Nextcloud OIDC integration
-
@jdaviescoates No,I use AWS, and I am aware about proxy thing, as I point out that I already use this Cloudron as central user directory LDAP server for other servers outside my Cloudron
I take a look the discussion, and it seems it does not resolve
-
PS it would've been nice if when adding this you'd also updated the manifest to use the branding on the button too
Like e.g. you've already done on e.g. PeerTube:
@jdaviescoates the plugin doesn't support setting the button name unfortunately. we have to raise issues for these upstream. For example, in the OIDC settings dialog which you posted earlier, you can see that the name comes from the provider type and there is no explicit label configuration. If you open a bug report upstream, please link here.
-
@firmansi Wanted to extend my invitation in the other thread to you too. If you can reach out to support@cloudron.io and we can debug your install as to why we get this error, it will be great.
@joseph At this moment, this issue not really bugging us since we still able to use Nextcloud as well as User Directory in production scenario without any problem, but yes I will write email to support later on.
One thing that really bugging me, even I know it's possible or not, I clearly remember that the first time we set up Nextcloud then the user management is set to be managed through Cloudron, and till today, we never create new user within Nextcloud User Management.
If I am not mistaken, this issue happened when we upgraded from NC 7 to 8 quite a long time ago
-
@joseph I have tried to test the openid server with curl https://my.domain.com/.well-known/openid-configuration from the Nextcloud terminal, and it didnt give any response I have upgraded to the latest Cloudron 8.2.3
I also try to install new cloudron server with new NC just for testing, and it gives response with curl https://my.domain.com/.well-known/openid-configuration
-
@jdaviescoates the plugin doesn't support setting the button name unfortunately. we have to raise issues for these upstream. For example, in the OIDC settings dialog which you posted earlier, you can see that the name comes from the provider type and there is no explicit label configuration. If you open a bug report upstream, please link here.
@girish said in Nextcloud OIDC integration:
For example, in the OIDC settings dialog which you posted earlier, you can see that the name comes from the provider type and there is no explicit label configuration. If you open a bug report upstream, please link here.
Aha, I see. I think I will report this upstream.
Are you able to share what the missing OIDC field name/ value is actually called that e.g. the PeerTube OIDC plugin is picking up but the Nextcloud one isn't? Thanks!
-
Just checked the logs (they are absolutely full):
LocalServerException Host "127.0.1.1" (my.tld.onl:80) violates local access rules Could not reach the provider at URL https://my.tld.onl/openid/.well-known/openid-configuration -
Just checked the logs (they are absolutely full):
LocalServerException Host "127.0.1.1" (my.tld.onl:80) violates local access rules Could not reach the provider at URL https://my.tld.onl/openid/.well-known/openid-configuration@andreasdueren said in Nextcloud OIDC integration:
From the terminal,
curl https://my.tld.onl/openid/.well-known/openid-configurationworks but setting up a separate openID provider (or changing the pre-setup one) will result in this error:
-
@andreasdueren said in Nextcloud OIDC integration:
From the terminal,
curl https://my.tld.onl/openid/.well-known/openid-configurationworks but setting up a separate openID provider (or changing the pre-setup one) will result in this error:@andreasdueren Not that adding 127.0.1.1 to the proxies did the trick but rebooting the app will reset this section in the config file.
-
Do you have any nextcloud extension or other configs, which might have a blocklist or other security features added? If curl works, this must be some nextcloud code blocking the outgoing request?
@nebulon Unlikely but I can check. This is a pretty fresh installation without any users or data. Don't remember setting anything up
Edit: these are the installed apps now (I disabled a bunch but they were all standard apps)
-
@andreasdueren Not that adding 127.0.1.1 to the proxies did the trick but rebooting the app will reset this section in the config file.
@andreasdueren said in Nextcloud OIDC integration:
@andreasdueren Not that adding 127.0.1.1 to the proxies did the trick but rebooting the app will reset this section in the config file.
What proxy are you referring to here?
-
@andreasdueren said in Nextcloud OIDC integration:
@andreasdueren Not that adding 127.0.1.1 to the proxies did the trick but rebooting the app will reset this section in the config file.
What proxy are you referring to here?
@Joseph In the config file:
'trusted_proxies' => array ( 0 => '172.18.0.1', ), -
Just checked the logs (they are absolutely full):
LocalServerException Host "127.0.1.1" (my.tld.onl:80) violates local access rules Could not reach the provider at URL https://my.tld.onl/openid/.well-known/openid-configuration@andreasdueren said in Nextcloud OIDC integration:
Just checked the logs (they are absolutely full):
LocalServerException Host "127.0.1.1" (my.tld.onl:80) violates local access rules Could not reach the provider at URL https://my.tld.onl/openid/.well-known/openid-configuration@joseph said in Nextcloud OIDC integration:
@andreasdueren can you tell me what made you add
127.0.1.1? Not sure what that IP isThe console complained about it
-
@Joseph So this is weird. Even a fresh install of NC in a new, clean Cloudron is throwing the same error. Any idea why that would be?
-
Did you apply any extra configs to Nextcloud? It is still unclear to me who prints this
LocalServerExceptionand why Nextcloud would refuse to connect to that endpoint. Have you looked in the Nextcloud forum/issue tracker about this?Given that you mentioned, that curl to that endpoint from within the nextcloud container works fine, it is somethign within Nextcloud it seems.
-
Did you apply any extra configs to Nextcloud? It is still unclear to me who prints this
LocalServerExceptionand why Nextcloud would refuse to connect to that endpoint. Have you looked in the Nextcloud forum/issue tracker about this?Given that you mentioned, that curl to that endpoint from within the nextcloud container works fine, it is somethign within Nextcloud it seems.
@nebulon Nope, new Nextcloud, not even logged in yet
-
Best to reach out at support@cloudron.io , it seems hard to debug . Atleast, fresh instances on all our servers and demo instances seem to work fine.
@Joseph Is this something you're interested in debugging? Otherwise I'll just wipe the machine and install fresh
