TrueNAS Electric Eel
dns server by cloudflare,
running Tailscale (with out subnets, with out exit node defined), pointing 443 and 80 traffic to nginx, forwarding relevant subdomains to ports of applications on machines ip, via http mostly, with LetsEncrypt SSL Certificates.
I tried this and many other sources but could not get Nextcloud Office to work since I switched to working with Cloudflare as a DNS.
the error is Document loading failed
failed to load Nextcloud Office…
I think I pinpointed the problem
I am not technical at all and have almost zero experience in networking, someone technical please please look at this, this took me days to find a hint.
FROM WHAT I SUSPECT, THIS IS RELEVANT FOR ANYONE HAVING PROBLEMS WITH OUTBOUND CONENCTIONS BEING BLOCKED BY ROUTER AND NO ACCESS TO ROUTER SETTINGS
necessary background:
i live in uni dorms and through some process requiring setting my personal pc on dhcp server, disconnecting tv digital converter ethernet and connecting to pc and then setting that ip to the truenas ethernet adapter i was able to get Ethernet connection - although officially im supposed to access only wifi.
this means i dont have access to any port forwarding/router settings.
recap:
trying to run nextcloud office via collabora server both hosted as native apps on truenas scale machine.
back to the problem:
when i followed the guide in the link, when setting the server url on nextcloud office settings i was getting timeout error, so i just set the external ip of my truenas machine and it seemed to work (green check and good urls).
but when loading documents they fail to load via error described above.
I red yesterday about how collabora server and nextcloud work and saw that they communicated directly with eachother, this got me thinking.
Today I randomly tried pinging the colabora domain via my truenas cli shell, but it didnt work.
why would it not work?
I pinged from a tailnet machine and it worked, exit node is not setup (I removed it when troubleshooting) - in my head this might prevent the exit machine to communicate outward? so maybe it cant connect only via router, correct me if im wrong please)
then on the truenas cli shell I tried nslookup https://collabora-domain:
some-admin-user-name@truenas[~]$ nslookup https://collabora-domain
Server: router-default-gateway
Address: router-default-gateway#53
** server can’t find https://collabora-domain: NXDOMAIN
I had setup my dorms router as default gateway on the TrueNAS machine, and now i suspect it is blocking communication somehow from collabora server to nextcloud.
since I have no way to tinker with router settings, as I see it I have 2 options:
- set the default gateway of the TrueNAS to the tailscale:
I dont see tailscale adapter running “ip route”, so it is probably not transparent, so I cant see the adapter and dont know any default-gateway to point towards. my understanding of tailscale infrustructure behind the scenes is very limited so I think this option is less relevant. - since I host nextcloud and collabora on the same truenas server, somehow point outbound https://nextcloud-domain and https://collabora-domain to localhost:relevant-port instead of going to router.
how do apply the second option?
edit:
just to clarify,
I set all settings according to the above link.
EXCEPT the nextcloud office’s “own-server” url: i set to truenas external ip - because my collabora domain would timeout.
https://collabora-domain/hosting/discovery - shows xml with correct public domain and scheme
collabora WebUI would let me connect to admin panel
https://nextcloud-domain is connecting with no problems
Im trying no to configure something with Pihole local dns:
- using Pihole as a first nameserver on Truenas,
- switching with cname records the domains to other domain names (example collabora.domain → pihole.collabora.domain),
- route those request to nginx as proxy
- setup nginx to route pihole.* domains to truenasip:(service-port)
Im stuck at step 3 since at my setup nginx is in a container sharing truenas machine ip on (nginx-port) and gets the traffic on ports 80/443 through tailscale container, and tailscale ip is unreachable to truenas machine so I cant forward the pihole.* domains to the tailscale ip.
need some way to route outbound request through nginx (to use it as a proxy aswell).
anyone knows? cant get it to work