Hi,
I appreciate that this question has been asked a fair number of times. I've been searching through the boards for similar issues but none seem to apply to what I'm seeing.
My setup
- Default gateway: OPNsense
- Internal DHCP/DNS handled by a Windows server
- Internal nginx reverse proxy which handles all requests in over ports 80 & 443
- All services inside that are serviced by the reverse proxy run on a docker stack (including Nextcloud)
- All attempts to access any services on 80 are auto forwarded by the reverse proxy to 443. Nextcloud has been configured to run on port 80 so I can use my reverse proxy to terminate the SSL.
- Nextcloud mobile app works from both inside the network and from outside. I can upload/delete/create files and folders from the Nextcloud mobile app as well as in the web frontend.
- Nextcloud is hosted at the root of it's own server block using host headers on the proxy to direct inbound connections to the correct service. It also contains location blocks for /.well-known/carddav & /.well-known/caldav
I have followed the guide here:
https://docs.opnsense.org/manual/how-tos/cloud_backup.html
I've also tried using just a standard user on my Nextcloud setup for the backup.
All attempts fail. The General log on OPNsense states:
config[68984]: {"url":"https:\/\/nextcloud.mydomain.net\/remote.php\/dav\/files\/opnsense-backup\/","content_type":null,"http_code":0,"header_size":0,
"request_size":0,"filetime":-1,"ssl_verify_result":0,"redirect_count":0,"total_time":60.001572,"namelookup_time":1.720676,"connect_time":0,
"pretransfer_time":0,"size_upload":0,"size_download":0,"speed_download":0,"speed_upload":0,"download_content_length":-1,"upload_content_length":-1,
"starttransfer_time":0,"redirect_time":0,"redirect_url":"","primary_ip":"","certinfo":[],"primary_port":0,"local_ip":"","local_port":0}
config[68984]: Error while fetching filelist from Nextcloud
If I try to access the URL that OPNsense is trying to access (https://nextcloud.mydomain.net/remote.php/dav/files/opnsense-backup), I'm prompted for a username and password. Once I enter those, I see the expected message: "This is the WebDAV interface. It can only be accessed by WebDAV clients such as the Nextcloud desktop sync client", so it's definitely up and running.
As far as I can tell, the logs aren't really giving me anything useful to follow.
Can anyone provide any pointers?
Thanks.
i just read the docs now, as for me it works since implemented.
In the docs, they create an acess token, but don't need it fr the backup on nextcloud. You can just use a regular user and his password (easiest way, but not the securest, hacking the password offends your whole firewall config).
Or, if using an existing user, you can create the password token and copy it over as login credentials for the user, on which it's been created. Using this, your password of the user itself is "secured".
But: No need of any dav at all for your backup. The error will occur, as opnsense cannot login to your nextcloud server.