[Support] Linuxserver.io - Nextcloud


Recommended Posts

Hello,

 

Just started using Unraid and so far so good. Installed a couple of apps and looks good.

Installed Nextcloud, DuckDNS and Swag.  Works amazing I have my own domain and everything.

Followed a couple of very useful tutorials from here and got me going and If I was to believe the NextCloud security scanner everything validates  with flying colours.

I have two issues that I couldn't find any answers anywhere.

 

1. The nextCloud Overview keeps showing the warning:

 

"The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds. For enhanced security, it is recommended to enable HSTS as described in the security tips"

 

However in my ssl.conf in Swag I have 

# HSTS, remove # from the line below to enable HSTS
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;

 

Restarted the containers a couple of times with no success


2.On the main Nextcloud dashboard the weather picks up my location however the time is way off Ex -7 C at 2PM. Not sure where it reads that time from. I have updated the date.timezone in php.ini with the right one but still no luck

 

I couldn't find anywhere else where I could fix this

If anyone can kindly point me in the right direction I would really appreciate it.

 

Thank you

 

PS: All the installs (NextCloud, DuckDns, Swag) are the latest versions as of 2 days ago,

Link to comment

Hi there.
I just installed the docker container just as the SpaceinvaderOne instructions. Using Maria DB. It is working as intended on WAN.

But I'm behind CGNat. Nothing that I can do (Internet without CGNat or a VPS are not options)

 

I use ZeroTier to remote access my server. It is a very neat and clean way. All containers that are with bridge as network I can access normally just using the IP address from ZeroTier:Port.

 

But the Nextcloud gives me a "400 Bad Request - The plain HTTP request was sent to HTTPS port"

I tried to edit /mnt/user/appdata/nextcloud/www/nextcloud/config/config.php like this:

$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => 'ockbsyci1slc',
  'passwordsalt' => 'ImNotSureIfThisShouldBeOnTheInternet',
  'secret' => 'ItReallyDoesNotSoundLikeThisShouldBeOnTheInternet',
  'trusted_domains' => 
  array (
    0 => '192.168.100.100:444',
    1 => '172.25.235.156:444',
  ),
  'dbtype' => 'mysql',
  'version' => '20.0.3.2',
  'overwrite.cli.url' => 'https://192.168.100.100:444',
  'dbname' => 'nextcloud',
  'dbhost' => '192.168.100.100:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => 'SuperDuperSecurePassword',
  'installed' => true,

Where 192.168.100.100 is the server local address, 444 is the port for Nextclooud and 172.25.235.156 is the server address over ZeroTierOne.

but still no dice...

What am missing here?

Link to comment
13 minutes ago, GuilhermeFluis said:

Hi there.
I just installed the docker container just as the SpaceinvaderOne instructions. Using Maria DB. It is working as intended on WAN.

But I'm behind CGNat. Nothing that I can do (Internet without CGNat or a VPS are not options)

 

I use ZeroTier to remote access my server. It is a very neat and clean way. All containers that are with bridge as network I can access normally just using the IP address from ZeroTier:Port.

 

But the Nextcloud gives me a "400 Bad Request - The plain HTTP request was sent to HTTPS port"

I tried to edit /mnt/user/appdata/nextcloud/www/nextcloud/config/config.php like this:


$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => 'ockbsyci1slc',
  'passwordsalt' => 'ImNotSureIfThisShouldBeOnTheInternet',
  'secret' => 'ItReallyDoesNotSoundLikeThisShouldBeOnTheInternet',
  'trusted_domains' => 
  array (
    0 => '192.168.100.100:444',
    1 => '172.25.235.156:444',
  ),
  'dbtype' => 'mysql',
  'version' => '20.0.3.2',
  'overwrite.cli.url' => 'https://192.168.100.100:444',
  'dbname' => 'nextcloud',
  'dbhost' => '192.168.100.100:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => 'SuperDuperSecurePassword',
  'installed' => true,

Where 192.168.100.100 is the server local address, 444 is the port for Nextclooud and 172.25.235.156 is the server address over ZeroTierOne.

but still no dice...

What am missing here?

Didn't mention anything about your SSL config. This looks like a typical SSL missing/misconfigured. Either disable SSL in NginX or enable it and get a cert 

As far as I understood you are trying to access the address in http which in return is forcefully being redirected to https that is missing the SSL and thus giving you the error. I may be wrong but this is what I understood from your post.

