[00:02:19]
<Nicole> Do you have your domain setup in yunohost and are your apps configured to be served on that domain?
[00:06:11]
<Solrac> > <@ngill:nortel.cloud> Do you have your domain setup in yunohost and are your apps configured to be served on that domain?
I have _a_ domain in yunohost. However, I'm in a cgnat. So I'm tunneling.
[00:07:16]
<Solrac> using the same domain of course, but so far only subdomains "work" and the only thing workin as intended is the admin ui.
Im trying to link to the domain itself (no subs) but im not having great luck with that
[00:07:36]
<Solrac> I was going to experiment with other local domains, but Im not sure how to link those externally
[00:09:08]
<Solrac> my apologies if some of what I say sounds like nonesense, by the way
[00:11:09]
<Nicole> Having your traffic go through a tunnel is fine, that shouldn't be relevant. From how I understand yunohost works, it won't serve anything except the admin page on a domain that isn't configured in the domain settings of yunohost.
[00:13:25]
<Solrac> Meaning, I need to serve (domain) instead of (sub).(domain), no?
[00:13:40]
<Solrac> maybe I'm over complicating it, but how can I set that up in the reverse-proxy in the VPS? 🤔
[00:15:33]
<Nicole> I don't think the VPS and tunnel don't have anything to do with this. As long as your DNS settings are correct so that your domain points to your VPS (should have two `A` records for `@` and `*` which go to your VPS's IP address) and your VPS is correctly forwarding traffic to your private server, all that should be fine.
[00:17:14]
<Solrac> I've like 2 @s, 3 with the VPS, should i remve the unused ones?
[00:17:15]
<Nicole> Though what it sounds like is that you're trying to visit `yourdomain.example` and getting redirected to the admin page constantly. Which I think would happen if `yourdomain.example` is not added as a domain in your yunohost domain settings.
[00:19:32]
<Nicole> See the table on this page for how DNS should be configured: https://yunohost.org/en/dns\_config, you might have two records for `@` but one of them is ipv4 (`A`) and the other is probably ipv6 (`AAAA`)
[00:19:37]
<Nicole> See the table on this page for how DNS should be configured: https://yunohost.org/en/dns_config, you might have two records for `@` but one of them is ipv4 (`A`) and the other is probably ipv6 (`AAAA`)
[00:22:12]
<Solrac> > <@ngill:nortel.cloud> See the table on this page for how DNS should be configured: https://yunohost.org/en/dns_config, you might have two records for `@` but one of them is ipv4 (`A`) and the other is probably ipv6 (`AAAA`)
I have an `@ in A` for the cgnat ip (removed) and I think the original ip address it came with, which I also removed. There was no AAAA
I now have `* in A` and `@ in A` for the vps
[00:23:11]
<Nicole> Ah okay so if you still had your cgnat address in there then that would probably have been causing problems
[00:23:40]
<Solrac> Probably. I just did a certbot for the domain and it worked
[00:24:07]
<Nicole> If you were able to request a ssl cert for the domain, that verifies your DNS, VPS and tunnel are all working correctly
[00:24:36]
<Solrac> Thats awesome!
[00:25:03]
<Solrac> In all honesty its quite a relief. Thank you both for teaching me so much and delaing with my lack of knowledge.
[00:25:30]
<Solrac> Though, for some reason, the domain still doesn't load 🙃 I've set it to searxng
[00:25:42]
<Solrac> it has indeed timed out
[00:27:17]
<Nicole> Certbot being successful means that it was able to make requests to your server, so maybe your computer just has the old DNS records in cache?
[00:27:36]
<Solrac> that's possible?
[00:28:10]
<Nicole> I guess you can try from your phone or another device you haven't tested with yet
[00:30:15]
<Solrac> so lemme edit nginx real quick and retest
[00:30:15]
<Solrac> One device redirected it to the tunnel ip address
[00:31:46]
<Solrac> :^) now it redirects me to the admin ui
[00:32:39]
<Nicole> Just to confirm, you have the domain you're trying to use registered in your yunohost admin settings, and it is set as the primary domain?
[00:33:02]
<Solrac> That would be correct
[00:34:09]
<Nicole> If you log into the admin ui and hit the "user interface" button in the top right does it still bring you back to the admin ui?
