run Pi-hole and Own/Nextcloud alongside Topic is solved

Having issues with your DietPi installation or found a bug? Post it here.
fillip
Posts: 6
Joined: Sun Jun 20, 2021 11:49 am

run Pi-hole and Own/Nextcloud alongside

Post by fillip »

hello,

i installed pihole and nextcloud via dietpi-software. my webserver is lighttpd, and i have a ddns with no-ip. now when i try to acces nextcloud from within my network i get always redirected to pihole/admin. when i use wan (http://ddns/nextcloud) i get 404 not found. accessing pi-hole from outside is 404 forbidden, which is fine.
i'm sure i got some adjustments to do int the lighttpd config files, but i dont know where or how.

is there any simple step by step tutorial i can use to make nextcloud accessible for me over wan, while accessing pi-hole from within lan?

thank you very much
User avatar
Joulinar
Posts: 5090
Joined: Sat Nov 16, 2019 12:49 am

Re: run Pi-hole and Own/Nextcloud alongside

Post by Joulinar »

Usually both are running fine next to each other. Did you do a PiHole repair in the past? This usually overwrite our DietPi configuration.

Can you share following

Code: Select all

cat /etc/lighttpd/lighttpd.conf
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
fillip
Posts: 6
Joined: Sun Jun 20, 2021 11:49 am

Re: run Pi-hole and Own/Nextcloud alongside

Post by fillip »

Code: Select all

# Pi-hole: A black hole for Internet advertisements
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# Lighttpd config for Pi-hole
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.

###############################################################################
#     FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE.     #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
#                                                                             #
#              CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE:              #
#                         /etc/lighttpd/external.conf                         #
###############################################################################

server.modules = (
	"mod_access",
    "mod_accesslog",
    "mod_auth",
    "mod_expire",
    "mod_compress",
    "mod_redirect",
	"mod_setenv",
    "mod_rewrite"
)

server.document-root        = "/var/www/html"
server.error-handler-404    = "/pihole/index.php"
server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
server.errorlog             = "/var/log/lighttpd/error.log"
server.pid-file             = "/run/lighttpd.pid"
server.username             = "www-data"
server.groupname            = "www-data"
server.port                 = 80
accesslog.filename          = "/var/log/lighttpd/access.log"
accesslog.format            = "%{%s}t|%V|%r|%s|%b"

index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )


**************************************************

#$HTTP["remoteip"] !~ "192.168.1.*" {
   # Deny access to all by Nextcloud
#   $HTTP["url"] !~ "^/nextcloud" {
#     url.access-deny = ( "" )
#  }
#}

*****************************************************



compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype  = (
    "application/json",
    "application/vnd.ms-fontobject",
    "application/xml",
    "font/eot",
    "font/opentype",
    "font/otf",
    "font/ttf",
    "image/bmp",
    "image/svg+xml",
    "image/vnd.microsoft.icon",
    "image/x-icon",
    "text/css",
    "text/html",
    "text/javascript",
    "text/plain",
    "text/xml"
)

mimetype.assign = (
    ".ico"   => "image/x-icon",
    ".jpeg"  => "image/jpeg",
    ".jpg"   => "image/jpeg",
    ".png"   => "image/png",
    ".svg"   => "image/svg+xml",
    ".css"   => "text/css; charset=utf-8",
    ".html"  => "text/html; charset=utf-8",
    ".js"    => "text/javascript; charset=utf-8",
    ".json"  => "application/json; charset=utf-8",
    ".map"   => "application/json; charset=utf-8",
    ".txt"   => "text/plain; charset=utf-8",
    ".eot"   => "application/vnd.ms-fontobject",
    ".otf"   => "font/otf",
    ".ttc"   => "font/collection",
    ".ttf"   => "font/ttf",
    ".woff"  => "font/woff",
    ".woff2" => "font/woff2"
)

# Add user chosen options held in external file
# This uses include_shell instead of an include wildcard for compatibility
include_shell "cat external.conf 2>/dev/null"

# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port

# Prevent Lighttpd from enabling Let's Encrypt SSL for every blocked domain
#include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include \"%p\"\n' 2>/dev/null"

