SOLVED Nextcloud plugin broken after update

Prezu

Cadet
Joined
Jul 13, 2021
Messages
4
I have a Nextcloud plugin running in my TrueNAS Core instance on my TrueNAS Mini. About an hour ago I updated the plugin and it just stopped working. I have no idea what happened, but when I go to its address in the browser:

it redirects me to

which is my TrueNAS' UI. I have no idea what that is happening. I tried to fix it by rolling back the plugin's datasets to right before the update. In my case the 2 datasets are MainPool/iocage/jails/nextcloud-new/root and MainPool/iocage/jails/nextcloud-new. That didn't change a thing. So now I'm suspecting something got broken on my host? The TrueNAS itself? I don't know FreeBSD and thus I don't even know where to look. When I click thru TrueNAS' UI, in the Jails section I see that the networking is still set as it was when I installed the plugin few months back (which is NAT Port Forwarding and the port 8283 on the host is forwarded to port 80 in the Jail).

Would someone, please, suggest what I might try doing to debug and fix the issue?
 

Samuel Tai

Never underestimate your own stupidity
Moderator
Joined
Apr 24, 2020
Messages
5,398
 

Prezu

Cadet
Joined
Jul 13, 2021
Messages
4
Just for the sake of experimentation, I added second port forward -- from 8888 to 80. So now I have 2 very similar ones:
Nextcloud_Jail_networking.png


The second one: 8888 -- in other words URL: http://192.168.20.7:8888 -- works correctly. But 8283 isn't. So looks like it's a problem with the host (TrueNAS Core) system. Not the Jail itself. Does anyone have any idea, what might be wrong? Where could I look further to drill down to the underlying issue?
 

Prezu

Cadet
Joined
Jul 13, 2021
Messages
4
Hi Samuel. Thanks for the reply, but the thread you linked doesn't seem to be related. I'm not trying to access my nextcloud over SSL (https://). I'm accessing it over unencrypted HTTP (http://). Providing whatever port is configured to be NATed to destination port 80 inside the Jail. Oddly, the original port, I've set during installation of the plugin (8083) is NOT being rediredted. But the 2nd one I added just for experimentation (8888) does work as expected.
 

Prezu

Cadet
Joined
Jul 13, 2021
Messages
4
Alright, I figured it out. It was related to SSL, but not in a way that the thread lined above was. In my case I have been connecting to my Nextcloud thru http:// from a VM running on my TrueNAS bhyve. The VM is hosting a reverse proxy over https:// with a Let's Encrypt certificate. Anyway, when debugging why my rev proxy lost access to my Nextcloud, I noticed that weird problem described above. I, just like the rev proxy, wasn't able to talk to my Nextcloud's http://.. endpoint from my browser.

After digging more, I realized that recent update of the plugin actually demands connecting thru https:// to the Nextcloud. So I had to manually add a new port mapping to my jail -- like in my screenshot above, but directing it to port 443 instead and switch to using https:// instead.

Sad thing about it is communication -- I had to dig that out from Plugin's GitHub page:

It's in the README above. That's sad, should've been communicated more clearly thru a plugin update UI, or something like that -- something immediatelly visible to the admin of the TrueNAS box.

The other thing that is not great is that in order to use Let's Encrypt integration baked into the plugin you have to have the plugin set up in non-NAT fashion. If you -- like me -- have installed Nextcloud with NAT, you're out of luck -- that is something you cannot change without reinstalling the plugin from scratch. So I wasn't able to take advantage of it. Fortunately I was able to dance a little bit with my rev proxy's config and I was able to simply rewire it from the destination endpoint http://... to https://... with no pain.
 
Top