Cannot get nextcloud listening on port 82

Question

I've installed nextcloud with snap and configured it to listen to port 82 with sudo snap set nextcloud ports.http=82, firewal is opened on that port as well but it doesn't respond.

investigating, it seems that it's listening to port 82 but on ipv6 only (pid 5231):

ubuntuadmin@ubuntu-1804-srv:~$ sudo netstat -tulpn
[sudo] password for ubuntuadmin:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:9236          0.0.0.0:*               LISTEN      2476/gitaly
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      844/systemd-resolve
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1275/sshd
tcp        0      0 127.0.0.1:3000          0.0.0.0:*               LISTEN      2464/grafana-server
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      1711/master
tcp        0      0 0.0.0.0:5050            0.0.0.0:*               LISTEN      2351/nginx: master
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      2351/nginx: master
tcp        0      0 0.0.0.0:8060            0.0.0.0:*               LISTEN      2351/nginx: master
tcp        0      0 127.0.0.1:9121          0.0.0.0:*               LISTEN      2400/redis_exporter
tcp        0      0 127.0.0.1:9090          0.0.0.0:*               LISTEN      2412/prometheus
tcp        0      0 127.0.0.1:9187          0.0.0.0:*               LISTEN      2438/postgres_expor
tcp        0      0 127.0.0.1:9093          0.0.0.0:*               LISTEN      2420/alertmanager
tcp        0      0 127.0.0.1:5000          0.0.0.0:*               LISTEN      2488/registry
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      1512/mysqld
tcp        0      0 127.0.0.1:9100          0.0.0.0:*               LISTEN      2419/node_exporter
tcp        0      0 127.0.0.1:9229          0.0.0.0:*               LISTEN      2239/gitlab-workhor
tcp        0      0 127.0.0.1:8080          0.0.0.0:*               LISTEN      3156/unicorn master
tcp        0      0 127.0.0.1:9168          0.0.0.0:*               LISTEN      2418/puma 4.3.1.git
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      2351/nginx: master
tcp        0      0 127.0.0.1:8082          0.0.0.0:*               LISTEN      2368/sidekiq 5.2.7
tcp6       0      0 :::22                   :::*                    LISTEN      1275/sshd
tcp6       0      0 :::25                   :::*                    LISTEN      1711/master
tcp6       0      0 :::9094                 :::*                    LISTEN      2420/alertmanager
tcp6       0      0 ::1:9168                :::*                    LISTEN      2418/puma 4.3.1.git
tcp6       0      0 :::82                   :::*                    LISTEN      5231/httpd
udp        0      0 127.0.0.53:53           0.0.0.0:*                           844/systemd-resolve
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           4558/mdns-publisher
udp6       0      0 :::9094                 :::*                                2420/alertmanager
udp6       0      0 :::5353                 :::*                                4558/mdns-publisher

(nginx is for Gitlab)

Why ?? What do I have to change or add to tell him to listen on tcp:?

Regards,

score 2 · Answer 1 · answered Jan 22 '20 at 08:33

From the snap source, it seems apache is set up to listen on IPv4-mapped IPv6 socket:

If you want Apache to handle IPv4 and IPv6 connections with a minimum of sockets, which requires using IPv4-mapped IPv6 addresses, specify the --enable-v4-mapped configure option and use generic Listen directives like the following:

Listen 80

With --enable-v4-mapped, the Listen directives in the default configuration file created by Apache will use this form. --enable-v4-mapped is the default on all platforms but FreeBSD, NetBSD, and OpenBSD, so this is probably how your Apache was built.

If you want Apache to handle IPv4 connections only, regardless of what your platform and APR will support, specify an IPv4 address on all Listen directives, as in the following examples:

Listen 0.0.0.0:80 Listen 192.170.2.1:80

This Github issue seems to also support my theory.

Until that gets fixed I see a couple of options to work around:

use socat to set up forwarding from ipv4 to ipv6 (see this SE answer)
use workaround provided on github (which basically involves setting up nginx and reverse-proxying the apache)
tweak the file and rebuild the snap from source?

Maybe it's the solution to my problem but as I'm really not expert in web server configuration, I don't really see how to adapt it in that case. As I said, I already have a nginx server running Gitlab on port 80. — fralbo, Jan 24 '20 at 07:50
What about `socat` then? Seems pretty easy and should do the job. — timur, Jan 24 '20 at 07:52
`socat TCP4-LISTEN:82,fork,su=nobody TCP6:[::1]:82` should probably do the trick in your case. Just make sure to run this as root because 82 is a privileged port — timur, Jan 24 '20 at 08:04
In fact after 2 weeks I tried to access just now to nextcloud through the defined port 82 and it works. I didn't do anything, nextcloud is always listening on ipv6 but I supposed that a leprechaun came on my server and fixed the problem... Sorry, I really cannot explain what happened. — fralbo, Jan 24 '20 at 08:06

Cannot get nextcloud listening on port 82

1 Answers1