Hey all,
I managed to install Duplicati on my Ubuntu server 20.04 and want to back up my Nextcloud which is running on the same server.
I checked the following:
Duplicati is listening through port 8200
Gave access via UFW for port 8200
Checked different browsers - just in case
Duplicati is up and running
I still cannot access the web UI - what am I doing wrong? Any help would be appreciated. I am relatively new to this.
Thanks
Hello
since you used UFW, I’d assume that you are trying to access Duplicati from another computer (opening a port in the firewall is unnecessary if the access is on localhost), so you may not know that by default Duplicati is listening only on localhost (for good reason).
Hey there, I am trying to access it from my own pc only. I have no other. I have a strict rule on my UFW so I need to allow access. I tried to do localhost:8200 and I added the IP too and it didnt work. Any other suggestions? btw thank you for your reply.
could you be more specific on what you are doing ? This nextcloud thingy seems to be installed with a VM or a container, with Ubuntu as the host (guessing here). Another guess: you have shared a directory between the host and your container/VM to store the nextcloud data and you want to backup this directory with Duplicati installed on the host - is that it ? or something else ?
Sure. Nextcloud is directly installed on the ubuntu server via Lamp. I want to backup my Nextcloud to a Hetzner storage box. I was going to use the Nextcloud backup app but that messed up my previous installation.
what’s the output of
sudo ss -tapnu | grep 8200
tcp LISTEN 0 50 127.0.0.1:8200 0.0.0.0:* users:((“mono-sgen”,pid=902,fd=9))
8200 is in red - which means it is occupied?
Is this PC the Ubuntu server running Duplicati? If not, you are in above “another computer” scenario.
127.0.0.1 a.k.a. (localhost) means you can only get there locally unless you loosen up some security.
IP protection from firewall will help you, but if I read above right, you’ve only got LISTEN on loopback.
EDIT:
Note that should be enough to allow the curl line to run from Ubuntu server (I hope, depending on its networking setup). These days Windows PCs have curl too, but yours lacks Duplicati unless it’s same system. If you need to go across a LAN or something that’s not localhost, you need to arrange for that.
Settings in Duplicati right at the top of the first image shows how to do that – iff you can browse locally, otherwise you’ll have to arrange for it at Duplicati startup (which is what – boot time? User login time?).
For start at boot time under systemd, you’d add options into /etc/default/duplicati such as the following:
–webservice-interface: The interface the webserver listens on. The special values “*” and “any” means any interface. The special value “loopback” means the loopback adapter.
The above gets access from other systems, but you must do it by IP. If you do it by Ubuntu’s hostname
–webservice-allowed-hostnames: The hostnames that are accepted, separated with semicolons. If any of the hostnames are “*”, all hostnames are allowed and the hostname checking is disabled.
and I see the manual doesn’t yet reflect the latter, which was added to help stop DNS rebinding attacks.
I think that you are right. It must be the loopback issue. Yes I am on a LAN Network - how can I arrange for that? The boot part seems to be too complicated. I tried to edit the config file for Duplicati. I read that you can allow access from any IP that way. But once I finally found the config file, it was jibberish as it was apparently from a MAC file so I could not read or edit anything.
What’s that? You mean macOS? How does one see that? That’d be strange.
On Ubuntu it should look like below. Edit and restart Duplicati with systemctl.
$ cat /etc/default/duplicati
# Defaults for duplicati initscript
# sourced by /etc/init.d/duplicati
# installed at /etc/default/duplicati by the maintainer scripts
#
# This is a POSIX shell fragment
#
# Additional options that are passed to the Daemon.
DAEMON_OPTS=""
$
I don’t understand. What is so difficult about finding /etc/default/duplicati? Was it not there?
If so, I’m not sure why it’s so, but I have to ask what you finally looked at that was different.
Was that from .deb file (which would be typical)? Are you somewhat familiar with systemd?
