Cannot login anymore after switch to OIDC in latest update
-
@Jan-Macenka Cloudron uses a DNS server called unbound internally. See https://docs.cloudron.io/networking/#private-dns . All the DNS queries go via unbound, so you have to maybe fix up unbound based on your setup (instead of editing /etc/hosts which won't solve it for apps that use DNS).
@girish and @nebulon thanks a lot (as always, I really love the amount of support you provide!)
Effectively everything was already documented here, and I just had to connect the dots.
What worked for me:
- Login to the Cloudron-Server via SSH
- Create this file
sudo touch /etc/unbound/unbound.conf.d/cloudron-local.conf - Edit the file with this content
sudo nano /etc/unbound/unbound.conf.d/cloudron-local.conf:
server: # Local zone definitions local-zone: "<YOUR_DOMAIN_HERE>." typetransparent local-data: "<YOUR_SUB_DOMAIN_HERE>.<YOUR_DOMAIN_HERE>. IN A <YOUR_STATIC_IP_HERE>"so for example:
server: # Local zone definitions local-zone: "example.com." typetransparent local-data: "my.example.com. IN A 10.10.0.3"- Reboot the system
This should hopefully also fix this for other Apps that need to resolve this.
UPDATE: Damn... this fixed the immediate issue but after some more dabbling, I found that this had some side-effects where other Apps seem to have trouble connecting properly... Will work on this some more and update you if I find a workable solution.
-
@girish and @nebulon thanks a lot (as always, I really love the amount of support you provide!)
Effectively everything was already documented here, and I just had to connect the dots.
What worked for me:
- Login to the Cloudron-Server via SSH
- Create this file
sudo touch /etc/unbound/unbound.conf.d/cloudron-local.conf - Edit the file with this content
sudo nano /etc/unbound/unbound.conf.d/cloudron-local.conf:
server: # Local zone definitions local-zone: "<YOUR_DOMAIN_HERE>." typetransparent local-data: "<YOUR_SUB_DOMAIN_HERE>.<YOUR_DOMAIN_HERE>. IN A <YOUR_STATIC_IP_HERE>"so for example:
server: # Local zone definitions local-zone: "example.com." typetransparent local-data: "my.example.com. IN A 10.10.0.3"- Reboot the system
This should hopefully also fix this for other Apps that need to resolve this.
UPDATE: Damn... this fixed the immediate issue but after some more dabbling, I found that this had some side-effects where other Apps seem to have trouble connecting properly... Will work on this some more and update you if I find a workable solution.
@Jan-Macenka said in Cannot login anymore after switch to OIDC in latest update:
UPDATE: Damn... this fixed the immediate issue but after some more dabbling, I found that this had some side-effects where other Apps seem to have trouble connecting properly... Will work on this some more and update you if I find a workable solution.
Can you explain this a bit more? What other apps have problems? Maybe you just have them too to local-data ?
-
@Jan-Macenka said in Cannot login anymore after switch to OIDC in latest update:
UPDATE: Damn... this fixed the immediate issue but after some more dabbling, I found that this had some side-effects where other Apps seem to have trouble connecting properly... Will work on this some more and update you if I find a workable solution.
Can you explain this a bit more? What other apps have problems? Maybe you just have them too to local-data ?
@girish when trying to use Roundcube (Email), it states that "Verbindung zum Speicherserver fehlgeschlagen" (Connection to storage server failed). Also when I try to go to Cloudron-Web-UI > Settings > Email, I always get a re-direct to the
/#/appspath.
I disabled the
/etc/unbound/unbound.conf.d/cloudron-local.conffile but same result.Any advise where to debug this?
-
@girish when trying to use Roundcube (Email), it states that "Verbindung zum Speicherserver fehlgeschlagen" (Connection to storage server failed). Also when I try to go to Cloudron-Web-UI > Settings > Email, I always get a re-direct to the
/#/appspath.I disabled the
/etc/unbound/unbound.conf.d/cloudron-local.conffile but same result.Any advise where to debug this?
-
@Jan-Macenka OK, so this fails regardless of the unbound configuration . Have you enabled Cloudron email in the first place? On a side note, it's quite unlikely that running Email from an internal network (and no hairpinning) will work.
@girish answered you in direct chat. If we have results that are of public interest, we can publish it here afterwards
-
@girish and @nebulon thanks a lot (as always, I really love the amount of support you provide!)
Effectively everything was already documented here, and I just had to connect the dots.
What worked for me:
- Login to the Cloudron-Server via SSH
- Create this file
sudo touch /etc/unbound/unbound.conf.d/cloudron-local.conf - Edit the file with this content
sudo nano /etc/unbound/unbound.conf.d/cloudron-local.conf:
server: # Local zone definitions local-zone: "<YOUR_DOMAIN_HERE>." typetransparent local-data: "<YOUR_SUB_DOMAIN_HERE>.<YOUR_DOMAIN_HERE>. IN A <YOUR_STATIC_IP_HERE>"so for example:
server: # Local zone definitions local-zone: "example.com." typetransparent local-data: "my.example.com. IN A 10.10.0.3"- Reboot the system
This should hopefully also fix this for other Apps that need to resolve this.
UPDATE: Damn... this fixed the immediate issue but after some more dabbling, I found that this had some side-effects where other Apps seem to have trouble connecting properly... Will work on this some more and update you if I find a workable solution.
Ok, after same more debugging with @girish it turned out that this solution works as intended.
My Email-Services stopped working which was due to a change in local name resolution. Restarting the Email-Server and updating some configurations in my Firewall solved the issue.
-
J Jan Macenka referenced this topic on
