There’s been 60 posts in this thread, what do you mean by “the same issue” …
1 Like
Sorry, I read the whole thread, and I was referring to the first post.
Altough what I get when trying to access nextcloud is:
Internal Server Error
The server encountered an internal error and was unable to complete your request.
Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.
More details can be found in the server log.
So it might be another problem
@Centralscrutinizer21 not sure that your error is related. The reason for the initial post that I raised was quite specific. As soon as some of us did the SSOWAT update we couldn’t use Nextcloud clients, and as you can see from the thread, we were all on the wrong branch.
Just to be clear:
You followed, to the letter, aleks instructions? I’m sure you did.
You don’t have 2FA enabled. This caused me a lot of running around even with following instructions.
You have deleted and reinstalled the Nextcloud client app?
You can reach Nextcloud via a web browser? The error message you have shown is the message that appears when trying to access Nextcloud via a browser which is why I say, or think you issue is not related. No help I know.
Your error suggests a Nextcloud issue rather than the fun and games we had for being in the wrong testing branch.
Just a though but can you install another instance of Nextcloud on another domain, just to see if that works.
Dj
Yup, thanks for the explanation. I was so much hoping that my problem was related to this that I didn’t checked before posting. I have 2 other servers with different hardware but both are running the same testing version. So i need to dig a bit more
@Centralscrutinizer21 no worries at all. Hope you do find a solution to your problem.
Have a great day
Dj
Was this solved ? Is it safe to update to 11.1.0 now ?
What was solved ? 11.1.0 is supeseded by 11.1.3 …
Hi — I think I am still getting an error that I suspect is related to this despite having updated to the testing branch. I also had an inability to log into Nextcloud (25.0.2) (on desktop, mobile and calDAV/cardDAV clients after updating ssowat.
> yunohost --version
yunohost:
repo: testing
version: 11.1.3
yunohost-admin:
repo: testing
version: 11.1.3
moulinette:
repo: testing
version: 11.1.2
ssowat:
repo: testing
version: 11.1.2.5
and
> grep use_remote_user_var_in_nginx_conf /etc/ssowat/conf.json
"use_remote_user_var_in_nginx_conf": false,
"use_remote_user_var_in_nginx_conf": false,
"use_remote_user_var_in_nginx_conf": false,
"use_remote_user_var_in_nginx_conf": false,
"use_remote_user_var_in_nginx_conf": false,
"use_remote_user_var_in_nginx_conf": false,
"use_remote_user_var_in_nginx_conf": true,
"use_remote_user_var_in_nginx_conf": true,
"use_remote_user_var_in_nginx_conf": true,
"use_remote_user_var_in_nginx_conf": false,
"use_remote_user_var_in_nginx_conf": false,
"use_remote_user_var_in_nginx_conf": false,
I have tried with and without 2FA.
On the desktop app (MacOS), I get to the login screen, which authenticates in the web browser and reports success, but upon return to the app, I get an error, Access forbidden by server. To verify that you have proper access, click here to access the service with your browser.. The web browser works fine (although I had to disable fail2ban due to, I suspect, the requests from different devices locking me out).
On the iOS app, when I put in the domain at all, I get Internal Server Error. I deleted and reinstalled the mobile app, same issue.
Any suggestions where where I can look? The main nextcloud logs (in the admin interface) show nothing unusual or timed around these failed attempts.
