Malformed Server Configuration when accessing from Nextcloud Android App via Cloudflare Tunnel

seamonster · 17 April 2023 08:16

Hi Fellow users out there, I really need help on the following:

I installed nextcloud on dietpi with the nginx option.
Through tailscale, i am able to access nextcloud perfectly via the android nextcloud app or ip address.
However, when i try to access via the cloudflare tunnel (subdomain.domain.com/nextcloud), i would get the malformed server configuration notification and unable to access nextcloud (no issue via web browser).

DietPi version |
G_DIETPI_VERSION_CORE=8
G_DIETPI_VERSION_SUB=16
G_DIETPI_VERSION_RC=2
G_GITBRANCH=‘master’
G_GITOWNER=‘MichaIng’
G_LIVE_PATCH_STATUS[0]=‘applied’
Distro version |
bullseye 0
Kernel version |
Linux DietPi 6.1.21-v8+ #1642 SMP PREEMPT Mon Apr 3 17:24:16 BST 2023 aarch64 GNU/Linux
Architecture | arm64
SBC model | RPi 4 Model B (aarch64)
SD card used | 32GB SanDisk ultra

Additional Information (if applicable)

Software title | Nextcloud
Fresh Install
Can this issue be replicated on a fresh installation of DietPi?

Security & setup warnings

It’s important for the security and performance of your instance that everything is configured correctly. To help you with that we are doing some automatic checks. Please see the linked documentation for more information.

There are some errors regarding your setup.

Last background job execution ran 53 years ago. Something seems wrong. [Check the background job settings ].
Accessing site insecurely via HTTP. You are strongly advised to set up your server to require HTTPS instead, as described in the [security tips ].
Your installation has no default phone region set. This is required to validate phone numbers in the profile settings without a country code. To allow numbers without a country code, please add “default_phone_region” with the respective [ISO 3166-1 code ] of the region to your config file.
You are currently running PHP 7.4.33. Upgrade your PHP version to take advantage of [performance and security updates provided by the PHP Group ] as soon as your distribution supports it.
The PHP OPcache module is not properly configured. See the [documentation ] for more information.
- The OPcache interned strings buffer is nearly full. To assure that repeating strings can be effectively cached, it is recommended to apply opcache.interned_strings_buffer to your PHP configuration with a value higher than 8.
The PHP module “imagick” is not enabled although the theming app is. For favicon generation to work correctly, you need to install and enable this module.
The PHP modules “gmp” and/or “bcmath” are not enabled. If you use WebAuthn passwordless authentication, these modules are required.

Jappe · 17 April 2023 09:16

Looks like an known, but unsolved problem:
Malformed server configuration · Issue #5459 · nextcloud/android · GitHub

Joulinar · 17 April 2023 16:39

why are you using cloudflare tunnel and tailscale?

seamonster · 18 April 2023 04:19

tailscale was installed on another machine in the network. i managed to use it for accessing this rpi4 that is running dietpi with nextcloud and cloudflare tunnel installed.

Joulinar · 18 April 2023 08:35

but what are you doing with cloudflare tunnel?

seamonster · 18 April 2023 08:53

the tunnel is for accessing the nextcloud server.

Joulinar · 18 April 2023 09:23

But this you do via tailscale as well? For me this sounds duplicate.

seamonster · 19 April 2023 02:16

eventually i am going to remove the device with tailscale. as i am using the free tier, i cannot have multiple users accessing it e.g. my family members unlike the cloudflared tunnel.

WarHawk · 20 April 2023 04:30

I believe there is an option when you build the cloudflare tunnel to ignore the ssl cert from the server so it doesn’t try to double it up…or get confused from trying to use the cert from the originating server

I saw it from techno tim…on his cloudflare tunnel YT video