.well-known/webfinger isn't properly set up!

[dabbill]

Describe the bug Error ".well-known/webfinger isn't properly set up!" is showing up when I open the social app. The error was showing under settings --> overview, but since I added the rewrite rules to Nextcloud config it has went away on the overview section. It still remains when I open the Social app. I also attempted to create a test post. I am not able to see the post. When I click on "Profile" it says no posts found. Just above that is says 1 post right next to my username.

Expected behavior No error should be shown if rewrites are setup correctly, also should be able to see posts that are made.

Client details:

• OS: Pop_OS 18.10
• Browser: Firefox 64

Server details

**Social app version:** 0.1.1

Operating system: Fedora 28 LXC

Web server: Nginx

Database: mysql

PHP version: 7.2.13

Nextcloud version: (see Nextcloud admin page) 15.0.0.10

[juliushaertl]

Is your configured url the social app uses reachable from within the lxc container?

@daita How do you think about getting rid of the very prominent message in the social app, since we have a setup check in the general settings for that anyway? Since our check is done from the Nextcloud server causes more issues than it helps with.

[ArtificialOwl]

We need to provide more details when displaying that error, like the full address used as base by the Social app. This could be the issue here:

./occ config:app:get social address

Please check if the returned address have the .well-known configured.

[dabbill]

When I run the occ command, I get https://nextcloud.domain.com That is the correct URL to reach my nextcloud instance.

[ArtificialOwl]

let's assume your account is dabbill, what do you have when opening

https://nextcloud.domain.com/.well-known/webfinger?resource=acct:[email protected]

[ArtificialOwl]

Also, as you're using nginx, you might need to apply some configuration:

https://github.com/nextcloud/documentation/pull/877/files

[dabbill]

Here is the raw output. {"subject":"acct:[email protected]","links":[{"rel":"self","type":"application\/activity+json","href":"https:\/\/nextcloud.domain.com\/apps\/social\/@dabbill\/"}]}

Here is snip from my Nginx Nextcloud config. ` # The following 2 rules are only needed for the user_webfinger app. # Uncomment it if you're planning to use this app. rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;

# The following rule is only needed for the Social app.
# Uncomment it if you're planning to use this app.
rewrite ^/.well-known/webfinger /public.php?service=webfinger last;

`

[ArtificialOwl]

can you execute a curl request from command line:

curl -H "Accept: application/ld+json" -X GET https://nextcloud.domain.com/apps/social/@dabbill/

or, for better visibility, if you have jq installed:

curl -H "Accept: application/ld+json" -X GET https://nextcloud.domain.com/apps/social/@dabbill/ | jq

[ArtificialOwl]

Thinking about it, could be related to https://github.com/nextcloud/social/pull/281

[dabbill]

{ "@context": [ "https://www.w3.org/ns/activitystreams" ], "id": "https://nextcloud.domain.com/apps/social/@dabbill", "type": "Person", "url": "https://nextcloud.domain.com/apps/social/@dabbill", "local": true, "aliases": [ "@dabbill", "users/dabbill" ], "preferredUsername": "dabbill", "name": "", "inbox": "https://nextcloud.domain.com/apps/social/@dabbill/inbox", "outbox": "https://nextcloud.domain.com/apps/social/@dabbill/outbox", "account": "[email protected]", "following": "https://nextcloud.domain.com/apps/social/@dabbill/following", "followers": "https://nextcloud.domain.com/apps/social/@dabbill/followers", "endpoints": { "sharedInbox": "https://nextcloud.domain.com/apps/social/inbox" }, "publicKey": { "id": "https://nextcloud.domain.com/apps/social/@dabbill#main-key", "owner": "https://nextcloud.domain.com/apps/social/@dabbill", "publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcVrddZQICdycKDcMWR5\n/gzuQll8mvXXjdd5iq376ekWz/7FI71Dzt0N7DYQ0dW66FliS88xSsEFwtC16kXq\nDPH044M4nAx9VB2mlsubsUPRc5myCM5qMpXP/b02WtSkQhbAiCx2nHE0ZOmiPn+t\nJs7TBRKP/VIlLeEMXPISwmpNtXvwuSNLeqrMxVc4YfQfdYMPUBM9CXXXRR3HkBc2\nwZrRyDTu4yILdIdKOmUF+n0gpmcS6SnFBsE/APav2U/lqPcrwcMQrpbbibF6gyDd\nC+epIMvS/DpzlVPUqDY9+CljPjRQyu2YhK0nilyEh0G5E/8VdI2eMa9XlsBRJJEo\n9wIDAQAB\n-----END PUBLIC KEY-----\n" } }