 

Link to comment
11 minutes ago, rainfactor said:

Didn't mention anything about your SSL config. This looks like a typical SSL missing/misconfigured. Either disable SSL in NginX or enable it and get a cert 

As far as I understood you are trying to access the address in http which in return is forcefully being redirected to https that is missing the SSL and thus giving you the error. I may be wrong but this is what I understood from your post.

 

You are probably right, since I didn't configure anything about SSL...

I would not even know how to start...

how could I disable?

Link to comment
9 minutes ago, GuilhermeFluis said:

You are probably right, since I didn't configure anything about SSL...

I would not even know how to start...

how could I disable?

nginx conf >>> ssl off. Or if  misunderstood you and don't use nginx after all just remove the line 

'overwrite.cli.url' => 'https://192.168.100.100:444',

Edited by rainfactor
added content
Link to comment
1 minute ago, GuilhermeFluis said:

Not trying to abuse my stay, but could you be a little bit more detailed than this? this is on the web interface? where? I don`t have a nginx docker, so I'm supposing that this is on the nextcloud docker... it is on the command line on the docker?

That's ok :).  Read the full sentence. Remove the https portion from the config 

Going from:

'overwrite.cli.url' => 'https://192.168.100.100:444',  to. 'overwrite.cli.url' => '',

That line as per Nextcloud docs is used for proxy configs which you said you didn't use

Source : https://docs.nextcloud.com/server/16/admin_manual/configuration_server/config_sample_php_parameters.html?highlight=overwrite cli url#proxy-configurations

Link to comment
On 1/26/2020 at 6:56 PM, Iceman24 said:

You're welcome. Make sure this area of your config.php looks like this.

'trusted_domains' =>
array (
0 => 'unRAIDIP:NextcloudPort',
1 => 'nextcloud.server.com',
),
'trusted_proxies' => array('unRAIDIP'),
'forwarded_for_headers' => array('HTTP_X_FORWARDED_FOR'),
'dbtype' => 'mysql',
'version' => '18.0.0.10',
'overwrite.cli.url' => 'https://nextcloud.server.com',
'overwritehost' => 'nextcloud.server.com',
'overwriteprotocol' => 'https',

 

Just wanted to also thank you for posting this, helped me clear the errors from the GUI :) 

 

Link to comment

I just migrated on my test server from postgres to linuxserver/mariadb (10.4). How i can know if 4byte support is enabled? 
After conversion i see this on my config.php 

Quote

'mysql.utf8mb4' => true,

But using dbeaver i see

Default charaset: uft8

Default Collation: utf8_general_ci 

 

also on variables i see 

binlog_format: MIXED

tx_isolation: REPEATABLE-READ

Docs says to change to 

binlog_format: ROW

tx_isolation: READ-COMMITTED

 

If needed, How i can fix the above?

 

 

Link to comment

Hi,

 

When trying to connect to onlyoffice from nextcloud, I get the following error "Error when trying to connect (cURL error 28: Failed to connect to office.xxx.com port 443: Operation timed out (see https://curl.haxx.se/libcurl/c/libcurl-errors.html))"

 

If I go to https://office.xxx.com, I do get redirected to the welcome page.

 

Quote

server {
    listen 443 ssl;

    server_name office.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
                include /config/nginx/proxy.conf;
                resolver 127.0.0.11 valid=30s;
                set $upstream_docs onlyoffice-document-server; <<< docker name
                proxy_pass https://$upstream_docs:443;
                proxy_redirect off;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Host $server_name;
                proxy_set_header X-Forwarded-Proto $scheme;
        }
}

 

Please help!

 

 

Edited by Kira
Link to comment
On 12/11/2020 at 11:04 AM, skois said:

Ok if the file size is the problem only, then let's start with simple "fixes" 
go to path/to/appdata/nextcloud/php 
edit your php-local.ini 

The part you actually need is the first and specifically 

post_max_size.
The rest is just optimizations i did. If you want you are welcome to include them.


; Edit this file to override php.ini directives and restart the container

date.timezone = Europe/Athens
upload_max_filesize=16G
memory_limit=8G
max_execution_time=7200
max_input_time=7200
post_max_size=16G
max_file_uploads = 200
default_socket_timeout = 7200


; Enable PHP OPcache https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
opcache.enable=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1

 

Hey Skois, so I edited my php-local.ini file and changed my upload_max_filesize=100G as well as the other changes you made in the first block of text but I am still having the same issue for uploads when not logged in. 

