[Support] Linuxserver.io - Nextcloud


Recommended Posts

1 hour ago, PSYCHOPATHiO said:

there was the 17.0.1 released today, unfortunately I did the update then at the end when I clicked on web update I got a blank screen! I went into the config file & changed the maintenance from "False to True" & back, removed the docker & reinstalled it but nothing worked.

I still get a blank screen.

 

anyone with a similar situation?

No issues here. Try following the guide to update using the command line in the link in the first post.

Link to comment
24 minutes ago, saarg said:

 Try following the guide to update using the command line in the link in the first post.

This is not my first time uodating, I've been using nextcloud for years now. But this is the first time I encounter something like this.

I'm trying to find the root cause of the problem but not sure where to look other than into the config.

 

EDIT:  I will delete Netcloud and the appdata & reinstall it again.

Edited by PSYCHOPATHiO
Solution
Link to comment
Damn how can we make sure our servers are secure? I have blocked outside access until we hear further.
Reading the article it sounds like a previously known vulnerability is used to implement the malware.

We've already patched it and posted on our blog about it.

https://blog.linuxserver.io/2019/10/26/psa-nextcloud/

I suggest you all read that and implement, this does highlight one point I've been making for a long time, once you spin up these services, whether you understand how to or not, you become the sysadmin and need to be able to keep things up to date.

TL:DR I think it's using a known vulnerability to encrypt things, but that hasn't been confirmed yet, so you need to decide on how you want to approach this issue and when you feel the risk is acceptable to keep/bring back your Nextcloud server online.

Sent from my Mi A1 using Tapatalk

Link to comment

Hey guys - I hope you can help me. Nextcloud appears to be the culprit as the silent destoryer of my SSD cache pool. In less than one year I am at 482 TBW on my two 1TB SSDs. This is WAY over any normal usage. I did some tests last night and this morning and I can consistently stop the rogue disk writes by turning off Nextcloud. If I turn it back on its fine for a few hours then they start again.

 

This is big issue for me and I suspect this may be happening to others as well and is going unnoticed unless you check the stats page often or regularly check the wear level or lbas written in the smart reports.

 

Any help is appreciated!

 

(Thread linked for more info)

 

EDIT: Ok I think I'm getting closer... I noticed I have a TON of MariaDB logs starting around the time that the writes kicked in:

image.thumb.png.fedecd5a7cf629e60ae24370f3fdbbdb.png

 

Here is a sample from the log at the time the disk writes went crazy. Any idea what the issue is? I have a fairly standard setup so I'm not really sure what is causing this.

Quote

BINLOG '
[Several lines here]
'/*!*/;
# Number of rows: 1
# at 97428701
# at 97429112
#191117  4:25:04 server id 1  end_log_pos 97429112 CRC32 0xe4325a48     Annotate_rows:
#Q> UPDATE `oc_filecache` SET `mtime` = '1573982704', `etag` = '05d7b84ff4619afc78fc0f4f087d3fd8', `storage_mtime` = '1573982704', `checksum`='' WHERE (`mtime` <> '1573982704' OR `etag` <> '05d7b84ff4619afc78fc0f4f087d3fd8' OR `storage_mtime` <> '1573982704' OR `checksum` <> '' OR `mtime` IS NULL OR `etag` IS NULL OR `storage_mtime` IS NULL OR `checksum` IS NULL) AND `fileid` = '163718282'
#191117  4:25:04 server id 1  end_log_pos 97429198 CRC32 0x5ae44186     Table_map: `nextcloud`.`oc_filecache` mapped to number 34
# at 97429198
#191117  4:25:04 server id 1  end_log_pos 97430666 CRC32 0x5b9683fd     Update_rows: table id 34 flags: STMT_END_F


 

Edited by johnsanc
Link to comment
On 11/16/2019 at 3:00 PM, saarg said:

No issues here. Try following the guide to update using the command line in the link in the first post.

I have a similar problem. When clicking on the WebUI Button the attached screen appears. By clicking on "agree", I receive the following error after a while:

Internal Server Error
The server encountered an internal error and was unable to complete your request.

The nginx `access.log` contains the following while the `error.log` is empty:

192.168.178.25 - - [17/Nov/2019:19:54:27 +0100] "GET / HTTP/2.0" 500 289 "http://192.168.178.21/Docker" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/2010010
1 Firefox/70.0"
192.168.178.25 - - [17/Nov/2019:19:55:18 +0100] "GET / HTTP/2.0" 500 289 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0"
192.168.178.25 - - [17/Nov/2019:19:55:55 +0100] "GET /favicon.ico HTTP/2.0" 500 289 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0

 

Accessing the WebUI via `http://192.168.178.21:443/` as I did before the upgrade, causes the error "The plain HTTP request was sent to HTTPS port". I am sure that my nginx `default` file contains the latest changes from the commit  update nginx site conf due to CVE. Any help?

 

 

 

update-1.png

Link to comment
1 hour ago, T0a said:

I have a similar problem. When clicking on the WebUI Button the attached screen appears. By clicking on "agree", I receive the following error after a while:


Internal Server Error
The server encountered an internal error and was unable to complete your request.

The nginx `access.log` contains the following while the `error.log` is empty:


192.168.178.25 - - [17/Nov/2019:19:54:27 +0100] "GET / HTTP/2.0" 500 289 "http://192.168.178.21/Docker" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/2010010
1 Firefox/70.0"
192.168.178.25 - - [17/Nov/2019:19:55:18 +0100] "GET / HTTP/2.0" 500 289 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0"
192.168.178.25 - - [17/Nov/2019:19:55:55 +0100] "GET /favicon.ico HTTP/2.0" 500 289 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0

 

Accessing the WebUI via `http://192.168.178.21:443/` as I did before the upgrade, causes the error "The plain HTTP request was sent to HTTPS port". I am sure that my nginx `default` file contains the latest changes from the commit  update nginx site conf due to CVE. Any help?