EDIT: nginx logs may be useful and perhaps indicate an ssowat issue
2023/01/21 16:51:29 [error] 1863#1863: *12831 [lua] helpers.lua:386: authenticate(): Connection failed for: <USER1>, client: <MY.IP>, server: <CLOUD.MY.DOMAIN>, request: "GET /status.php HTTP/1.1", host: "<CLOUD.MY.DOMAIN>"
2023/01/21 16:51:45 [error] 1863#1863: *1768 [lua] helpers.lua:386: authenticate(): Connection failed for: xZJzSwBWyoW3iQa, client: <IP.2>, server: <CLOUD.MY.DOMAIN>, request: "PROPFIND /public.php/webdav/ HTTP/2.0", host: "<CLOUD.MY.DOMAIN>"
2023/01/21 16:52:27 [error] 1863#1863: *1768 [lua] helpers.lua:386: authenticate(): Connection failed for: xZJzSwBWyoW3iQa, client: <IP.2>, server: <CLOUD.MY.DOMAIN>, request: "PROPFIND /public.php/webdav/ HTTP/2.0", host: "<CLOUD.MY.DOMAIN>"
2023/01/21 16:53:15 [error] 1863#1863: *1768 [lua] helpers.lua:386: authenticate(): Connection failed for: xZJzSwBWyoW3iQa, client: <IP.2>, server: <CLOUD.MY.DOMAIN>, request: "PROPFIND /public.php/webdav/ HTTP/2.0", host: "<CLOUD.MY.DOMAIN>"
2023/01/21 16:54:08 [error] 1863#1863: *1768 [lua] helpers.lua:386: authenticate(): Connection failed for: xZJzSwBWyoW3iQa, client: <IP.2>, server: <CLOUD.MY.DOMAIN>, request: "PROPFIND /public.php/webdav/ HTTP/2.0", host: "<CLOUD.MY.DOMAIN>"
2023/01/21 16:54:38 [error] 1863#1863: *12897 [lua] helpers.lua:386: authenticate(): Connection failed for: <USER1>, client: <MY.IP>, server: <CLOUD.MY.DOMAIN>, request: "OPTIONS /remote.php/dav/principals/users/<USER1>/ HTTP/2.0", host: "<CLOUD.MY.DOMAIN>"
2023/01/21 16:55:00 [error] 1863#1863: *1768 [lua] helpers.lua:386: authenticate(): Connection failed for: xZJzSwBWyoW3iQa, client: <IP.2>, server: <CLOUD.MY.DOMAIN>, request: "PROPFIND /public.php/webdav/ HTTP/2.0", host: "<CLOUD.MY.DOMAIN>"
I seem to have made some progress and potentially resolved the issue by manually adding the line "use_remote_user_var_in_nginx_conf": false, to nextcloud api and main blocks in /etc/ssowat/conf.json.persistent and running sudo yunohost app ssowatconf. However, I am not sure this is very sustainable because the flag seems to be true and false for different apps, and I’m not sure what it really does in different contexts and would appreciate advice.
@veale my understanding is that the true/false flags are normal. I sent a sceen-grab in this thread which Aleks confirmed was normal.
See
dj
@deljones Yes, I meant that overriding them seems like a bad idea if they actually have meaning, as I presume they aren’t differing at random.
Also, I am still experiencing the iOS State Token Expired error you had earlier despite having some desktop syncing success - I don’t have 2FA on any more, did you fix this another way?
Hi @veale. Hmmm. No. I had all of the issues that you are now seeing. I just followed Aleks instructions on the update to 11.1.2 (now 3) and the sync issue was resolved, it was that simple. As I said in the thread I still couldn’t get the Cal/CardDAV thing to work which was down to 2FA.
I’m sure that you have done it right but just to check. You cant just disable 2FA app, you have to switch it off for the user in the user Security settings, there is no need to disable the app, if you do Nextcloud does freak out asking for codes etc. You probably know all this but I’m just saying as it took me a few cups of tea to discover that. Doh!
I’m sorry that I cant be of any further help, I understand the frustration, but the update to the right testing branch was the culprit.
Another thought. If you have a spare domain and stick a test instance of Nexcloud in and see if you can get things working there.
Good luck
dj
1 Like
uuuh wut, you have nextcloud blocks in conf.json.persistent ? x_x
@Aleks Thanks for your shock, it was helpful! I have no idea why but in my set-up the conf.json.persistent file looked like it resembled a copy of conf.json from an earlier point in my set-up (e.g. with some older domains only). I have no idea why and what is was supposed to look like but I have replaced it with a file containing only
{
"redirected_urls": {}
}
and now I seem to have functionality back, presumably as the changes to fix SSOwat are not being overriden.
1 Like
As the good practice is making regular update, I’m doing it every day.
And I’ve broken 5 times my Yunohost (everything) before understanding something call “ssowat” was causing the problem & before coming here 
To help newbee who don’t understand anything in code (and just use the web-interface) , it would be helpful to deactivate the upgrade before the problem is solved.
2 Likes
Hi,
I still get a 401 error on the Cal/CardDAV clients when I switch back on the 2FA.
Is it an issue with the YunoHost integration and SSO or with the Nextcloud 25 release and its calendar feature ?
Hi @Aleks, i ran
curl https://install.yunohost.org/switchtoTesting | bash
which switched to 11.1.3 (testing). I’m still not able to log into the user interface. i have tried deleting the user and re-creating it again and still no luck. I have access to admin portal no problem there. By the way this is a new fresh install.
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
I checked the logs using yunohost logs list and it just show events.
Which user interface do you mean, and what do you mean by you are “not able to”, what happens exactly when you try …
I freshly installed yunohost server that was version 11.0.11. i followed the instruction from the installation guide . After the installation i created a new user from the ‘Yunohost portal’ which is the administrator portal. After creating the user. i clicked on the button that is located on the top right corner above ‘Logout’ and it is ‘User Interface’ which then takes me to Yunohost single-sign-on page which is also known at the application page with a gray background. I’m unable to into the Yunohost single-sign-on application page.