# If the URL starts with /admin, it is the Web interface
$HTTP["url"] =~ "^/admin/" {
    # Create a response header for debugging using curl -I
    setenv.add-response-header = (
        "X-Pi-hole" => "The Pi-hole Web interface is working!",
        "X-Frame-Options" => "DENY"
    )

    $HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
        # Allow Block Page access to local fonts
        setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
    }
}

# Block . files from being served, such as .git, .github, .gitignore
$HTTP["url"] =~ "^/admin/\.(.*)" {
    url.access-deny = ("")
}

# Default expire header
expire.url = ( "" => "access plus 0 seconds" )
hello,
this is my lighttpd.conf file (sorry i just copy/pasted it, didn't know how else to do it), within the file there are a few lines between the asterik signs, that i copied in. i think i found that in a topic on this forum, not sure though.
i don't recall having done any repair on pihole...
User avatar
Joulinar
Posts: 5090
Joined: Sat Nov 16, 2019 12:49 am

Re: run Pi-hole and Own/Nextcloud alongside

Post by Joulinar »

Yes this is the PiHole own configuration and not the DietPi one. Just to be sure, you installed PiHole from

Code: Select all

dietpi-software
catalogue?

I can copy our config file later the day as I'm out right now and just online using my mobile
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
fillip
Posts: 6
Joined: Sun Jun 20, 2021 11:49 am

Re: run Pi-hole and Own/Nextcloud alongside

Post by fillip »

Code: Select all

│          
          │    [ ] 0    OpenSSH Client: Feature-rich SSH, SFTP and SCP client                                                    │          
          │    [ ] 3    MC: midnight commander, powerful file manager                                                            │          
          │    [ ] 7    FFmpeg: Audio & video codec libary and programs                                                          │          
          │    [ ] 10   iftop: displays bandwidth usage information                                                              │          
          │    [ ] 11   IPTraf: interactive colorful ip lan monitor                                                              │          
          │    [ ] 12   Iperf: internet protocol bandwidth measuring tool                                                        │          
          │    [ ] 13   MTR-Tiny: full screen ncurses traceroute tool                                                            │          
          │    [ ] 14   nLoad: realtime console network usage monitor                                                            │          
          │    [ ] 15   tcpdump: command-line network traffic analyzer                                                           │          
          │    [ ] 17   Git: Clone and manage Git repositories locally                                                           │          
          │    [ ] 18   Emacs: gnu emacs editor                                                                                  │          
          │    [ ] 42   Plex Media Server: web interface media streaming server                                                  │          
          │    [ ] 46   qBittorrent: bittorrent server with web interface (c++)                                                  │          
          │    [ ] 47   ownCloud: File sync, sharing and collaboration platform                                                  │          
          │    [ ] 50   Syncthing: backup and sync server with web interface                                                     │          
          │    [ ] 57   Baïkal: lightweight caldav + carddav server                                                              │          
          │    [ ] 66   RPi-Monitor: web interface system stats                                                                  │          
          │    [ ] 81   LLSP: Lighttpd | SQLite  | PHP                                                                           │          
          │    [ ] 82   LLMP: Lighttpd | MariaDB | PHP                                                                           │          
          │    [ ] 84   Lighttpd: Extremely lightweight webserver                                                                │          
          │    [ ] 87   SQLite: Persistent single-file database system                                                           │          
          │    [ ] 88   MariaDB: Persistent cached file-per-table database server                                                │          
          │    [ ] 89   PHP: Hypertext Preprocessor for dynamic web content                                                      │          
          │    [ ] 91   Redis: Volatile in-memory non-SQL database server                                                        │          
          │    [ ] 93   Pi-hole: block adverts for any device on your network                                                    │          
          │    [ ] 94   ProFTPD: Efficient, lightweight FTP server                                                               │          
          │    [ ] 97   OpenVPN: vpn server                                                                                      │          
          │    [ ] 103  DietPi-RAMlog: minimal, optimised logging                                                                │          
          │    [ ] 104  Dropbear: Lightweight SSH server                                                                         │          
          │    [ ] 109  NFS Server: Network File System server                                                                   │          
          │    [ ] 110  NFS Client: network file system client                                                                   │          
          │    [ ] 114  Nextcloud: File sync, sharing and collaboration platform                                                 │          
          │    [ ] 117  PiVPN: openvpn/wireguard server install & management tool                                                │          
          │    [ ] 130  Python 3: Runtime system, pip package installer and development headers                                  │          
          │    [ ] 134  Docker Compose: Manage multi-container Docker applications                                               │          
          │    [ ] 152  Avahi-Daemon: hostname broadcast (mac, pc bonjour)                                                       │          
          │    [ ] 162  Docker: Build, ship, and run distributed applications                                                    │          
          │    [ ] 170  UnRAR: unarchiver for .rar files                                                                         │          
          │    [ ] 182  Unbound: validating, recursive, caching DNS resolver                                                     │          
          │    [ ] 185  Portainer: Simplifies container management in Docker (standalone host)