 

 

 

update-1.png

How did you upgrade and did you get any errors during the upgrade?

You use https if you are using port 443. Also no need to specify the port if it's the default 443.

The reason you get an error is that you are using http when using the ssl port.

 

As for the internal server error, you might be in maintenance mode still?

Link to comment

Today I was uploading some files to my Nextcloud and one of them was 6 GB of size.
When I was uploading this file, I got email notice from unRAID server "Docker image disk utilization of 72%". When the upload finished, I got new email notice: "Docker image disk utilization returned to normal level".

 

This made me curious of how does file transfer or rather file write to Nextcloud storage works?
I always thought that files are written directly to Nextcloud HDDs. But it seems that files are initially stored to Nextcloud Docker instance which is on cache SDD and then written to Nextcloud storage HDDs.

 

Is this proper way for file transfer to Nextcloud or did I do something wrong with my configuration?

Link to comment

I just installed the Nextcloud Talk plugin. It seems to work fine web client to web client. Video works fine if both clients are on the same network. Text works fine when a client is outside the network but video does not. I can't get either of the Android or iOS apps to work whether or not they are on the same network. The iOS app gives me error 405 and the Android app just says there was an error.

 

I tried to install and configure the instrumentisto/coturn docker and configure the talk plugin to use it but I'm not sure I have coturn configured correctly. Anyone have any pointers on how to get this working correctly?

Link to comment
On 11/16/2019 at 1:14 PM, PSYCHOPATHiO said:

there was the 17.0.1 released today, unfortunately I did the update then at the end when I clicked on web update I got a blank screen! I went into the config file & changed the maintenance from "False to True" & back, removed the docker & reinstalled it but nothing worked.

I still get a blank screen.

 

anyone with a similar situation?

I had the same failure on my system via upgrading through the web-gui.

After installing the update manual through the CLI my system works fine with 17.0.1

Link to comment
5 hours ago, johnsanc said:

FYI - I figured out my issue above.... in short do not have Nextcloud index symlinks that would cause a loop.

Is there an extra option in the settings for indexing? If so, I can't find it or did you changed some config file by hand to stop Nextcloud indexing symlinks?

Link to comment
39 minutes ago, Abigel said:

Hi,

is there an actual path to upgrade nextcloud to 17 via the cli ?

I have only found old manuals that doesn't worked

This still works.

Instead of

docker exec -it nextcloud bash

you can use command

docker-shell

and you will get list of all Docker containers. Press corresponding number next to Nextcloud Docker and you will access Nextcloud shell.

All other commands are still the same for this version of NC.

  • Thanks 2
Link to comment
On 11/4/2019 at 4:16 AM, jagr200 said:

I am getting a 504 Gateway Time-out when trying to setup nextcloud. Anyone have any ideas? I've removed the docker and tried again with no luck.

I am getting this aswell. Followed SpaceInvaderOne`s tutorial to the letter twice and same result. Any help on the matter would be appreciated.

  • Like 1
Link to comment
15 hours ago, b0rgi85 said:

I had the same failure on my system via upgrading through the web-gui.

After installing the update manual through the CLI my system works fine with 17.0.1

thanks for the tip, might come handy next time this happen, anyway found it as a good time to tune nextcloud & secure it also improving upon ldap integration.

Link to comment

If anyone would be as kind...

Wanting to verify I delete correct site-confs file before restarting nextcloud. Attaching two pics; one of the fix, and one showing the file I think that gets deleted. Trying to verify this is the correct default conf before deleting it?

File for me is in User> appdata> nextcloud> nginx> site-confs? Seems a different directory as not finding a “config” folder anywhere with site-confs in it?

Right file? Wrong file?

949951c6b90467ba1cdb28a65da14e80.png21e781208c54302e3cc8ef872ea73e99.png

Link to comment
28 minutes ago, blaine07 said:

File for me is in User> appdata> nextcloud> nginx> site-confs? Seems a different directory as not finding a “config” folder anywhere with site-confs in it?

Right file? Wrong file?

That is the correct file. Nextcloud's /config directory is mapped to /appdata/nextcloud by default in the docker template. Make sure you get a backup, as I'm getting 504 errors after deleting it. I haven't been able to figure out what the problem is.

Link to comment
That is the correct file. Nextcloud's /config directory is mapped to /appdata/nextcloud by default in the docker template. Make sure you get a backup, as I'm getting 504 errors after deleting it. I haven't been able to figure out what the problem is.


Yeah lol that’s not good. When you figure that out let me know, please. Article says to delete it and restart container. What happens if you stop container, delete, then start container?
Link to comment
4 hours ago, cpshoemake said:

That is the correct file. Nextcloud's /config directory is mapped to /appdata/nextcloud by default in the docker template. Make sure you get a backup, as I'm getting 504 errors after deleting it. I haven't been able to figure out what the problem is.

I have the same problem and solved it with moving the backup from the default file into another folder

Maybe it helps ?

 

 

I tried to update nextcloud via the GUI, not like other with the cli and it works too. I hope there are no problems that I don't know.

 

 

//Edit:

 

There are now some warnings, how to fix?

 

The reverse proxy header configuration is incorrect or you are accessing Nextcloud through a trusted proxy. If this is not the case, then there is a security problem that allows an attacker to spy out the IP address visible to Nextcloud. More information can be found in the documentation.

 

The X-Frame Options HTTP header is not configured to match SAMEORIGIN. This is a potential security risk and it is recommended to change this setting.

 

The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds. For more security, it is recommended to enable HSTS as explained in the security notes.

 

Edited by Abigel
Warnings
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.