After the update I get the following error messages:
Your data directory and files are probably accessible from the Internet. The .htaccess file is not working. It is strongly recommended that you configure your web server so that the data directory is no longer accessible from the Internet or that you move it out of the document root directory of the web server.
Your “trusted_proxies” setting is not set correctly, it should be an array of IP addresses - optionally with a range in CIDR notation. You can find more information in the documentation.
I use Cloudflare with my own domain and have already entered all IP address ranges in the Config.php under Trusted Proxies.
Is there anything in there that helps explain your situation?
If you can please do these 2 things, they will help the community troubleshoot:
Try accessing Nextcloud from your local network at umbrel.local or the local IP address of your Umbrel. Do you still see the same errors when accessing this way?
Post your trusted_proxies and trusted_domains arrays from your config.php, but please remove any identifying public domains/IPs and onion addresses from it. For any domains you remove, please leave a placeholder explaining what it was and what the format was.
I have a tunnel running through Cloudflare (IP Ranges).
Apparently there is a bug here on Nextcloud’s part. After extensive research, I came across the following discussions:
I suspect an entry in the docker compose configuration. However, I’m not sure. Can you check that? Unfortunately, my knowledge is not sufficient to solve this problem.
Thanks for posting your details @denny! Looking at your trusted_proxies array I think you may have accidentally deleted the main umbrel Docker range when adding your Cloudflare IP ranges.
Can you please add back in 10.21.0.0/16 as a trusted proxy and let me know if you still get the error?
You could add it at the bottom of the array as item 22: 22 => '10.21.0.0/16',
hmmmm, darn. I don’t see anything in the docker-compose.yml file or the Docker file (we are using the official nextcloud image).
I also can’t seem to recreate the issue unfortunately. I just tried installing Nextcloud 28.0.3, setting up a Cloudflare tunnel with my own domain, and then upgrading to Nextcloud 29.0.4 without issue.
Really hoping we can get some community support from any Nextcloud experts here .
@473x31 and @Sharknoon have either of you run across something like this before?
tldr: I have the same errors as the OP, I solved the trusted proxies one by unquoting the TRUSTED_PROXIES value in docker-compose.yml (from TRUSTED_PROXIES="${NETWORK_IP}/16" to TRUSTED_PROXIES=${NETWORK_IP}/16) and restarting Nextcloud from umbrel.local
Basically, when printing my system config with sudo docker exec -u www-data -it nextcloud_web_1 php occ config:list system --private I could see how the trusted_proxies value '\"10.21.0.0\/16\"'. Now, after the change, I get "10.21.0.0\/16" and the error has gone (the trusted proxies one, the other one is still there)
About the first error (which I do not understand if it’s just a false positive that has to be fixed by Nextcloud), I got rid of it by having only IPs or FQDN in my trusted_domains. In case of OP,
I’ve even managed to update Nextcloud with a bunch of add-ons enabled as well as Cloudflare tunnels, when previously testing, and it works like a charm.
I’m inclined to think maybe it’s a network problem, particularly from my own experience running umbrelOS (and other OS’s in general) in Hyper-V with random network issues ie DNS randomly not working, no default route, etc.
But, yeah — not really sure tbh. I’ll take a closer look on it when I’m back on Monday if people keep having problems, it could be something Nextcloud changed in this release that we’ve missed potentially.
Edit: Or it could be a bug as @babba pointed out and seemingly resolved. (Nice work! )
Excellent, thanks for this @babba! And really glad this got you sorted @denny.
@babba can you please let me know some more details on your set-up so that I can recreate this exact issue? @473x31 and I have both been unsuccessful in recreating it. After that, we’ll issue a Nextcloud update to the app store so that other’s don’t run into this.
UmbrelOS 1.2.2 on Raspberry Pi 4, Nextcloud 29.0.4 + Cloudflare Tunnel app to be able to connect to my Nextcloud instance through a domain.
When setting this up, I had to modify my config.php this way:
Thanks for the additional details @denny and @babba! Really appreciate it.
TL/DR: I will issue a hotfix update for Nextcloud that removes the quotes from - TRUSTED_PROXIES="${NETWORK_IP}/16"
But I still can’t recreate the issue.
Unfortunately, I still can’t recreate the same issue that you guys ran into even when modifying "overwrite.cli.url, "overwritehost", and "overwriteprotocol" as you have done.
Apparently my guess was right. In my last posts I included links from the Nextcloud Community and Github where this is being discussed.
Note the double array above. So they literally did not have “an array of IP addresses” and instead and an array of an array (with an IP inside).
Whereas our current format should actually be fine, because the inner set of quotes is escaped properly:
“trusted_proxies”: [
“\“10.21.0.0\/16\””
],
That being said, there is no harm in removing the quotes from - TRUSTED_PROXIES="${NETWORK_IP}/16"
in the docker-compose file, and it does seem to have solved your issue .
@473x31, if you could try recreating again as well with the additional details denny and babba provided that would be wonderful. Juuuust in case there is some other underlying issue.
In the meantime, I will issue a hotfix update for Nextcloud.
Unfortunately, there is still a bug on Nextcloud’s part. I’m getting a notice on the admin overview page that says:
One or more mimetype migrations are available. Occasionally new mimetypes are added to better handle certain file types. Migrating the mimetypes take a long time on larger instances so this is not done automatically during upgrades. Use the command “occ maintenance:repair --include-expensive” to perform the migrations.
However, after some research I was able to solve the problem as follows:
if (version_compare($mimeTypeVersion, '30.0.0.0', '<') && $this->introduceExcalidrawType()) {
to
if (version_compare($mimeTypeVersion, '29.0.5.0', '<') && $this->introduceExcalidrawType()) {
After I then cleaned the log reader using sudo -u www-data truncate ./umbrel/app-data/nextcloud/data/nextcloud/data/nextcloud.log --size 0 , all checks passed.
.
)
.
