Snaps are Canonical's latest secure and containerized packaging system. Here's how to get past the dreaded Nextcloud "untrusted domain" message on Ubuntu.


Canonical designed the snap package as an independent container; they do not permit the operating system to modify them just as the snap is not permitted to change OS system configurations. This is how a snap can update silently in the background without user interaction from Ubuntu's Software Updater. A snap can be easily rolled-back since nothing outside of its own sandbox is changed. Bad guys can't use a snap to change your system and compromised snaps can't escape the container.

Nextcloud, as a snap is super easy to install. In our experience its much easier to set up a snap'd (nice pun huh) Nextcloud instance over the traditional compile or .deb style install. So the issue arises when a user tries to access the snap through another network. Remember, Nextcloud is a LOCAL cloud.

Normally one would simply edit the configuration file per Nextcloud documentation to add the domain or IP range to authenticate access. This however can be problematic since a snap package is READ-ONLY.

nextcloud snap untrusted domain


Don't bother invoking sudo/su through the command line in an attempt to change the snap's configuration file; it will open in Nautilus/Caja but zero changes can be saved. To add more angst, the Add "172.20.10.2" as a trusted domain button shown in the image will also fail you.


There is a built-in escape path by default in Nextcloud: 127.0.0.1 (aka the local host). There is a saying in the IT world that if you have physical access to a machine there is no hope of securing it and in this situation that fact becomes salvation. You can simply take the following url:

https://localhost/index.php/settings/admin?trustDomain=xxx.xxx.x.xxx


and enter this from inside your local Nextcloud browser, changing the xxx IP to whatever you need to be trusted, e.g. your own alternative IP address. The admin page will refresh and a little dialog will prompt to really trust the domain, select YES! You can then enter the IP of the Nextcloud install as before; the untrusted domain warning page won't appear.

Full disclosure: we found this solution while using a linux virtual machine hosted on *barf* Windows 7 (why beloved customers, why?). Please forgive them. Amusingly in this setup the xxx IP was the same as the inet addr: using ifconfig command from within the Linux guest.

If you are ready for Google, Microsoft and Apple to STOP the spying and STOP sharing YOUR DATA with governments domestic and foreign with your own Linux-based cloud server, please contact us immediately!


About the Writer
Chris Lessley
Author: Chris Lessley
A server admin, dev ops warrior and website designer since 2002, Chris is a lover of all things Linux and open-source! Each blog topic has been tested by fire in the real world and shared with the hope to help others. Need more help? Hire me! Chris' other interests include fine art and the humanities in the classical tradition and can be found writing for our friends over at gripfastart.works. If you like this content, kindly consider donating to keep this website free to all, without ads.

Comments powered by CComment

Member of The Internet Defense LeagueOpen Source Initiative