[00:37:37]
<Solrac> it redirects me to an sso url
[00:38:21]
<Nicole> if you log in there as well you should be at a landing page with all your installed apps shown as tiles
[00:38:47]
<Solrac> is it possible to redirect and login from that rather than the admin login? 🤔
[00:39:43]
<Nicole> well - that's the default behavior. Or at least it was for me.
[00:39:53]
<Nicole> Not really sure why it's not the same for you.
[00:43:59]
<Solrac> a reboot later, later (cause the sso wasnt loading, it was loading an local name), and currently things are 502s so I'm assuming the tunneling is a bit messed
[00:44:03]
<Solrac> wait nevermind
[00:44:13]
<Solrac> sorry about that, I assume that was the downtime
[00:45:11]
<Solrac> said sso page returns a 502 from the VPS 🤔
[00:58:41]
<Nicole> I think I found another thing that would be causing problems. https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/#passing-request-headers
[00:58:41]
<Nicole> When I was experimenting with tunneling for my server I was not using an additional reverse proxy. I was just forwarding raw network packets over my VPN connection so the request was not being modified.
[00:58:41]
<Nicole> however in your case, I believe you're using nginx on your VPS, which if configured with proxy_pass DOES change the request a bit in a way that matters.
[00:58:43]
<Nicole> try including the `proxy_set_header Host $host;` line in your nginx config.
[00:58:43]
<Solrac> I've added both Host and X-Real-IP, and technically the dash's login works, however logging in, returns to a 502
[00:58:50]
<Nicole> A 502 from where? Your VPS nginx or yunohost?
[00:58:51]
<Solrac> vps sorry
[01:04:31]
<Nicole> works as in it all works? Or it solved one problem and now there's another
[01:04:32]
<Solrac> adding `proxy_set_header Accept-Encoding "";` worked??
[01:11:49]
<Solrac> It "all" works. I am now able to access the dash, privatebin and searxng
[01:11:50]
<Nicole> well I won't pretend like I know why blocking that header from getting passed through solved the issue but... glad it works now
[01:14:06]
<Solrac> If anything I find it confusing, cause it's kinda telling it _not_ to accept a coding
[01:15:05]
<Solrac> so I guess, it works raw??
[01:15:06]
<Solrac> Regardless, thank you guys so so so much
[01:16:09]
<Nicole> np 👍️
[01:17:15]
<Solrac> I might return tomorrow for alt domain questions (ie hastebin and HomeAssitant need their own domain)
[01:17:16]
<Solrac> I'm going to assume I can probably try running that via a subdomain
[01:17:16]
<Nicole> Yeah just give it a subdomain. As long as you've got DNS records for `*` they'll all get passed to your VPS. And as long as your VPS nginx config has it passed to your yunohost server it should work
[01:17:16]
<Solrac> 👌 Mighty fine
[01:17:16]
<Solrac> Thank you once again
[10:10:14]
<uQlel> Is it possible to have email at domain.tld with yunohost at yuno.domain.tld?
[10:10:24]
<uQlel> because i have a diffrent record at domain.tld
[10:11:00]
<uQlel> and I see that yunohost tells me to configure mail to be like user@yuno.domain.tld
[10:11:13]
<uQlel> and I want it at user@domain.tld
[11:35:23]
<Guillaume Bouzige> yes you can
[11:36:03]
<Guillaume Bouzige> just configure that domain you want and tick the box 'email' option on it
[12:13:35]
<sankayop> Hi, sorry to disturb :) I'm using yunohost, installed nextcloud and am trying to synchronise 412Gb from my local SSD to nextcloud. Everything went right till the last 12Gb that can't be uploaded/syncronized.
I'm getting the error: ` Network error: 449 ` in the nextcloud client app.
When looking to the log of php8.1-fpm service, I could read:
` WARNING: [pool example.com] server reached max_children setting (5), consider raising it `
While looking on the net, I could find that increasing the timeouts could help: https://www.reddit.com/r/NextCloud/comments/pvlnrc/large_uploads_fail_with_499_status_code_after_60/
https://community.webcore.cloud/tutorials/how_to_solve_php_fpm_server_reached_max_children/
but it didn't.