User creation Logs:
args:
domain: maindomain.tld
firstname: Sohaib
lastname: Khan
mailbox_quota: '0'
username: sohaib_su
ended_at: 2023-01-28 00:45:03.639993
error: null
interface: api
operation: user_create
parent: null
related_to:
- - user
- sohaib_su
started_at: 2023-01-28 00:45:02.217107
success: true
yunohost_version: 11.0.11
============
2023-01-27 19:45:02,444: DEBUG - Group 'sohaib_su' created
2023-01-27 19:45:02,444: DEBUG - Full log of this operation: '<a href="#/tools/logs/20230128-004502-user_group_create-sohaib_su" style="text-decoration:underline">Create 'sohaib_su' group</a>'
2023-01-27 19:45:02,593: DEBUG - The permission database has been resynchronized
2023-01-27 19:45:02,601: DEBUG - SSOwat configuration regenerated
2023-01-27 19:45:02,604: DEBUG - Group 'all_users' updated
2023-01-27 19:45:02,604: DEBUG - Full log of this operation: '<a href="#/tools/logs/20230128-004502-user_group_update-all_users" style="text-decoration:underline">Update 'all_users' group</a>'
2023-01-27 19:45:02,623: DEBUG - Executing command '['sh', '-c', '/bin/bash -x "./ynh_multimedia" sohaib_su sohaib_su@maindomain.tld 7>&1']'
2023-01-27 19:45:02,638: DEBUG - + user=sohaib_su
2023-01-27 19:45:02,638: DEBUG - + readonly MEDIA_GROUP=multimedia
2023-01-27 19:45:02,638: DEBUG - + MEDIA_GROUP=multimedia
2023-01-27 19:45:02,638: DEBUG - + readonly MEDIA_DIRECTORY=/home/yunohost.multimedia
2023-01-27 19:45:02,638: DEBUG - + MEDIA_DIRECTORY=/home/yunohost.multimedia
2023-01-27 19:45:02,638: DEBUG - + '[' -e /home/yunohost.multimedia ']'
2023-01-27 19:45:03,639: SUCCESS - User created
Migration Logs:
ended_at: 2023-01-28 00:56:15.550552
error: null
interface: cli
operation: tools_migrations_migrate_forward
parent: null
started_at: 2023-01-28 00:56:14.529224
success: true
yunohost_version: 11.1.3
============
2023-01-27 19:56:14,522: INFO - Running migration 0025_global_settings_to_configpanel...
2023-01-27 19:56:14,523: SUCCESS - Migration 0025_global_settings_to_configpanel completed
2023-01-27 19:56:14,532: INFO - Running migration 0026_new_admins_group...
2023-01-27 19:56:14,532: INFO - Creating a backup of LDAP database and apps settings prior to the actual migration.
2023-01-27 19:56:14,727: DEBUG - initializing ldap interface
2023-01-27 19:56:14,933: DEBUG - SSOwat configuration regenerated
2023-01-27 19:56:14,933: SUCCESS - User info changed
2023-01-27 19:56:15,002: DEBUG - To view the log of the operation 'Update info for user 'sohaib_su'', use the command 'yunohost log show 20230128-005614-user_update-sohaib_su'
2023-01-27 19:56:15,179: INFO - Updating aliases for group 'admins'
2023-01-27 19:56:15,211: SUCCESS - Group 'admins' updated
2023-01-27 19:56:15,212: DEBUG - To view the log of the operation 'Update 'admins' group', use the command 'yunohost log show 20230128-005615-user_group_update-admins'
2023-01-27 19:56:15,217: DEBUG - The permission database has been resynchronized
2023-01-27 19:56:15,227: DEBUG - SSOwat configuration regenerated
2023-01-27 19:56:15,320: DEBUG - The permission database has been resynchronized
2023-01-27 19:56:15,330: DEBUG - SSOwat configuration regenerated
2023-01-27 19:56:15,334: SUCCESS - Group 'admins' updated
2023-01-27 19:56:15,334: DEBUG - To view the log of the operation 'Update 'admins' group', use the command 'yunohost log show 20230128-005615-user_group_update-admins'
2023-01-27 19:56:15,529: DEBUG - The permission database has been resynchronized
2023-01-27 19:56:15,538: DEBUG - SSOwat configuration regenerated
2023-01-27 19:56:15,542: SUCCESS - Group 'admins' updated
2023-01-27 19:56:15,543: DEBUG - To view the log of the operation 'Update 'admins' group', use the command 'yunohost log show 20230128-005615-user_group_update-admins'
2023-01-27 19:56:15,548: SUCCESS - Migration 0026_new_admins_group completed
After reading the threads, i ran the command suggested switch to Yunohost testing version. I’m still not able to login into the Yunohost application page (gray page). let me know if you need additional logs please and Thank you!
Switch to test:
curl https://install.yunohost.org/switchtoTesting | bash