Log in Subscribe

Administrator Notes

Nextcloud

Large File Uploads

If the entry point for your Nextcloud instance is the Cloudflare Tunnel (which is the default), you may run into issues uploading files larger than 100MB using the Desktop Client for Nextcloud. In order to get past this limitation, you need to modify the settings of the Desktop Client.

First, locate the configuration file for the client, based on your Operating System:

  • On Linux: $HOME/.config/Nextcloud/nextcloud.cfg
  • On Mac: $HOME/Library/Preferences/Nextcloud/nextcloud.cfg
  • On Windows: %APPDATA%\Nextcloud\nextcloud.cfg

Open the configuration file using a text editor. You can use Notepad in Windows or TextEdit in Mac.

Under the section named [General] add a line as follows:

maxChunkSize=50000000

Save the file, then fully close the Nextcloud Desktop Client and start it again.

Guest Users

Nextcloud allows you create public links for shared files and group Talk conversations. The downside is that anyone with the public link has access to the file or conversation, which is not great from a security perspective.

One alternative is to create a new user on the server in LLDAP and add them to the nextcloud_user group. However, this means they will also get access to other functionality in Nextcloud, which may not be desirable either.

If you prefer to share files or Talk conversations with external users, and treat them as guests but still require them to sign in with a valid email, you can do this by installing the Guests app for Nextcloud and enabling Nextcloud's built-in log-in screen (disabled by default during the server deployment).

To do this, log into an SSH session on the server and run the following command:

cd ~/homevault/workspace/modules/nextcloud/scripts
bash enable_guests.sh

Once this is done, you can now share files with guests, or invite them to a Talk conversation. For more information, see the official documentation for the Guests app.

Nextcloud Talk

Enabling the TURN Server

A TURN server becomes necessary when users are behind a firewall or Network Address Translation (NAT) that restricts direct connections between devices. In typical networks, especially corporate environments or certain home internet setups, these security measures block the direct peer-to-peer connections that video calling normally uses. The TURN (Traversal Using Relays around NAT) server acts as an intermediary that relays the audio, video, and messaging data between participants when direct connections fail. Without a TURN server, users behind restrictive networks might be unable to connect to calls or experience poor call quality, dropped connections, and one-way audio or video problems.

Because the TURN server must handle TCP and UDP connections and be directly accessible from the internet, it cannot be hosted behind the Cloudflare Tunnel like other self-hosted applications. This means you'll need to configure your home router to forward specific ports to your TURN server and possibly adjust firewall settings to allow these connections. For this reason, the TURN server is not installed with the default installation of the Talk module.

[!warn] The deployment script will attempt to configure your home router as required by the TURN server using Universal Plug and Play (UPnP). If your router does not support UPnP, you will need to manually forward port 3478 (TCP and UDP) to the server machine.

You can install and configure a TURN server for use with your Nextcloud Talk installation as part of the initial deployment, or at a later point, by passing the following parameter to the deployment script: -o NEXTCLOUD_TURN_ENABLED=true.

For example, if you have already deployed Nextcloud and Talk to your server, you can re-run the deployment script with the following options:

cd ~/homevault/workspace
./hv -o NEXTCLOUD_TURN_ENABLED=true