CLOSED: Access to web-apps externally is erratic

batoum
Posts: 34
Joined: Sun Oct 04, 2015 3:53 am

CLOSED: Access to web-apps externally is erratic

Postby batoum » Wed Oct 28, 2015 12:40 am

Hello

I am having issues accessing web-apps from outside my network. It works for some and not for others and I cannot figure why.

I have couchpotato, sabnzbd, sickbeard and owncloud. For the first three, I can access web-apps from outside my network by using

Code: Select all

http//username.yourhda.com:XXXX #where XXXX is the port of the app
. When I check the listening ports by using

Code: Select all

nmap -sT -O localhost
i can see the respective ports are listening (for example I get this for sickbeard XXXX/tcp open blackice-icecap)

Owncloud, on the other hand is a difficult beast as I cannot get it to be accessible externally...

I have tried to use the wiki section titled "Hosting Webapps (Change Port)" but no luck. Owncloud worked internally but not externally

I then tried the customer options outlined in the wiki section "Web App Packaging Notes@ by editing the ports access as by editing the .conf file in /etc/httpd/conf.d folder as follows (note - XXXX are the port numbers) nb the router ports are forwarding correctly to the HDA.

Code: Select all

<VirtualHost *:80> ServerName owncloud8 ServerAlias owncloud8.amahi.net ProxyPass / http://localhost:XXXX/ ProxyPassReverse / http://localhost:XXXX/ DocumentRoot /var/hda/web-apps/owncloud8/html <Directory "/var/hda/web-apps/owncloud8/html"> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory> ErrorLog /var/hda/web-apps/owncloud8/logs/error_log CustomLog /var/hda/web-apps/owncloud8/logs/access_log combined env=!dontlog </VirtualHost>


Still no luck. I tried to do both (i.e. Listen and proxypass) but nothing.

I then tried to add a rule on the the iPtables, but systemctl status iptables gives me:

Code: Select all

● iptables.service Loaded: not-found (Reason: No such file or directory) Active: inactive (dead)
and when I do iptables -L i get the following:

Code: Select all

Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination
Based on this, i didnt make any changes to the iptables as (a) no-one seems to talk about this as a solution, so figured it wasnt a good idea and (b) it looks like totally open or inactive.

So now I am properly stuck.

User avatar
bigfoot65
Project Manager
Posts: 11455
Joined: Mon May 25, 2009 4:31 pm

Re: Access to web-apps externally is erratic

Postby bigfoot65 » Wed Oct 28, 2015 1:12 pm

Apps that function on port 80 typically do not work well with the change port guidance.

I recommend you use a VPN client and access the app via that method. It's more secure and easier to set up. There have been others that have had issues getting ownCloud working outside the network and that has been their solution.

Did you check out the ownCloud guidance in the wiki? There is a lot of details there on how to do certain tasks.

We hope to make exposing apps outside the network easier in Amahi 9. This is something that many users request, so hopefully we can make it reality soon.
ßîgƒσστ65
Applications Manager

batoum
Posts: 34
Joined: Sun Oct 04, 2015 3:53 am

Re: Access to web-apps externally is erratic

Postby batoum » Wed Oct 28, 2015 2:14 pm

Hi Bigfoot

Some more on the diagnosis...

So I checked to see if there was a problem with port forwarding from my router. When I forward the same port to my desktop I can see it is open, so that is okay.

When I use http://www.yougetsignal.com/tools/open-ports/ to check which ports are open, I notice that the ports that are used by SABNZBD, Couchpotato and Sickbeard are deemed to be open. However, the port that I am trying to use for Owncloud is not.

It would seem that those apps are making some changes in fedora that opens the ports on the server, which is consistent with the above. Do you have any insights into what/how?

Lastly, I did check the wiki (actually scour it) and didnt find a solution. I also did not come across any how-tos on the VPN. My concern with this solution is that it defeats the purpose of deploying ownCloud, namely the ability to sync files via their clients (desktop and mobile)

I will keep hunting...

User avatar
bigfoot65
Project Manager
Posts: 11455
Joined: Mon May 25, 2009 4:31 pm

Re: Access to web-apps externally is erratic

Postby bigfoot65 » Wed Oct 28, 2015 2:17 pm

ownCloud runs on port 80. So if you changed that, it could be there is something that needs done with the OS to allow the chosen port to be open.

Have you tried exposing it via port 80? The other apps you noted working fine all run on different ports. None of them use port 80 if I remember correctly.
ßîgƒσστ65
Applications Manager

batoum
Posts: 34
Joined: Sun Oct 04, 2015 3:53 am

Re: Access to web-apps externally is erratic

Postby batoum » Wed Oct 28, 2015 3:29 pm

Hi

I tried using port 80 and it timed out.

So when i enter 192.168.1.10:80 from a browser, it goes to the login for the amahi dashboard.

