Nextcloud OIDC integration
-
-
If the app is installed without Cloudron usermanagement, and update will not touch upon the authentication settings, so there is no change for those, the package code simply does not change anything related to users in such a case. So I can't imagine how this has affected your instance.
Also I can't quite make out what you mean with LDAP Server activated already in this context. On Cloudron the LDAP server is always active for apps, but not every app will be setup to use it.
-
@firmansi said in Nextcloud OIDC integration:
My current cofiguration for User Directory is with LDAP Server activated already
Note: This LDAP server is for apps external to Cloudron. This is not needed to be enabled for apps installed in Cloudron itself.
-
@nebulon Thanks for the info, but I also set up in the same Cloudron server, fresh Nexcloud Installation, but I experience error connecting to openID with message "Could not update the provider: The discovery endpoint is not reachable.
in Nextcloud" , please let me know what i need to check in the Cloudron regarding to that error message -
@firmansi @andreasdueren has also hit that issue, see https://forum.cloudron.io/post/100656
Works fine for me. Are you using Cloudflare, or on a home network or something?
-
@jdaviescoates No,I use AWS, and I am aware about proxy thing, as I point out that I already use this Cloudron as central user directory LDAP server for other servers outside my Cloudron
I take a look the discussion, and it seems it does not resolve
-
@jdaviescoates the plugin doesn't support setting the button name unfortunately. we have to raise issues for these upstream. For example, in the OIDC settings dialog which you posted earlier, you can see that the name comes from the provider type and there is no explicit label configuration. If you open a bug report upstream, please link here.
-
@joseph At this moment, this issue not really bugging us since we still able to use Nextcloud as well as User Directory in production scenario without any problem, but yes I will write email to support later on.
One thing that really bugging me, even I know it's possible or not, I clearly remember that the first time we set up Nextcloud then the user management is set to be managed through Cloudron, and till today, we never create new user within Nextcloud User Management.
If I am not mistaken, this issue happened when we upgraded from NC 7 to 8 quite a long time ago
-
@joseph I have tried to test the openid server with curl https://my.domain.com/.well-known/openid-configuration from the Nextcloud terminal, and it didnt give any response I have upgraded to the latest Cloudron 8.2.3
I also try to install new cloudron server with new NC just for testing, and it gives response with curl https://my.domain.com/.well-known/openid-configuration
-
@girish said in Nextcloud OIDC integration:
For example, in the OIDC settings dialog which you posted earlier, you can see that the name comes from the provider type and there is no explicit label configuration. If you open a bug report upstream, please link here.
Aha, I see. I think I will report this upstream.
Are you able to share what the missing OIDC field name/ value is actually called that e.g. the PeerTube OIDC plugin is picking up but the Nextcloud one isn't? Thanks!
-
Just checked the logs (they are absolutely full):
LocalServerException Host "127.0.1.1" (my.tld.onl:80) violates local access rules Could not reach the provider at URL https://my.tld.onl/openid/.well-known/openid-configuration -
@andreasdueren said in Nextcloud OIDC integration:
From the terminal,
curl https://my.tld.onl/openid/.well-known/openid-configurationworks but setting up a separate openID provider (or changing the pre-setup one) will result in this error:
-
@andreasdueren Not that adding 127.0.1.1 to the proxies did the trick but rebooting the app will reset this section in the config file.
