Category: Nextcloud

The result of part I was being able to find users on the same system. Nice, but not the goal. Over the past weeks I spent some evenings glancing over the problem, hoping to read a post with a nice oneliner as a solution. No such luck.

Today I spent more time than I hoped, but did find part of the solution. The result is now that the webfinger testtool returns a result:

https://webfinger.net/lookup/?resource=wbk%40online.osba.nl

returns

Request log

18:20:13 Looking up WebFinger data for acct:wbk@online.osba.nl
18:20:13 GET https://online.osba.nl/.well-known/webfinger?resource=acct%3Awbk%40online.osba.nl

JSON Resource Descriptor (JRD)

{
  "subject": "acct:wbk@online.osba.nl",
  "links": [
    {
      "rel": "self",
      "type": "application/activity+json",
      "href": "http://online.osba.nl/nextcloud/nextcloud/index.php/apps/social/@wbk"
    },
    {
      "rel": "http://ostatus.org/schema/1.0/subscribe"
    }
  ]
}

It used to return an error, 404, not found.

More details are at the Yunohost forum, but the important bit is the configuration and where to put it. The config file is the Nginx-configuration at

/etc/nginx/conf.d/online.osba.nl.conf

There are two servers defined, one on port 80 and one on port 443. The first one had a preconfigured redirect, while there was none in the secure section. That was strange, but it didn’t raise any alarms with me. It turns out that the redirect has to be available over TSL as well, and that it has to be a combined redirect/rewrite.

• Redirect, because it is forwarded from .well-known/webfinger to nextcloud/public.php?service=webfinger.
• Rewrite, because it is to be rewritten from webfinger?resource=acct%3Awbk%40online.osba.nl to public.php?service=webfinger&resource=acct%3Awbk%40online.osba.nl .

The combined stanza looks like:

location = /.well-known/webfinger {
  rewrite ^ https://online.osba.nl/nextcloud/public.php?service=webfinger&$1 last; # $1 will use the first parameter (?resource=…)
}

Put this bit between the include-stanza’s and the log-definitions.

Even though the test at webfinger.org succeeds, I have no such succes when contacting this Nextcloud from a Nextcloud on another Yunohost.

To be continued…

Print this entry

The Nextcloud Social App nags about .well-known/webfinger being not set up properly:

.well-known/webfinger isn't properly set up!
Social needs the .well-known automatic discovery to be properly set up. If Nextcloud is not installed in the root of the domain, it is often the case that Nextcloud can't configure this automatically. To use Social, the admin of this Nextcloud instance needs to manually configure the .well-known redirects: Open documentation ↗

The documentation states that a line in the config is to be uncommented; since that block of configuration is not there in the nginx nextcloud.conf that Yunohost created, I added it just above the .well-known’s for carddav and caldav, ie, on top of the config.

The nextcloud instance does not run in the root of the domain, so the rewrite rule has to account for that:

# The following rule is only needed for the Social app.
# Uncomment it if you're planning to use this app.
rewrite ^/.well-known/webfinger /nextcloud/public.php?service=webfinger last;

After that things still don’t run smoothly, searching the Nextcloud forum pointed me to occ. First check the current config for the social app:

sudo -u nextcloud php ./occ config:list social
{
  "apps": {
    "social": {
      "address": "http:\/\/localhost\/index.php",
      "enabled": "yes",
      "installed_version": "0.1.4",
      "types": ""
    }
  }
}

Then update to the required domain:

sudo -u nextcloud php ./occ config:app:set social address --value="http://online.osba.nl/nextcloud/index.php"
Config value address for app social set to http://online.osba.nl/nextcloud/index.php

and check again

sudo -u nextcloud php ./occ config:list social
{
  "apps": {
    "social": {
      "address": "http:\/\/online.osba.nl\/nextcloud\/index.php",
      "enabled": "yes",
      "installed_version": "0.1.4",
      "types": ""
    }
  }
}

The warning about webfinger seems solved, but is replaced by a popup:

Failed to load account details wbk@online.osba.nl

After /var/www/nextcloud# sudo -u nextcloud php ./occ social:reset and confirming I was sure about resetting anything and everything social, I was able to ‘follow’ and ‘unfollow’ users on the same system.
Also possible, it seems, is following Nextcloud on Mastodon.xyz. No messages yet, though.
Not yet possible: following users on another nextcloud instance near here.

To be continued…

Print this entry