[juliushaertl]

@dabbill Can you check if the same curl requests work fine from within your lxc container?

[dabbill]

From the instance it self, I get curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number

[juliushaertl]

Related issue https://github.com/nextcloud/social/issues/267

[zachdecook]

@daita When I run ./occ config:app:get social address, it gives me the http version (I use https).

Can this be fixed somehow?

[ArtificialOwl]

./occ social:reset

[aliceinwire]

./occ social:reset didn't work for me but the previously mentioned curl command is giving good output

curl -H "Accept: application/ld+json" -X GET https://example.org/apps/social/@Username
curl https://example.org/.well-known/webfinger?resource=acct:[email protected]

and social works correctly. But I still have the ".well-known/webfinger isn't properly set up!" banner on the social app

[ArtificialOwl]

@aliceinwire do you still have an issue on the last release of Social ? If so, can you confirm that everything is working, but the only issue if that glitch/banner that stays displayed ?

Can you send me the address of your cloud ([email protected]) so I can check the setup of your webfinger ?

[dabbill]

@daita I am still getting the ".well-known/webfinger isn't properly set up!" banner on the social app. All apps are showing up to date. I have tried to run the occ social:reset as well. Still get the same banner.

curl -H "Accept: application/ld+json" -X GET https://nextcloud.dabbill.com/apps/social/@dabbill

{"@context":["https://www.w3.org/ns/activitystreams","https://w3id.org/security/v1"],"id":"https://nextcloud.dabbill.com/apps/social/@dabbill","type":"Person","url":"https://nextcloud.dabbill.com/apps/social/@dabbill","icon":{"id":"https://nextcloud.dabbill.com/documents/avatar/8bb1840d-a630-47a6-a185-0f3561d22157","type":"Image","url":"https://nextcloud.dabbill.com/avatar/dabbill/128","mediaType":"","mimeType":"","localCopy":"avatar","resizedCopy":""},"local":true,"aliases":["@dabbill","users/dabbill"],"preferredUsername":"dabbill","name":"","inbox":"https://nextcloud.dabbill.com/apps/social/@dabbill/inbox","outbox":"https://nextcloud.dabbill.com/apps/social/@dabbill/outbox","account":"[email protected]","following":"https://nextcloud.dabbill.com/apps/social/@dabbill/following","followers":"https://nextcloud.dabbill.com/apps/social/@dabbill/followers","endpoints":{"sharedInbox":"https://nextcloud.dabbill.com/apps/social/inbox"},"publicKey":{"id":"https://nextcloud.dabbill.com/apps/social/@dabbill#main-key","owner":"https://nextcloud.dabbill.com/apps/social/@dabbill","publicKeyPem":"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lg5/MAmKBvwqxv+uVbN\nAYzI94zA5ulMbDcOdmxU2I5MPgait+XvxCeMYwwnBDqJGjMCZHeCock85VIPtjVH\nKPA0PS/6b/OEu7r10id16fuyRcQfV84vqVXRp3R9Frx/5GRtC1udFuDwfVFl4hlE\n/q8qWA52t38xP0zLkh2YplV5Z4imZFIE5YosZTVI1QJsazGCYlPC2Y7qqKCD5KBl\nKVz+3mBxK09LOKQTUcvOF/e3BW5BiaS7Ta0vmh3xCe+vlPHGGSIjcsn82GlMT7Fl\n0Nbdian06fkGqWXlnPBXz0aDA4ZcGwy/6aLQVADlKhA5OxxrIqC1PkFGQw77kqlS\njQIDAQAB\n-----END PUBLIC KEY-----\n"}}%

curl https://nextcloud.dabbill.com/.well-known/webfinger?resource=acct:[email protected]

