Re: periodic network access failure when accessing nextcloud via relayd
On Thu, Apr 01, 2021 at 01:47:11PM -0600, Ashlen wrote: > On 21/03/31 23:50, Joel Carnat wrote: > > Hello, > > > > I have Nextcloud 21 running with php-7.4, httpd(8) and relayd(8). > > On my laptop, a script regularly runs nextcloudcmd to synchonize the files > > with the nextcloud instance. And quite often, nextcloudcmd returns such > > error: > > 03-31 23:28:56:089 [ info nextcloud.sync.networkjob.lscol ]:LSCOL of > > > > QUrl("https://nextcloud.tumfatig.net/remote.php/dav/files/user85419/Uploads;) > > FINISHED > > WITH STATUS "UnknownNetworkError Network access is disabled." > > I did some reading on the issue.[1][2][3] It appears to affect some > users on other platforms if the 'Use system proxy' setting on the desktop > client is enabled (though some reported that the presence/absence of the > option didn't seem to affect anything). > Thanks. I found those links and tried to set parameters on the nextcloudcmd. But I couldn't find how to say "don't try to use a proxy". So I'm not sure if it tries to do something with that setting or not. I also tried passing the credential via .netrc or via parameters. But that didn't change anything. > As an experiment, you could temporarily disable keep-alive in relayd.conf(5). > It probably won't fix anything (in which case you can revert it), but it's > worth trying imo. I have tried it and it doesn't change the erroneous behaviour. I also tried to set a tcp protocol forward rule (based on SSH example from manpage) but the failures also happen. Finally I trie using a hostname in the table definition (rather than using 127.0.0.1) but that was no luck. I wrote a script that would run the GET and PROPFIND commands found in the logs, using curl. And those never fail. So this would look like nextcloudcmd has something buggy. But using nextcloudcmd to connect directly to httpd (via ssh tunnel) also make the failure disappear. The only work-around I can see now is to modify my crontab to ensure consecutive syncs don't happen too frequently... Regards, Jo
Re: periodic network access failure when accessing nextcloud via relayd
On 21/03/31 23:50, Joel Carnat wrote: > Hello, > > I have Nextcloud 21 running with php-7.4, httpd(8) and relayd(8). > On my laptop, a script regularly runs nextcloudcmd to synchonize the files > with the nextcloud instance. And quite often, nextcloudcmd returns such error: > 03-31 23:28:56:089 [ info nextcloud.sync.networkjob.lscol ]:LSCOL of > > QUrl("https://nextcloud.tumfatig.net/remote.php/dav/files/user85419/Uploads;) > FINISHED > WITH STATUS "UnknownNetworkError Network access is disabled." I did some reading on the issue.[1][2][3] It appears to affect some users on other platforms if the 'Use system proxy' setting on the desktop client is enabled (though some reported that the presence/absence of the option didn't seem to affect anything). As an experiment, you could temporarily disable keep-alive in relayd.conf(5). It probably won't fix anything (in which case you can revert it), but it's worth trying imo. https://marc.info/?l=openbsd-misc=150287292709311=2 [1]: https://github.com/nextcloud/desktop/issues/482 [2]: https://github.com/nextcloud/desktop/issues/865 [3]: https://github.com/nextcloud/desktop/issues/2628 -- https://amissing.link
periodic network access failure when accessing nextcloud via relayd
Hello, I have Nextcloud 21 running with php-7.4, httpd(8) and relayd(8). On my laptop, a script regularly runs nextcloudcmd to synchonize the files with the nextcloud instance. And quite often, nextcloudcmd returns such error: 03-31 23:28:56:089 [ info nextcloud.sync.networkjob.lscol ]:LSCOL of QUrl("https://nextcloud.tumfatig.net/remote.php/dav/files/user85419/Uploads;) FINISHED WITH STATUS "UnknownNetworkError Network access is disabled." Both run OpenBSD 6.8/amd64. It seems that it only happens when I access nextcloud via relayd. If I access nextcloud straight via httpd, the error never pops up. Running relayd in debug mode, I saw the following difference: * when traffic works ok relay https_lan, session 2 (1 active), 0, 192.168.1.76 -> :8083, done, [Host: nextcloud.tumfatig.net] [User-Agent: Mozilla/5.0 (OpenBSD) mirall/3.0.1git (Nextcloud)] [nextcloud.tumfatig.net/ocs/v1.php/cloud/capabilities: format=json] GET -> 127.0.0.1:8083; [Host: nextcloud.tumfatig.net] [User-Agent: Mozilla/5.0 (OpenBSD) mirall/3.0.1git (Nextcloud)] [nextcloud.tumfatig.net/remote.php/dav/files/user85419/Uploads] PROPFIND; * when the error occurs relay https_lan, session 1 (1 active), 0, 192.168.1.76 -> 127.0.0.1:8083, done, [Host: nextcloud.tumfatig.net] [User-Agent: Mozilla/5.0 (OpenBSD) mirall/3.0.1git (Nextcloud)] [nextcloud.tumfatig.net/ocs/v1.php/cloud/capabilit ies: format=json] GET -> 127.0.0.1:8083; As you may notice, we can see "192.168.1.76 -> :8083" when it's working and "192.168.1.76 -> 127.0.0.1:8083" when it fails. But I can't see the reason for it in my relayd configuration. I've attached it to this mail. Any thoughts on what I'm doing wrong? Thank you, Jo # vim: ft=pf syntax=pf lan_ip="192.168.1.1" table { 127.0.0.1 } table { 127.0.0.1 } table { 127.0.0.1 } log state changes log connection # HTTP ### http protocol "http" { match header log "Host" match header log "X-Forwarded-For" match header log "User-Agent" match header log "Referer" match url log match header set "X-Forwarded-For" value "$REMOTE_ADDR" match header set "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT" match header set "Keep-Alive" value "$TIMEOUT" match response header set "X-Powered-By" value "Powered by OpenBSD" match request path "/.well-known/acme-challenge/*" forward to tcp { nodelay, socket buffer 65536, backlog 100 } } relay "http" { listen on $lan_ip port 80 protocol "http" forward to port 8080 check tcp # HTTP to HTTPS redirection forward to port 8081 check tcp # Let's Encrypt renewal } # HTTPS ## http protocol "https" { match header log "Host" match header log "X-Forwarded-For" match header log "User-Agent" match header log "Referer" match url log match header set "X-Forwarded-For" value "$REMOTE_ADDR" match header set "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT" match header set "Keep-Alive" value "$TIMEOUT" match response header set "X-Powered-by" value "OpenBSD" tcp { nodelay, socket buffer 65536, backlog 100 } tls keypair nextcloud.tumfatig.net # Default block block request path "/*" # Allow Let's Encrypt operations pass request path "/.well-known/acme-challenge/*" forward to # Nextcloud pass request forward to } relay "https_lan" { listen on $lan_ip port 443 tls protocol "https" forward to port 8081 check tcp # Let's Encrypt renewal forward to port 8083 check tcp # Nextcloud }