating DH parameters, 2048 bit long safe prime," which was nothing to me. My computer programmer son-in-law just happened to come by and see the text on the screen and "explained" what that meant. The process taking sooo long is that it is generating a "long safe prime" number that is 2048 bits, which he said amounts to some kind of prime number that is around 600 decimal places long. That is why it takes so long to finish. I found that useless but fascinating.


      The down side of the story is that at the end of the "long time" I get the notice "Error getting validation data" with a list of possible solutions. Obviously almost all of it was router related. I figure what the heck and ordered the Netgear router (which is open source supported). I also found this article on upgrading the firmware with Tomato. Can you take a quick look at it and see if it is good info or should I just proceed with setting up the new router as is out of the box? I know it's not required to get Let's Encrypt up and running, but I'm just so curious to see why someone would risk bricking a router.
      Retired. Love to garden and mess with computers. The more I mess with both the less I know about either.
      OMV 4.1.14-1, Odroid hc2 w/ 4TB WD Blue.
    • I do not know exactly what I did since modify the container did not work I decided to to delete the letsencrypt container and recreate it and now Success
      Now I am going to continue with this great guide.


      Brainfuck Source Code

      1. root@raspberrypi:~# docker logs -f letsencrypt
      2. [s6-init] making user provided files available at /var/run/s6/etc...exited 0.
      3. [s6-init] ensuring user provided files have correct perms...exited 0.
      4. [fix-attrs.d] applying ownership & permissions fixes...
      5. [fix-attrs.d] done.
      6. [cont-init.d] executing container initialization scripts...
      7. [cont-init.d] 10-adduser: executing...
      8. -------------------------------------
      9. _ ()
      10. | | ___ _ __
      11. | | / __| | | / \
      12. | | \__ \ | | | () |
      13. |_| |___/ |_| \__/
      14. Brought to you by linuxserver.io
      15. We gratefully accept donations at:
      16. https://www.linuxserver.io/donate/
      17. -------------------------------------
      18. GID/UID
      19. -------------------------------------
      20. User uid: 1000
      21. User gid: 100
      22. -------------------------------------
      23. [cont-init.d] 10-adduser: exited 0.
      24. [cont-init.d] 20-config: executing...
      25. [cont-init.d] 20-config: exited 0.
      26. [cont-init.d] 30-keygen: executing...
      27. using keys found in /config/keys
      28. [cont-init.d] 30-keygen: exited 0.
      29. [cont-init.d] 50-config: executing...
      30. Variables set:
      31. PUID=1000
      32. PGID=100
      33. TZ=America/Los_Angeles
      34. URL=duckdns.org
      35. SUBDOMAINS=lefouvolant
      36. EXTRA_DOMAINS=
      37. ONLY_SUBDOMAINS=true
      38. DHLEVEL=2048
      39. VALIDATION=http
      40. DNSPLUGIN=
      41. EMAIL=p.......@gmail.com
      42. STAGING=
      43. 2048 bit DH parameters present
      44. SUBDOMAINS entered, processing
      45. SUBDOMAINS entered, processing
      46. Only subdomains, no URL in cert
      47. Sub-domains processed are: -d lefouvolant.duckdns.org
      48. E-mail address entered: philglic@gmail.com
      49. http validation is selected
      50. Generating new certificate
      51. Saving debug log to /var/log/letsencrypt/letsencrypt.log
      52. Plugins selected: Authenticator standalone, Installer None
      53. Obtaining a new certificate
      54. Performing the following challenges:
      55. http-01 challenge for lefouvolant.duckdns.org
      56. Waiting for verification...
      57. Cleaning up challenges
      58. IMPORTANT NOTES:
      59. - Congratulations! Your certificate and chain have been saved at:
      60. /etc/letsencrypt/live/lefouvolant.duckdns.org/fullchain.pem
      61. Your key file has been saved at:
      62. /etc/letsencrypt/live/lefouvolant.duckdns.org/privkey.pem
      63. Your cert will expire on 2019-01-07. To obtain a new or tweaked
      64. version of this certificate in the future, simply run certbot
      65. again. To non-interactively renew *all* of your certificates, run
      66. "certbot renew"
      67. - If you like Certbot, please consider supporting our work by:
      68. Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
      69. Donating to EFF: https://eff.org/donate-le
      70. [cont-init.d] 50-config: exited 0.
      71. [cont-init.d] done.
      72. [services.d] starting services
      73. [services.d] done.
      74. Server ready
      Display All
      UPDATE
      I guess I claimed Victory too early although I modified the two PHP Files I cannot get to nextcloud remotely lefouvolant.duckdns.org/ or locally https://192.168.2.150:443
      GRRRRR!!!!!!!@#$%^&^*(
      Files
      • Error Log.zip

        (13.99 kB, downloaded 36 times, last: )

      The post was edited 1 time, last by Nefertiti ().

    • Agricola wrote:

      The down side of the story is that at the end of the "long time" I get the notice "Error getting validation data" with a list of possible solutions. Obviously almost all of it was router related. I figure what the heck and ordered the Netgear router (which is open source supported). I also found this article on upgrading the firmware with Tomato. Can you take a quick look at it and see if it is good info or should I just proceed with setting up the new router as is out of the box? I know it's not required to get Let's Encrypt up and running, but I'm just so curious to see why someone would risk bricking a router.
      You don't have to upgrade your router. Upgrading your router just gives you features that can be found on professional routers. Don't try to upgrade your router if you are worried about bricking it.
      Build, Learn, Create.

      How to Videos for OMV

      Post any questions to the forum, so others can benefit from your curiosity. :thumbsup:
    • Way back at the first install video of OMB you create a "Downloads" folder, but never use it in the setups for Nextcloud or Let's Encrypt. I am needing that folder name in Syncthing for backing up/syncing folders on my two computers. Is there any reason I cannot do so?

      On the router issue, I probably will not turn it into a vegetable just yet. Right now I am wrestling with starting over with OMV. My previous install was on a 16gb card and when I started syncing my computers for the first time yesterday the second partition of OMB system volume went to 93% and Syncthing shut down. I'm not sure if it was the small card or having dangling participles with a half-installed Let's Encrypt. Not having a proper backup (I thought I did) I decided to start over with a fresh 32gb card. I'm still learning how to create a disk image backup and I guess I missed a step a couple of days ago. All for the best. "Repetitio mater studiorum." Thanks for the help.
      Retired. Love to garden and mess with computers. The more I mess with both the less I know about either.
      OMV 4.1.14-1, Odroid hc2 w/ 4TB WD Blue.

    • Agricola wrote:

      Way back at the first install video of OMB you create a "Downloads" folder, but never use it in the setups for Nextcloud or Let's Encrypt. I am needing that folder name in Syncthing for backing up/syncing folders on my two computers. Is there any reason I cannot do so?

      On the router issue, I probably will not turn it into a vegetable just yet. Right now I am wrestling with starting over with OMV. My previous install was on a 16gb card and when I started syncing my computers for the first time yesterday the second partition of OMB system volume went to 93% and Syncthing shut down. I'm not sure if it was the small card or having dangling participles with a half-installed Let's Encrypt. Not having a proper backup (I thought I did) I decided to start over with a fresh 32gb card. I'm still learning how to create a disk image backup and I guess I missed a step a couple of days ago. All for the best. "Repetitio mater studiorum." Thanks for the help.
      You should use an external hard drive with your Raspberry pi. You don't want to be copying thing t the SD card, other wise you will shorten its life.
      Build, Learn, Create.

      How to Videos for OMV

      Post any questions to the forum, so others can benefit from your curiosity. :thumbsup:
    • Nefertiti wrote:

      Would you be kind enough to look At my config. files since I am sure I am typing according to your guide but this not working, Maybe you can spot the error.
      This says you have an error in your let'sencrypt container. Why don't you post pictures of those.
      Build, Learn, Create.

      How to Videos for OMV

      Post any questions to the forum, so others can benefit from your curiosity. :thumbsup:
    • TechnoDadLife wrote:

      You should use an external hard drive with your Raspberry pi. You don't want to be copying thing t the SD card, other wise you will shorten its life.
      I have a brand new 4TB Western Digital connected via powered USB. It probably doesn't make much difference but I'm running an Odroid UX4. I know there is a lot of negative on the UX4 but everything has loaded up nicely and performed perfectly, until I actually started to implement a serious backup. I did a fresh install this morning on a brand new 32GB A1 SanDisk and the same thing happened a couple hours ago.
      Retired. Love to garden and mess with computers. The more I mess with both the less I know about either.
      OMV 4.1.14-1, Odroid hc2 w/ 4TB WD Blue.
    • TechnoDadLife wrote:

      Nefertiti wrote:

      Would you be kind enough to look At my config. files since I am sure I am typing according to your guide but this not working, Maybe you can spot the error.
      This says you have an error in your let'sencrypt container. Why don't you post pictures of those.
      Here you go thank you for looking at them.
      I am getting this in log nginx: [emerg] "proxy_max_temp_file_size" directive invalid value in /config/nginx/proxy-confs/nextcloud.subdomain.conf:28 but /nextcloud.subdomain.conf looks ok to me!
      Images
      • 2018-10-10_120746.jpg

        67.99 kB, 548×627, viewed 44 times
      • 2018-10-10_120820.jpg

        66.02 kB, 529×619, viewed 41 times
      • 2018-10-10_120954.jpg

        72.7 kB, 584×590, viewed 42 times

      The post was edited 1 time, last by Nefertiti ().

    • I look at this /nextcloud.subdomain.conf
      # make sure that your dns has a cname set for nextcloud
      # assuming this container is called "letsencrypt", edit your nextcloud container's config
      # located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
      # 'trusted_proxies' => ['letsencrypt'],
      # 'overwrite.cli.url' => 'https://nextcloud.your-domain.com/',
      # 'overwritehost' => 'nextcloud.your-domain.com',
      # 'overwriteprotocol' => 'https',
      #
      # Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
      # array (
      # 0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
      # 1 => 'nextcloud.your-domain.com',
      # ),
      and I noticed in youtube comment at the end somebody (martin Farias in the replies of Brad conicello was using this method with success but honestly I got no clou about the pro and con to connect this way or no just trying to find a solution I guess I am getting obsessed!