{"subject":"acct:[email protected]","links":[{"rel":"self","type":"application/activity+json","href":"https://nextcloud.dabbill.com/apps/social/@dabbill"},{"rel":"http://ostatus.org/schema/1.0/subscribe","template":"https://nextcloud.dabbill.com/apps/social/ostatus/follow/{uri}"}]}%

[JOduMonT]

Also, as you're using nginx, you might need to apply some configuration:

https://github.com/nextcloud/documentation/pull/877/files

thank @dabbill this line resolve, at least my situation :)

[aliceinwire]

@JOduMonT I have same line uncommented but it doesn't solve anything in my situation.

[dabbill]

Also, as you're using nginx, you might need to apply some configuration: https://github.com/nextcloud/documentation/pull/877/files

thank @dabbill this line resolve, at least my situation :)

@JOduMonT I have that line un-commented. Still have the same error in Social.

[Mecallie]

Is there any progress on this issue?

I have been using NC since version 9 or something and my nginx.conf does not even contain any webfinger line. I added rewrite ^/.well-known/webfinger /public.php?service=webfinger last; to my nginx.conf and did an nginx -t : no errors, so I guess I put it in correctly... But I am not sure the webfinger is even in the well-known config :?

I do not get an address when I do the command get social address (empty)

social:check:install gives:

- 0 invalid followers removed
- 0 invalid notes removed
- Your current configuration: 
{
    "cloud_url": "https:\/\/my.domain.com",
    "social_url": "https:\/\/my.domain.com\/apps\/social\/",
    "social_address": "",
    "service": 1,
    "max_size": 10,
    "access_type": "all_but",
    "access_list": "[]"
}

Why are the \\ for the urls noted as \/ ?!

Any help getting social to work is appreciated. It would be awesome to have this in my NC!

[dabbill]

As of Nextcloud 20, I am still getting this error.

[alexanderharm]

Me too, just wasted hours to fix this... Running Nextcloud in a container behind Traefik.

[Mecallie]

I finally got rid of it after hours of getting my config file just right. Still don't know what was wrong with it before (followed the NC install instructions to a tee). This one works for me (nginx):

`location ^~ /.well-known/acme-challenge { proxy_pass http://127.0.0.1:81; proxy_set_header Host $host; }

#location / { #return 301 https://$host$request_uri; #}

location ^~ /.well-known/webfinger { rewrite ^/.well-known/webfinger /public.php?service=webfinger last; }

location = /.well-known/carddav { return 301 $scheme://$host/remote.php/dav; }

location = /.well-known/caldav { return 301 $scheme://$host/remote.php/dav; }

client_max_body_size 10240M; location / { rewrite ^ /index.php; } location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { deny all; } location ~ ^/(?:.|autotest|occ|issue|indie|db_|console) { deny all; } location ~ .(?:flv|mp4|mov|m4a)$ { mp4; mp4_buffer_size 100m; mp4_max_buffer_size 1024m; fastcgi_split_path_info ^(.+.php)(/.)$; try_files $fastcgi_script_name =404; include fastcgi_params; include php_optimization.conf; fastcgi_pass php-handler; fastcgi_param HTTPS on; } location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+).php(?:$|/) { fastcgi_split_path_info ^(.+.php)(/.)$; include fastcgi_params; include php_optimization.conf; fastcgi_pass php-handler; fastcgi_param HTTPS on; } location ~ ^/(?:updater|ocs-provider)(?:$|/) { try_files $uri/ =404; index index.php; } location ~ .(?:css|js|woff|svg|gif|png|html|ttf|ico|jpg|jpeg)$ { try_files $uri /index.php$uri$is_args$args;`

[Megachip]

The following rules seems provided by Nextcloud (v21) So, what is missing to get social working?

[dabbill]

I have nextcloud listening on 443, but have HAProxy in front doing the SSL work.