 

My php file now reads:

```

; Edit this file to override php.ini directives and restart the container

date.timezone = America/Los_Angeles
upload_max_filesize=100G
memory_limit=8G
max_execution_time=7200
max_input_time=7200
post_max_size=100G
max_file_uploads = 200
default_socket_timeout = 7200

```

 

Any other suggestions? 

Link to comment
On 12/15/2020 at 10:19 AM, rainfactor said:

Hello,

 

Just started using Unraid and so far so good. Installed a couple of apps and looks good.

Installed Nextcloud, DuckDNS and Swag.  Works amazing I have my own domain and everything.

Followed a couple of very useful tutorials from here and got me going and If I was to believe the NextCloud security scanner everything validates  with flying colours.

I have two issues that I couldn't find any answers anywhere.

 

1. The nextCloud Overview keeps showing the warning:

 

"The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds. For enhanced security, it is recommended to enable HSTS as described in the security tips"

 

However in my ssl.conf in Swag I have 

# HSTS, remove # from the line below to enable HSTS
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;

 

Restarted the containers a couple of times with no success


2.On the main Nextcloud dashboard the weather picks up my location however the time is way off Ex -7 C at 2PM. Not sure where it reads that time from. I have updated the date.timezone in php.ini with the right one but still no luck

 

I couldn't find anywhere else where I could fix this

If anyone can kindly point me in the right direction I would really appreciate it.

 

Thank you

 

PS: All the installs (NextCloud, DuckDns, Swag) are the latest versions as of 2 days ago,

Found the solution to my 1st problem.  Enabled the HSTS in the default.conf in Nginx and not in ssl.conf like I thought. Everything is green now. Still trying to figure out where are the timezone settings in Nextcloud

Link to comment
11 hours ago, Falcowe said:

Hey Skois, so I edited my php-local.ini file and changed my upload_max_filesize=100G as well as the other changes you made in the first block of text but I am still having the same issue for uploads when not logged in. 

 

My php file now reads:

```

; Edit this file to override php.ini directives and restart the container

date.timezone = America/Los_Angeles
upload_max_filesize=100G
memory_limit=8G
max_execution_time=7200
max_input_time=7200
post_max_size=100G
max_file_uploads = 200
default_socket_timeout = 7200

```

 

Any other suggestions? 

If you create a drop link (upload only link) while you are connected via your local ip and try to upload with this link does it work?
Can you share your appdata\nextcloud\www\nextcloud\config\config.php file?
PLEASE HIDE SENSITIVE INFO!

Link to comment
7 minutes ago, Martintheshred said:

Hi There thank you for all the work you have done with this Nextcloud Docker. I am trying to do the update like I have done previously through the updater and I keep running into this issue can anybody help and advise what I am doing wrong.  
 

Cheers 

    Martin 

785888494_NextCloudUpdateError.thumb.png.672678058840251db34b64e09e5677ca.png

You must be using macs in your network?
Go to your nextcloud data folder and delete all the .DS_Store files you find.
Its temp files created by macs, safe to delete.
 



Here is a script that will do it for you

Link to comment
1 hour ago, skois said:

If you create a drop link (upload only link) while you are connected via your local ip and try to upload with this link does it work?
Can you share your appdata\nextcloud\www\nextcloud\config\config.php file?
PLEASE HIDE SENSITIVE INFO!

No it doesn't. I do get a different error though than the upload and edit side gets. 

For the upload and editing I get the error: "An unknown error has occurred". And nothing happens after that.

With the upload only I get the error: "Could not upload "[FILE NAME]" ". I this case it was a mov file. 

 

Finally you left a note to "Please hide sensitive info!" did I post sensitive info? I thought I hadn't. 

Link to comment
1 minute ago, Falcowe said:

No it doesn't. I do get a different error though than the upload and edit side gets. 

For the upload and editing I get the error: "An unknown error has occurred". And nothing happens after that.

With the upload only I get the error: "Could not upload "[FILE NAME]" ". I this case it was a mov file. 

 

Finally you left a note to "Please hide sensitive info!" did I post sensitive info? I thought I hadn't. 

No you didn't! but config.php contains a lot! ;)

Link to comment

Running (I believe) NC 19.xxx. Recently updated a few apps within NC and now I can't access it locally or otherwise.

 

Log shows this error:

 

User uid: 99
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 40-config: executing...
[cont-init.d] 40-config: exited 0.
[cont-init.d] 50-install: executing...
[cont-init.d] 50-install: exited 0.
[cont-init.d] 60-memcache: executing...
[cont-init.d] 60-memcache: exited 0.
[cont-init.d] 70-aliases: executing...
[cont-init.d] 70-aliases: exited 1.
[cont-init.d] 99-custom-files: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
PHP Fatal error: Interface 'OCP\AppFramework\Bootstrap\IBootstrap' not found in /config/www/nextcloud/apps/printer/lib/AppInfo/Application.php on line 33

 

Would rather not have to restore from back up. I'm CLI illiterate though.

