Nextcloud OIDC integration
-
Yeah something is inconsistent then. You can just verify the LDAP extension settings as an admin within Nextcloud to see what is happening.
-
I meant to check if your Nextcloud is actually using Cloudron usermanagement or not, since your statements are contradicting between LDAP and dashboard visibility. You can also run
env | grep LDAPin the webterminal into that nextcloud app instance. If you see LDAP related environment variables, it means you are using Cloudron usermanagement. -
This is only an installation choice, so if you have installed it without, you would have to install a fresh Nextcloud and import the data for each user. You can also try importing the current app's backup into a new installation with the import app backup feature (in the Backups view).
-
Just for input, there might be some like me using Nextcloud in cloudron who don't use Cloudron User Management from the beginning, I think for the next update, still give space to those like mine because last time I did the latest update, I can't login with user credential set up in User Directory Cloudron, only with admin credential
-
@nebulon By the way I have tried with new fresh installation, but always said Could not update the provider: The discovery endpoint is not reachable.
in Nextcloud. My current cofiguration for User Directory is with LDAP Server activated already -
If the app is installed without Cloudron usermanagement, and update will not touch upon the authentication settings, so there is no change for those, the package code simply does not change anything related to users in such a case. So I can't imagine how this has affected your instance.
Also I can't quite make out what you mean with LDAP Server activated already in this context. On Cloudron the LDAP server is always active for apps, but not every app will be setup to use it.
-
@nebulon By the way I have tried with new fresh installation, but always said Could not update the provider: The discovery endpoint is not reachable.
in Nextcloud. My current cofiguration for User Directory is with LDAP Server activated already@firmansi said in Nextcloud OIDC integration:
My current cofiguration for User Directory is with LDAP Server activated already
Note: This LDAP server is for apps external to Cloudron. This is not needed to be enabled for apps installed in Cloudron itself.
-
@nebulon Thanks for the info, but I also set up in the same Cloudron server, fresh Nexcloud Installation, but I experience error connecting to openID with message "Could not update the provider: The discovery endpoint is not reachable.
in Nextcloud" , please let me know what i need to check in the Cloudron regarding to that error message -
@nebulon Thanks for the info, but I also set up in the same Cloudron server, fresh Nexcloud Installation, but I experience error connecting to openID with message "Could not update the provider: The discovery endpoint is not reachable.
in Nextcloud" , please let me know what i need to check in the Cloudron regarding to that error message@firmansi @andreasdueren has also hit that issue, see https://forum.cloudron.io/post/100656
Works fine for me. Are you using Cloudflare, or on a home network or something?
-
@firmansi @andreasdueren has also hit that issue, see https://forum.cloudron.io/post/100656
Works fine for me. Are you using Cloudflare, or on a home network or something?
@jdaviescoates No,I use AWS, and I am aware about proxy thing, as I point out that I already use this Cloudron as central user directory LDAP server for other servers outside my Cloudron
I take a look the discussion, and it seems it does not resolve
-
@jdaviescoates No,I use AWS, and I am aware about proxy thing, as I point out that I already use this Cloudron as central user directory LDAP server for other servers outside my Cloudron
I take a look the discussion, and it seems it does not resolve
-
PS it would've been nice if when adding this you'd also updated the manifest to use the branding on the button too
Like e.g. you've already done on e.g. PeerTube:
@jdaviescoates the plugin doesn't support setting the button name unfortunately. we have to raise issues for these upstream. For example, in the OIDC settings dialog which you posted earlier, you can see that the name comes from the provider type and there is no explicit label configuration. If you open a bug report upstream, please link here.
-
@firmansi Wanted to extend my invitation in the other thread to you too. If you can reach out to support@cloudron.io and we can debug your install as to why we get this error, it will be great.
@joseph At this moment, this issue not really bugging us since we still able to use Nextcloud as well as User Directory in production scenario without any problem, but yes I will write email to support later on.
One thing that really bugging me, even I know it's possible or not, I clearly remember that the first time we set up Nextcloud then the user management is set to be managed through Cloudron, and till today, we never create new user within Nextcloud User Management.
If I am not mistaken, this issue happened when we upgraded from NC 7 to 8 quite a long time ago
-
@joseph I have tried to test the openid server with curl https://my.domain.com/.well-known/openid-configuration from the Nextcloud terminal, and it didnt give any response I have upgraded to the latest Cloudron 8.2.3
I also try to install new cloudron server with new NC just for testing, and it gives response with curl https://my.domain.com/.well-known/openid-configuration
-
@jdaviescoates the plugin doesn't support setting the button name unfortunately. we have to raise issues for these upstream. For example, in the OIDC settings dialog which you posted earlier, you can see that the name comes from the provider type and there is no explicit label configuration. If you open a bug report upstream, please link here.
@girish said in Nextcloud OIDC integration:
For example, in the OIDC settings dialog which you posted earlier, you can see that the name comes from the provider type and there is no explicit label configuration. If you open a bug report upstream, please link here.
Aha, I see. I think I will report this upstream.
Are you able to share what the missing OIDC field name/ value is actually called that e.g. the PeerTube OIDC plugin is picking up but the Nextcloud one isn't? Thanks!
-
Just checked the logs (they are absolutely full):
LocalServerException Host "127.0.1.1" (my.tld.onl:80) violates local access rules Could not reach the provider at URL https://my.tld.onl/openid/.well-known/openid-configuration