If someone could be so nice to give me some help, it would be very sweet :)
Thanks in advance
ps: the yunohost paste for php8.1-fpm: https://paste.yunohost.org/tijazoteva
[12:26:04]
<Chatpitaine Caverne> sankayop: Maybe, try to update the file `nextcloud.conf` in the folder `/etc/php/8.1/fpm/pool.d/`
You can change there the pm.max_children, pm.max_requests, request_terminate_timeout, ....
[12:29:59]
<sankayop> Thanks Chatpitaine Caverne . Sorry, I was not clear. I've changed the values in the file `/etc/php/8.1/pool.d/nextcloud.conf`
practically, I've update following values:
```
;manually added by sanka:
pm.max_children = 88
pm.min_spare_servers = 20
pm.max_spare_servers = 35
php_admin_value[memory_limit] = 16G
php_admin_value[max_execution_time] = 600
php_admin_value[max_input_time] = 600
php_admin_value[default_socket_timeout] = 360
```
[12:31:31]
<sankayop> currently, I don't have any warning anymore in the php-fpm log but the nextcloud client app still gives me the network error:449 and behaves the same way as before
[12:43:05]
<Chatpitaine Caverne> Can you check your Nginx configuration depending on your configuration as a subdir or as a subdomain.
**Nextcloud in the webroot of NGINX** :
https://docs.nextcloud.com/server/stable/admin_manual/installation/nginx.html?highlight=nginx#nextcloud-in-the-webroot-of-nginx
**Nextcloud in a subdir of the NGINX webroot** :
https://docs.nextcloud.com/server/stable/admin_manual/installation/nginx.html?highlight=nginx#nextcloud-in-a-subdir-of-the-nginx-webroot
[12:45:11]
<sankayop> i will try but just to let you know, until today, i did everything through the yunohost interface (not via terminal). So I did not modify manually nginx files. But i will follow your instructions :)
[12:49:31]
<Chatpitaine Caverne> This is more ideas than instructions. I'm far from expert too. Don't hesitate if you need help with command line.
[12:51:09]
<Chatpitaine Caverne> Oh, wait. easier. Did you let everyone right to access Nextcloud. Cause the API connections need that.
[12:51:41]
<sankayop> > <@chatpitaine:cirkau.art> Oh, wait. easier. Did you let everyone right to access Nextcloud. Cause the API connections need that.
what do you mean?
[12:52:04]
<sankayop> there's a login, but otherwise, the cloud is accessible from the internet
[12:52:49]
<sankayop> or do you mean in the terminal: 777?
[12:53:50]
<Chatpitaine Caverne> I mean in the Yunohost permissions. Your Nextcloud app has to be autorized to anonymous visitors (That doesn't mean it is opendoors, there still has security checks. It's just exposed.
[12:54:22]
<Chatpitaine Caverne> > <@sankayop:matrix.org> or do you mean in the terminal: 777?
NO, NEVER DO SUCH RIGHTS ADJUSTEMENTS.
[12:56:47]
<sankayop> in the yunohost `groups and permissions`, under `visitors`, i can see `Nextcloud` and `Nextcloud(api)`
[12:57:10]
<sankayop> also under `All users` actually
[12:57:11]
<Chatpitaine Caverne> > <@sankayop:matrix.org> in the yunohost `groups and permissions`, under `visitors`, i can see `Nextcloud` and `Nextcloud(api)`
So this is not the reason why it doesn't work.
[13:10:14]
<sankayop> ok, i think i have a thread... I forgot to have a look to nextcloud.log and there, there are a lot of errors...
[13:10:59]
<sankayop> example:
```
[no app in context] Error: Computed md5 hash is incorrect.
POST /remote.php/dav/bulk
```
```
[no app in context] Error: "file.pdf" is locked, existing lock on file: exclusive
POST /remote.php/dav/bulk
from 192.168.X.X by sanka_8545 at 2023-08-21T12:26:51+02:00
```
[13:12:13]
<sankayop> since it worked for 402Gb of data without issue, could it be that the issue is more local (related to specific files) and not systemic (related to nginx config file?)
[13:12:32]
<sankayop> I'll first clean these errors and return to you with some feedback :)