@girish Thanks so much for the great answers.
I look forward to installing the cloudron cli on my computer running Linux Mint .
@girish Thanks so much for the great answers.
I look forward to installing the cloudron cli on my computer running Linux Mint .
@girish I successfully migrated my Cloudron from one server to another. I followed your directions and updated Cloudron to v 6.0.0 before making my final backup of the old server.
Thank you.
@girish wrote "I remember mentioning NAT loopback in https://blog.cloudron.io/installing-cloudron-on-a-home-server/."
That is indeed where I learned about it and was diligent when I set up the old router... but forgot about it it completely when setting up the new one. Always a good idea to work from docs and not just your own head.
@girish Thanks so much for the great service! I'm a happy customer.
@girish thx. It was really helpful for you to say that you didn't think the problem was with the cert. It got me thinking outside that box.
The problem was that I hadn't properly set up Nat loopback support on the new router (the config for that was different from the one on the old router).
I had to un-tick the box "Stop DNS Rebind" in order to get my site to resolve on my local computers (access from outside my network was fine --which I hadn't realized at first).
There was a big warning when I unticked that setting. Any thoughts on this. It's possible that I have some other local network or router setting that isn't quite right.
Thx.
/settings/admin/richdocuments
Any ideas?
I had the same problem and searched the forum.
Got the solution here, thanks! @alkomy
Since finding where to add the white-listed IP on Namecheap can cause you to pull your hair out, I thought I'd document it here for others:
Direct URL: https://ap.www.namecheap.com/settings/tools/apiaccess/
Via the UI: account => profile => tools => Business & Dev tools => Namecheap API access (click "Manage") and then click "Edit" across from "Whitelisted IPs".
I'd like to not use Nextcloud's encryption-at-rest.
So I would love to be able to provide users with server logs that would show anytime a file was accessed by someone who did not own it or have share-access to it.
In other words, I want to do more than promise, "I won't access user files."
Ideas? I know there is a Linux program Auditd. I wanted to get other folks perspectives before I dive into that.
Trying to understand your question. Are you referring to users somehow accessing the files via SSH'ing into your server? If not, how can someone access files they did not own?
My interest is in auditing admin access and making those audits transparent.
Which software is running this forum?
Is it Discourse? NodeBB? Something else?
Trying to understand your question. Are you referring to users somehow accessing the files via SSH'ing into your server? If not, how can someone access files they did not own?
My interest is in auditing admin access and making those audits transparent.
You won't be able to protect unencrypted files even if you promise.
It's not so much about protection that I'm after but rather making Admin access transparent.
Note that NextCloud admins will always be able to impersonate users
Yes, but I'm imagining that would trigger a log entry that would be made available to instance users.
The feature you want should be requested upstream since this cannot be solved within cloudron.
Agreed.
You have to trust your administrators.
We should not have to trust administrators. I hope the goal of NextCloud is to be a true alternative to Google cloud apps. If we are just asking folks to trust one administrator instead of another administrator then NextCloud becomes less compelling, in my opinion.
I'd like to not use Nextcloud's encryption-at-rest.
So I would love to be able to provide users with server logs that would show anytime a file was accessed by someone who did not own it or have share-access to it.
In other words, I want to do more than promise, "I won't access user files."
Ideas? I know there is a Linux program Auditd. I wanted to get other folks perspectives before I dive into that.
@girish Thanks so much for the great service! I'm a happy customer.
@nebulon thanks for sticking with me on this one.
nextcloud.mydomain.tech
and collabora.mydomain.tech
Some more data from my troubleshooting
I removed all the gazillion certs that were in /etc/ssl/certs
and also deleted all lines in /etc/ssl/certs/ca-certificates.crt
in advance of renewing my domain certs in the Cloudron domains admin page. Those actions had absolutely no effect on anything. Green lock still appeared on all my Cloudron sites and Nextcloud still couldn't contact Cloudron server.
find / -iname "*letsencrypt*"
returned zero rows
Some wild ideas to just toss out there:
.tech
domains that I am using?Again, I appreciate you sticking in there with me on this one. Any ideas on what I could try next?
Hmm, self-signed certificate in chain...
Thanks in advance for advising on my next step.
@girish Okay, took the "https://" off. I restarted Nextcloud as well as Collabora. Still same error, red X and "Could not establish connection to the Collabora Online server."
@robi @nebulon Thank you. I will try the recipe I found at Stack Exchange and then report back. In my situation it is for a home server. So I can easily connect a keyboard and monitor to enter the encryption password on the drive in the wake of a server reboot.
I do want to be able to do it remotely though if I'm not home. But the situation is not urgent for me. That explains my delay in following through. But I will.