that's my software list.
i port forwarded 51820->51820 for wireguard, which works
and 80->80 for http in my router.


i did try some things, like lighty-enable-mod simple-vhost and lighty-enable-mod owncloud... though. but i didn't work before either...

thank you for helping!
User avatar
Joulinar
Posts: 5090
Joined: Sat Nov 16, 2019 12:49 am

Re: run Pi-hole and Own/Nextcloud alongside

Post by Joulinar »

As I told, your web server configuration file is an incorrect one. It has been overwritten with a PiHole specific one. This is now preventing you from access Nextcloud. I will post the correct file later the day. Next to this, you would need to forward port 443 as well if you like to enable HTTPS in your web server.

But first things first, let's correct the web server configuration before doing other thinks like HTTPS
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
User avatar
Joulinar
Posts: 5090
Joined: Sat Nov 16, 2019 12:49 am

Re: run Pi-hole and Own/Nextcloud alongside

Post by Joulinar »

pls replace web server configuration as follow as user root

Code: Select all

mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.save
nano /etc/lighttpd/lighttpd.conf
simply mark whole block and copy following inside

Code: Select all

server.modules = (
        "mod_indexfile",
        "mod_setenv",
        "mod_access",
        "mod_alias",
        "mod_redirect",
        "mod_accesslog",
)

server.document-root        = "/var/www"
server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
server.errorlog             = "/var/log/lighttpd/error.log"
server.pid-file             = "/var/run/lighttpd.pid"
server.username             = "www-data"
server.groupname            = "www-data"
server.port                 = 80
accesslog.filename          = "/var/log/lighttpd/access.log"

# strict parsing and normalization of URL for consistency and security
# https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails
# (might need to explicitly set "url-path-2f-decode" = "disable"
#  if a specific application is encoding URLs inside url-path)
server.http-parseopts = (
  "header-strict"           => "enable",# default
  "host-strict"             => "enable",# default
  "host-normalize"          => "enable",# default
  "url-normalize-unreserved"=> "enable",# recommended highly
  "url-normalize-required"  => "enable",# recommended
  "url-ctrls-reject"        => "enable",# recommended
  "url-path-2f-decode"      => "enable",# recommended highly (unless breaks app)
 #"url-path-2f-reject"      => "enable",
  "url-path-dotseg-remove"  => "enable",# recommended highly (unless breaks app)
 #"url-path-dotseg-reject"  => "enable",
 #"url-query-20-plus"       => "enable",# consistency in query string
)

index-file.names            = ( "index.php", "index.html" )
url.access-deny             = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

compress.cache-dir          = "/var/cache/lighttpd/compress/"
compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )

# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.conf.pl"
include "/etc/lighttpd/conf-enabled/*.conf"

#server.compat-module-load   = "disable"
server.modules += (
        "mod_compress",
        "mod_dirlisting",
        "mod_staticfile",
)
and restart the web server

Code: Select all

systemctl restart lighttpd.service
let's check available as well as enabled configuration

Code: Select all

ls -la /etc/lighttpd/conf-{available,enabled}
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
fillip
Posts: 6
Joined: Sun Jun 20, 2021 11:49 am

Re: run Pi-hole and Own/Nextcloud alongside

Post by fillip »