 

Thanks!

Link to comment

This was a surprisingly easy Docker to set up!  And to think I avoided it for so long...

 

Incase anyone else is using Caddy v2 for their reverse proxy, or I suffer a huge failure one day:

 

Modify /config/config.php as follows (for completeness, I know this is repeated over and over in this forum):

  'trusted_domains' => 
  array (
    0 => 'unraid_IP:unraid_PORT',
	1 => 'cloud.your_Domain.your_TLD',
  ),
  'trusted_proxies' => array('unraid_IP'),
  'forwarded_for_headers' => array('HTTP_X_FORWARDED_FOR'),
  'overwritehost' => 'cloud.your_Domain.your_TLD',
  'overwriteprotocol' => 'https',
  'overwrite.cli.url' => 'https://cloud.your_Domain.your_TLD',

And in your caddyfile:

cloud.your_Domain.your_TLD {
  reverse_proxy https://unraid_IP:unraid_PORT {
    transport http {
      tls_insecure_skip_verify
    }
  }	
  encode gzip
  tls [email protected] {
  }  
  header {
    # don't advertise "Caddy" as server
    -Server
    # docker ngix server contains all the necessary security headers already - instant A+ at https://scan.nextcloud.com/
    Strict-Transport-Security "max-age=31536000; includeSubDomains;"
  } 	
}

 

Edited by thespooler
Typos
Link to comment

I am having a problem upgrading to v20.04, it would not work from with the webui. I then tried to run the sudo -u abc php updater.phar  from the /config/www/nextcloud/updater/ folder but I get to item 6, Extracting and it fails giving me the following error

Quote

...PHP Warning:  require(/config/www/nextcloud/updater/../version.php): failed to open stream: No such file or directory in phar:///config/www/nextcloud/updater/updater.phar/lib/Updater.php on line 658
PHP Fatal error:  require(): Failed opening required '/config/www/nextcloud/updater/../version.php' (include_path='.:/usr/share/php7') in phar:///config/www/nextcloud/updater/updater.phar/lib/Updater.php on line 658

After aborting the update, I am unable to access NC at all, the webui shows Update in process.

I have tried to run sudo -u abc php /config/www/nextcloud/occ maintenance:repair, but it seems I have no directory call occ in /config/www/nextcloud, so something has gone very awry.

Any suggestions, if not for the upgrade, at least to get me back up and running on the older version?

Link to comment
2 minutes ago, Boyturtle said:

I am having a problem upgrading to v20.04, it would not work from with the webui. I then tried to run the sudo -u abc php updater.phar  from the /config/www/nextcloud/updater/ folder but I get to item 6, Extracting and it fails giving me the following error

After aborting the update, I am unable to access NC at all, the webui shows Update in process.

I have tried to run sudo -u abc php /config/www/nextcloud/occ maintenance:repair, but it seems I have no directory call occ in /config/www/nextcloud, so something has gone very awry.

Any suggestions, if not for the upgrade, at least to get me back up and running on the older version?

try running "occ maintenance:repair" or "updater.phar" depending on what you want.
In this docker you dont need the sudo part.

Link to comment
2 minutes ago, skois said:

try running "occ maintenance:repair" or "updater.phar" depending on what you want.
In this docker you dont need the sudo part.

Apologies, I should have said that I have done this already and I get the same outcome.

Could not open input file: /config/www/nextcloud/occ as it is totally missing: Contents of /config/www/nextcloud are only

drwxrwxr-x 1 abc abc 284 Dec 17 18:12 apps
drwxrwxr-x 1 abc abc  64 Dec 17 18:12 config
-rw-rw-r-- 1 abc abc  57 Dec 17 18:12 index.php
-rw-rw-r-- 1 abc abc  57 Dec 17 18:12 public.php
-rw-rw-r-- 1 abc abc  57 Dec 17 18:12 remote.php
-rw-rw-r-- 1 abc abc  57 Dec 17 18:12 status.php
drwxrwxr-x 1 abc abc   0 Dec 17 18:12 themes
drwxrwxr-x 1 abc abc  42 Feb 12  2020 updater

 

I've run the find command and I can't find folder /occ anywhere in the docker

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.