The systemctl command is one of its admin tools, e.g. to start, stop, restart, enable, disable.
Here’s how the unit file gets the options from the environment variable to put on server start:
# systemctl status duplicati
● duplicati.service - Duplicati web-server
Loaded: loaded (/lib/systemd/system/duplicati.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2023-03-31 14:30:14 EDT; 19s ago
Main PID: 4418 (mono)
Tasks: 11 (limit: 3494)
CGroup: /system.slice/duplicati.service
├─4418 DuplicatiServer /usr/lib/duplicati/Duplicati.Server.exe
└─4423 /usr/bin/mono-sgen /usr/share/Duplicati/updates/2.0.6.3/Duplicati.Server.exe
Mar 31 14:30:14 ted-VirtualBoxLinuxMint systemd[1]: Started Duplicati web-server.
# cat /lib/systemd/system/duplicati.service
[Unit]
Description=Duplicati web-server
After=network.target
[Service]
Nice=19
IOSchedulingClass=idle
EnvironmentFile=-/etc/default/duplicati
ExecStart=/usr/bin/duplicati-server $DAEMON_OPTS
Restart=always
[Install]
WantedBy=multi-user.target
#
Hey there - well the config file was translated from a Mac - I can post a screenshot. I will try and see if I have to allow the link with the port number in my system. I hope that will work.
This is what I see:
● duplicati.service - Duplicati web-server
Loaded: loaded (/lib/systemd/system/duplicati.service; enabled; vendor pre>
Active: active (running) since Thu 2023-03-30 14:12:13 UTC; 1 day 18h ago
Main PID: 817 (mono)
Tasks: 16 (limit: 9273)
Memory: 83.1M
CPU: 15.338s
CGroup: /system.slice/duplicati.service
├─817 DuplicatiServer /usr/lib/duplicati/Duplicati.Server.exe
└─902 /usr/bin/mono-sgen /usr/lib/duplicati/Duplicati.Server.exe
This is still mysterious. How does Mac fit into an installation said to be
and you’re still not showing it here. Does your Ubuntu have a browser?
It would be easier to set up the options from Ubuntu going to localhost.
So your Duplicati is up, but we knew that. Change config by GUI or CLI.
If Ubuntu has no GUI, that seems odd-but-not-impossible for a LAN box
EDIT: but if that’s the case (and no remote GUI either), then back to CLI
and the question of what’s in your /etc/default/duplicati, and exactly how.
In addition to the Mac mystery, there’s the “translated” mystery. Explain?
So you are right - I did get into the /etc/default/duplicati - I just added sudo nano infront of it. In order to allow access to the duplicati UI I need to allow access from any IP via the /etc/duplicati/config.json file?
and restart duplicati. If you want to access Duplicati by hostname, also use –webservice-allowed-hostnames, which is not the host you’re coming from, but the name you use in the Duplicati URL.
EDIT:
Don’t confuse the two options above. You need an external interface and might want a hostname.
Thank you for your reply. As I am new to this… how would I " –webservice-allowed-hostnames," Do I add that to the config file? Sorry for so many questions
Correct. It’s an option, so it goes between the double quotes at
# Additional options that are passed to the Daemon.
DAEMON_OPTS=""
DAEMON is a term for a program that runs in the background, independent from, say, you as typist.
They are often called services. Command line interface syntax generally has command at left, then various things it needs on the right, such as arguments, for example the filename you gave to nano. Command-line options modify behavior and sometimes have values. They start wish a dash or two.
Forum software tends to misrepresent double dashes, but that’s what Duplicati uses, so maybe add
--webservice-interface=any
Run sudo systemctl restart duplicati. A systemctl status duplicati should show option.
If you prefer access by hostname, add --webservice-allowed-hostnames, as has been described.
Right it worked - thank you so much. You are a star. I want to use Duplicati to backup my nextcloud via Hetzner storage box. Do you guys have experience with this? Any advice would, again, be appreciated.