Any other ideas? It is very close to this discussion https://forum.owncloud.org/viewtopic.php?t=9669

Which means this seems like a good way forward...

User avatar
bigfoot65
Project Manager
Posts: 11455
Joined: Mon May 25, 2009 4:31 pm

Re: Access to web-apps externally is erratic

Postby bigfoot65 » Wed Oct 28, 2015 4:55 pm

Not sure if that will work. It's basically the same as you are doing now. Amahi uses virtual hosts with Apache, so the URL they mention will not work.

Did you check out the wiki as I suggested?
ßîgƒσστ65
Applications Manager

northridgegrp
Posts: 134
Joined: Sun Mar 07, 2010 9:54 am

Re: Access to web-apps externally is erratic

Postby northridgegrp » Thu Oct 29, 2015 6:01 am

Here are some places you should look for help on this:

1. ownCloud Admin Manual: https://doc.owncloud.org/server/8.1/admin_manual/
2. ownCloud Forum (get an ID and post your question) for the version of ownCloud you are using: https://forum.owncloud.org/
When discussing external connections you will get a lot of people from the ownCloud Community informing you to use HTTPS instead
of HTTP connections. They are really big on this. If you are using HTTPS they will be very helpful to you.

batoum
Posts: 34
Joined: Sun Oct 04, 2015 3:53 am

Re: Access to web-apps externally is erratic

Postby batoum » Thu Oct 29, 2015 12:44 pm

Bigfoot / Northridge - firstly thank you. I am getting closer and I dont know if I have an Owncloud or an Amahi/Fedora issue.

I set up a SSL as per the wiki here (https://wiki.amahi.org/index.php/Secure_App_Access), which kindly even tells you how to set up the Owncloud App.

When I did 192.168.1.10:443, it worked (yaaay!)

However, when i used https://username.yourhda.com:443 it redirects to the Owncloud8.amahi.net but it is a white screen. similarly, the owncloud app cannot detect a connection, which tells me there is a problem with the OC webserver (?? - note. first time with Linux).

Here are my two conf files - is there anything wrong with syntax? My guess is that i didnt get the re-direct correct???

Code: Select all

#This is for the HTTP => HTTPS redirect <VirtualHost *:80> ServerName owncloud8 ServerAlias owncloud8.amahi.net ServerAlias username.yourhda.com RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^.*$ https://username.yourhda.com [L,R] ExpiresDefault "access plus 10 years" AddOutputFilterByType DEFLATE text/html text/plain text/xml </VirtualHost>
and this is the main conf file

Code: Select all

<VirtualHost *:443> ServerName owncloud8 ServerAlias owncloud8.amahi.net ServerAlias username.yourhda.com SSLEngine On SSLCertificateFile /etc/pki/tls/certs/server.crt SSLCertificateKeyFile /etc/pki/tls/certs/server.key DocumentRoot /var/hda/web-apps/owncloud8/html <Directory "/var/hda/web-apps/owncloud8/html"> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory> ErrorLog /var/hda/web-apps/owncloud8/logs/error_log CustomLog /var/hda/web-apps/owncloud8/logs/access_log combined env=!dontlog </VirtualHost>
As always, thank you in advance

User avatar
bigfoot65
Project Manager
Posts: 11455
Joined: Mon May 25, 2009 4:31 pm

Re: Access to web-apps externally is erratic

Postby bigfoot65 » Thu Oct 29, 2015 2:35 pm

I would recommend you port forward 443 to 4443 or something similar. Then try it from outside your network.

We don't support the https modification that's in the wiki, so exercise extreme caution as it can cause erratic behavior with other apps potentially of the HDA dashboard.
ßîgƒσστ65
Applications Manager

batoum
Posts: 34
Joined: Sun Oct 04, 2015 3:53 am

Re: Access to web-apps externally is erratic

Postby batoum » Fri Oct 30, 2015 12:11 am

Sorry to keep hammering on this thread but I think the issue appears to be something with Amahi rather than Owncloud, but I could be wrong..

4443 didnt work. I got the Fedora test page. I then noticed an error in the https => http redirect in that

Code: Select all

RewriteRule ^.*$ https://username.yourhda.com [L,R]
should have remained

Code: Select all

RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
When i used that, all the internal links works (http://owncloud8, http://owncloud8.amahi.net, https:192.168.1.10:443) and I get to the Owncloud login page. [amahi.net is my home domain]

When I go to http://username.yourhda.com:443 it takes me to the Owncloud8 page asking me if I want to accept this as a trusted site and when I click yes, it redirects me to

https://owncloud8.amahi.net/index.php/s ... ourhda.com

I am using the owncloud install package, so is this an issue with Amahi? Or how Owncloud? Or both?

Who is online

Users browsing this forum: No registered users and 5 guests