Joulinar wrote: Sun Jun 20, 2021 11:13 pm pls replace web server configuration as follow as user root

Code: Select all

mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.save
nano /etc/lighttpd/lighttpd.conf
simply mark whole block and copy following inside

Code: Select all

server.modules = (
        "mod_indexfile",
        "mod_setenv",
        "mod_access",
        "mod_alias",
        "mod_redirect",
        "mod_accesslog",
)

server.document-root        = "/var/www"
server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
server.errorlog             = "/var/log/lighttpd/error.log"
server.pid-file             = "/var/run/lighttpd.pid"
server.username             = "www-data"
server.groupname            = "www-data"
server.port                 = 80
accesslog.filename          = "/var/log/lighttpd/access.log"

# strict parsing and normalization of URL for consistency and security
# https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails
# (might need to explicitly set "url-path-2f-decode" = "disable"
#  if a specific application is encoding URLs inside url-path)
server.http-parseopts = (
  "header-strict"           => "enable",# default
  "host-strict"             => "enable",# default
  "host-normalize"          => "enable",# default
  "url-normalize-unreserved"=> "enable",# recommended highly
  "url-normalize-required"  => "enable",# recommended
  "url-ctrls-reject"        => "enable",# recommended
  "url-path-2f-decode"      => "enable",# recommended highly (unless breaks app)
 #"url-path-2f-reject"      => "enable",
  "url-path-dotseg-remove"  => "enable",# recommended highly (unless breaks app)
 #"url-path-dotseg-reject"  => "enable",
 #"url-query-20-plus"       => "enable",# consistency in query string
)

index-file.names            = ( "index.php", "index.html" )
url.access-deny             = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

compress.cache-dir          = "/var/cache/lighttpd/compress/"
compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )

# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.conf.pl"
include "/etc/lighttpd/conf-enabled/*.conf"

#server.compat-module-load   = "disable"
server.modules += (
        "mod_compress",
        "mod_dirlisting",
        "mod_staticfile",
)
and restart the web server

Code: Select all

systemctl restart lighttpd.service
let's check available as well as enabled configuration

Code: Select all

ls -la /etc/lighttpd/conf-{available,enabled}

hello,

thank you very much, i replaced the lighttpd.conf file as you said, and that fixed it. i am now able to get to the login page of my nextcloud server. :)
User avatar
Joulinar
Posts: 5090
Joined: Sat Nov 16, 2019 12:49 am

Re: run Pi-hole and Own/Nextcloud alongside

Post by Joulinar »

let's check available as well as enabled configuration to be sure all fine now.

Code: Select all

ls -la /etc/lighttpd/conf-{available,enabled}
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
fillip
Posts: 6
Joined: Sun Jun 20, 2021 11:49 am

Re: run Pi-hole and Own/Nextcloud alongside

Post by fillip »

Joulinar wrote: Sun Jun 20, 2021 11:36 pm let's check available as well as enabled configuration to be sure all fine now.

Code: Select all

ls -la /etc/lighttpd/conf-{available,enabled}
ok, here is the output:

Code: Select all

 ls -la /etc/lighttpd/conf-{available,enabled}
/etc/lighttpd/conf-available:
total 132
drwxr-xr-x 2 root root 4096 Jun 20 13:30 .
drwxr-xr-x 4 root root 4096 Jun 20 22:19 ..
-rw-r--r-- 1 root root  839 Sep 18  2020 05-auth.conf
-rw-r--r-- 1 root root   91 Sep 27  2019 10-accesslog.conf
-rw-r--r-- 1 root root  396 Sep 27  2019 10-cgi.conf
-rw-r--r-- 1 root root   63 Sep 27  2019 10-dir-listing.conf
-rw-r--r-- 1 root root   36 Sep 27  2019 10-evasive.conf
-rw-r--r-- 1 root root  128 Sep 27  2019 10-evhost.conf
-rw-r--r-- 1 root root  104 Sep 27  2019 10-expire.conf
-rw-r--r-- 1 root root  177 Sep 27  2019 10-fastcgi.conf
-rw-r--r-- 1 root root   42 Sep 27  2019 10-flv-streaming.conf
-rw-r--r-- 1 root root   82 Sep 27  2019 10-no-www.conf
-rw-r--r-- 1 root root  849 Sep 27  2019 10-proxy.conf
-rw-r--r-- 1 root root  176 Sep 27  2019 10-rewrite.conf
-rw-r--r-- 1 root root  253 Sep 27  2019 10-rrdtool.conf
-rw-r--r-- 1 root root  398 Sep 27  2019 10-simple-vhost.conf
-rw-r--r-- 1 root root  449 Sep 27  2019 10-sockproxy.conf
-rw-r--r-- 1 root root   99 Sep 27  2019 10-ssi.conf
-rw-r--r-- 1 root root  203 Sep 18  2020 10-ssl.conf
-rw-r--r-- 1 root root  460 Sep 27  2019 10-status.conf
-rw-r--r-- 1 root root  450 Sep 27  2019 10-userdir.conf
-rw-r--r-- 1 root root   38 Sep 27  2019 10-usertrack.conf
-rw-r--r-- 1 root root  168 Sep 27  2019 11-extforward.conf
-rw-r--r-- 1 root root  372 Jun 15 18:00 15-fastcgi-php.conf
-rw-r--r-- 1 root root  508 Sep 27  2019 90-debian-doc.conf
-rw-r--r-- 1 root root  173 Jun 15 19:01 99-dietpi-baikal.conf
-rw-r--r-- 1 root root  176 Jun 15 19:01 99-dietpi-dav_redirect.conf
-rw-r--r-- 1 root root 1299 Jun 19 11:11 99-dietpi-nextcloud.conf
-rw-r--r-- 1 root root 1010 Jun 20 13:18 99-dietpi-owncloud.conf
-rw-r--r-- 1 root root  189 Jun 15 18:03 99-dietpi-pihole-block_public_admin.conf
-rw-r--r-- 1 root root  790 Jun 15 18:03 99-dietpi-pihole.conf
-rw-r--r-- 1 root root  162 Sep 27  2019 99-unconfigured.conf
-rw-r--r-- 1 root root  843 Sep 27  2019 README

Code: Select all

/etc/lighttpd/conf-enabled:
total 8
drwxr-xr-x 2 root root 4096 Jun 20 15:32 .
drwxr-xr-x 4 root root 4096 Jun 20 22:19 ..
lrwxrwxrwx 1 root root   33 Jun 15 18:00 10-fastcgi.conf -> ../conf-available/10-fastcgi.conf
lrwxrwxrwx 1 root root   33 Jun 15 18:00 10-rewrite.conf -> ../conf-available/10-rewrite.conf
lrwxrwxrwx 1 root root   38 Jun 20 15:32 10-simple-vhost.conf -> ../conf-available/10-simple-vhost.conf
lrwxrwxrwx 1 root root   37 Jun 15 18:00 15-fastcgi-php.conf -> ../conf-available/15-fastcgi-php.conf
lrwxrwxrwx 1 root root   39 Jun 15 19:01 99-dietpi-baikal.conf -> ../conf-available/99-dietpi-baikal.conf
lrwxrwxrwx 1 root root   45 Jun 15 18:00 99-dietpi-dav_redirect.conf -> ../conf-available/99-dietpi-dav_redirect.conf
lrwxrwxrwx 1 root root   42 Jun 20 12:18 99-dietpi-nextcloud.conf -> ../conf-available/99-dietpi-nextcloud.conf
lrwxrwxrwx 1 root root   41 Jun 20 13:18 99-dietpi-owncloud.conf -> ../conf-available/99-dietpi-owncloud.conf
lrwxrwxrwx 1 root root   58 Jun 15 18:08 99-dietpi-pihole-block_public_admin.conf -> ../conf-available/99-dietpi-pihole-block_public_admin.conf
lrwxrwxrwx 1 root root   39 Jun 15 18:03 99-dietpi-pihole.conf -> ../conf-available/99-dietpi-pihole.conf
lrwxrwxrwx 1 root root   38 Jun 15 16:19 99-unconfigured.conf -> ../conf-available/99-unconfigured.conf

/root [root@DietPi] [22:45]
>
Post Reply