Hi.
Install Nextcloud on a raspberry pi3, with a NexcloudBox, I made the installation from zeros using a preinstalled version of ubuntu 16.04.
I have made everything work but for external access I need to do a port redirection on the router of my ISP provider. I can not leave the port 80 configured in apache since that port is used by the provider. When trying to change the apache configuration in the httpd.conf file located in /snap/nextcloud/173/conf/httpd.conf is in a read-only folder.
How can I do to change the listening port of apache?
Thank you.
First of all, can your router forward port 81 to port 80? That might be the easiest way to solve this problem.
The most recent release of snapd that just got SRUd back to xenial supports configuration, but I wanted to wait a little bit before I started utilizing that in case people were slow to update. Once I add support for it, you'll be able to change the port like this:
$ snap set nextcloud apache_port=81
I can麓t forward port 81 to port 80 on router. How i can update?
I had more or less the same problem, and my solution was to use IPv6... so you will access directly your nextcloud box.
Additional use case for this feature: Reverse Proxy
I'm currently running a regular Nextcloud install behind a Nginx reverse proxy. I'm migrating the host soon and I'd like to use the Snap distribution, but that won't work if the snap is locked to port 80.
Indeed, this is something we want to support. But we're currently blocked on LP: #1636931.
@kyrofa: it seems that as of 2017-01-05, the bug referenced above is closed.
Yeah now we're stuck on LP: #1636934 for incorrectly saving config values even when the snap is removed (users won't be able to clear a config once they set it), and LP: #1659924 for not making hooks available for all users, in which case installation will either fail or config would be unusable for users who haven't run a dist-upgrade.
Hi! Maybe in the meantime you could just expose _httpd.conf_?
I'm also waiting for this so I could install nextcloud behind nginx.
bump
Any other suggestion on installing behind nginx?
Note that both mentioned bugs are fixed in snapd trunk. Just waiting for a release.
@kyrofa It seems the new snapd version is released! Will get a nextcloud snap update soon?
Thank you.
@Avnerus indeed, snapd v2.24 contained what we were waiting for. This issue is now on the queue.
@kyrofa , great! Thank you.
To anyone following this issue: please take a look at #266. There are links to snaps and instructions on how to test them. If you could please do so and comment on the pull request, I'd really appreciate it! I'd like to be sure that the fix solves the issue before releasing it.
@kyrofa Thank you! I am away right now but will be able to test it early next week.
Sorry everyone: we discovered LP: #1690906 in testing, which breaks upgrades for snaps installed in lxc. We need to hold off on this until that bug is fixed.
Not sure if this is helpful but a heads up in case it is (I came across this looking for another issue). The commit referenced here sets the only valid characters in configure options to 'a-z, 0-9, -'. I notice the now reverted pull request for this uses a '.' character. The 'var validKey' regex still exists in the master of snap.
Edit: sorry to fill your notifications, thought a bit more during a walk to coffee and nested config was the point of that change, it splits on '.'
Any news on this? I want to ditch the somewhat-heavyweight lxd workaround and run nextcloud in a snap on the host, and the port conflict is the only thing stopping me.
Alright, we're gonna try this again. LP: #1690906 hasn't budged in status, but in testing it appears to have disappeared. We'll of course give it some heavy testing again. We should add some automated tests as well, but I put up #349 if folks want to test it out.
All tests (both in and out of lxc) look good. The PR has landed, which means this feature will soon be available in beta.
To avoid other people having to rummage, this is now implemented such that you can do:
sudo snap set nextcloud ports.http=8080
sudo systemctl restart snap.nextcloud.apache.service
If you have Snap Nextcloud with HTTPS and want to hide Snap Nextcloud behind reverse proxy Nginx with HTTPS:
# Unluckily not implemented yet:
# sudo snap set nextcloud listen-address=127.0.0.1
# Give some RAM:
sudo snap set nextcloud php.memory-limit=1024M
# Switch port from 80 to 8080, so Nginx can use 80 (and 443):
sudo snap set nextcloud ports.http=8080
# If you use local HTTPS:
# sudo snap set nextcloud ports.https=4444
# Disable local HTTPS:
sudo snap run nextcloud.disable-https
# Restart Snap Nextcloud Apache:
sudo systemctl restart snap.nextcloud.apache.service
# Install user friendly firewall (= UFW) on Ubuntu 18.04:
sudo apt update && sudo apt install ufw
# Allow SSH port 22 or so to not block yourself:
sudo ufw allow 22/tcp
# Hide local Nextcloud port from outside world:
sudo ufw deny 8080/tcp
# Same if you use local HTTPS:
# sudo ufw deny 4444/tcp
# Allow standard HTTP/HTTPS ports 80 and 443 for Nginx:
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
# Local Nextcloud doesn't know your reverse proxy URL example.com. Don't forget to login for the first time. Then give him:
sudo nextcloud.occ config:system:set overwritehost --value="example.com:443"
sudo nextcloud.occ config:system:set overwriteprotocol --value="https"
# Enable firewall:
sudo ufw enable
# Install Nginx:
sudo apt install software-properties-common
sudo add-apt-repository ppa:nginx/stable # 1.16.1 instead of 1.14.0 on Ubuntu 18.04 (19.01.2020)
sudo apt install nginx-extras
# Configure Nginx:
/etc/nginx/sites-available/example.conf:
{
listen [::]:80;
# listen [::]:80 http2;
listen 80;
# listen 80 http2;
server_name example.com;
return 303 https://example.com;
}
server
{
listen [::]:443 ssl;
# listen [::]:443 ssl http2;
listen 443 ssl;
# listen 443 ssl http2;
server_name example.com;
ssl_certificate /etc/nginx/example.pem;
ssl_certificate_key /etc/nginx/example.key;
# Prevent "request entity too large":
client_max_body_size 16G;
location /
{
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade ;
proxy_set_header Connection "Upgrade" ;
include proxy_params;
proxy_pass http://127.0.0.1:8080;
proxy_redirect http://example.com https://example.com;
}
}
# Put example.pem and example.key in /etc/nginx or so.
cd /etc/nginx/sites-enabled/
sudo ln -s ../sites-available/example.conf .
sudo nginx -t
sudo systemctl reload nginx
Most helpful comment
To avoid other people having to rummage, this is now implemented such that you can do: