OAuth Connection With Nextcloud Not Working
-
Hi everyone,
I was trying to connect n8n with nextcloud , hosted on the same VM as n8n itself.
I'm forwarding both port 443 & 80 to this VM.When trying to fulfill the last step of the OAuth Verification there is an error on the last step, probably coming from a forwarding issue.
{"code":0,"message":"Unable to connect to xx.xx.xx:443","hint":"","stack":"ConnectionError: Unable to connect to xx.xx.xx:443\n at TLSSocket.onErrorThere were no issues connecting the Nextcloud Cloudron Instance with the n8n Desktop App, so I assume this issue is soley based on some forwarding problem within cloudron/nginx.
If anyone has an idea how solve this, please let me know
-
Since Hairpin NAT was kind of a pain in the a** to set up, I decided to go for DNS route in the end.
The following solution made it possible to connect to the domains/containers that are hosted on the same machine.-
Create a file in the /etc/unbound/unbound.conf.d/ directory e.g. randomfilename.conf
-
Add a line for every domain that you want to resolve internally with the internal VM IP (e.g. 192.168.1.1)
server: local-data: "domain1.xx.com. IN A INTERNAL_VM_IP" local-data: "domain2.xx.com. IN A INTERNAL_VM_IP" local-data: "domain3.xx.com. IN A INTERNAL_VM_IP"- Restart Unbound DNS Server via "systemctl restart unbound"
Hopefully this helps someone who runs into the same problem.
@girish Thanks for your help! -
-
Hi everyone,
I was trying to connect n8n with nextcloud , hosted on the same VM as n8n itself.
I'm forwarding both port 443 & 80 to this VM.When trying to fulfill the last step of the OAuth Verification there is an error on the last step, probably coming from a forwarding issue.
{"code":0,"message":"Unable to connect to xx.xx.xx:443","hint":"","stack":"ConnectionError: Unable to connect to xx.xx.xx:443\n at TLSSocket.onErrorThere were no issues connecting the Nextcloud Cloudron Instance with the n8n Desktop App, so I assume this issue is soley based on some forwarding problem within cloudron/nginx.
If anyone has an idea how solve this, please let me know
-
@mabaker try a
curl https://xxxxfrom a Web terminal of n8n and see if that works. -
Thanks for the quick reply!
Result of curl: Connection refused. This happens with all apps and terminals.
No App and Terminal is able to connect via curl to another domain hosted on the same machine.
-
@mabaker Are you hosting in an internal network / home? If so, this has to do with lack of hairpin routing most likely.
@girish That indeed seems to be the issue which I'm currently trying to solve somehow via IPTables. Unbound is running. I'm NATing the VMs on this machine.
I could find some resources on "Split-DNS" but I'm not sure if this is possible with the current unbound / nginx setup.
If you happen to have any other workarounds to solve this, please let me know.
-
@girish That indeed seems to be the issue which I'm currently trying to solve somehow via IPTables. Unbound is running. I'm NATing the VMs on this machine.
I could find some resources on "Split-DNS" but I'm not sure if this is possible with the current unbound / nginx setup.
If you happen to have any other workarounds to solve this, please let me know.
@mabaker With no hairpin routing, you have to set it up so that the DNS resolves to the local VM IP for all queries from inside your private network. i.e
n8n.domain.comshould resolve to the internal VM IP when queried from inside your LAN but should be your external IP when queried from outside.Does your router allow adding DNS entries or do you use a custom DNS server internally? If so, the idea would be to configure unbound to forward all DNS to your router and the router simply responds with internal IP.
-
@mabaker With no hairpin routing, you have to set it up so that the DNS resolves to the local VM IP for all queries from inside your private network. i.e
n8n.domain.comshould resolve to the internal VM IP when queried from inside your LAN but should be your external IP when queried from outside.Does your router allow adding DNS entries or do you use a custom DNS server internally? If so, the idea would be to configure unbound to forward all DNS to your router and the router simply responds with internal IP.
@girish Understood. Proxmox is acting as a router via internal IPTables.
I'm going to give this config a go and see if it works, before I try fiddling around with DNS settings
# Internet $IPTABLES -t nat -A PREROUTING -i $INTERNET_IF -p tcp -m tcp --dport 80 -j DNAT --to-destination $WEB_SERVER1:80 $IPTABLES -t nat -A PREROUTING -i $INTERNET_IF -p tcp -m tcp --dport 443 -j DNAT --to-destination $WEB_SERVER1:443 # VMNET - specify dest otherwise all traffic is redirected to this VM which we don't want $IPTABLES -t nat -A PREROUTING -i $INTRANET_IF -d $PUBLIC_IP -p tcp -m tcp --dport 80 -j DNAT --to-destination $WEB_SERVER1:80 $IPTABLES -t nat -A PREROUTING -i $INTRANET_IF -d $PUBLIC_IP -p tcp -m tcp --dport 443 -j DNAT --to-destination $WEB_SERVER1:443 # Host $IPTABLES -t nat -A OUTPUT -d $PUBLIC_IP -p tcp -m tcp --dport 80 -j DNAT --to-destination $WEB_SERVER1:80 $IPTABLES -t nat -A OUTPUT -d $PUBLIC_IP -p tcp -m tcp --dport 443 -j DNAT --to-destination $WEB_SERVER1:443 -
Since Hairpin NAT was kind of a pain in the a** to set up, I decided to go for DNS route in the end.
The following solution made it possible to connect to the domains/containers that are hosted on the same machine.-
Create a file in the /etc/unbound/unbound.conf.d/ directory e.g. randomfilename.conf
-
Add a line for every domain that you want to resolve internally with the internal VM IP (e.g. 192.168.1.1)
server: local-data: "domain1.xx.com. IN A INTERNAL_VM_IP" local-data: "domain2.xx.com. IN A INTERNAL_VM_IP" local-data: "domain3.xx.com. IN A INTERNAL_VM_IP"- Restart Unbound DNS Server via "systemctl restart unbound"
Hopefully this helps someone who runs into the same problem.
@girish Thanks for your help! -
-
Since Hairpin NAT was kind of a pain in the a** to set up, I decided to go for DNS route in the end.
The following solution made it possible to connect to the domains/containers that are hosted on the same machine.-
Create a file in the /etc/unbound/unbound.conf.d/ directory e.g. randomfilename.conf
-
Add a line for every domain that you want to resolve internally with the internal VM IP (e.g. 192.168.1.1)
server: local-data: "domain1.xx.com. IN A INTERNAL_VM_IP" local-data: "domain2.xx.com. IN A INTERNAL_VM_IP" local-data: "domain3.xx.com. IN A INTERNAL_VM_IP"- Restart Unbound DNS Server via "systemctl restart unbound"
Hopefully this helps someone who runs into the same problem.
@girish Thanks for your help! -
-
G girish marked this topic as a question on
-
G girish has marked this topic as solved on