Scripted installation of Nextcloud 28 in iocage jail 2018-03-23

[xiSlickix]

There's a PR that addresses this, and one user has reported it fixed the problem. I'd like to see a couple of tweaks before I merge it, but you can give it a try.

I made the suggested modifications to the nextcloud-jail.sh script, still bombing on the missing asc file. This was with a brand new jail as well. I can also see the "PGP_KEYSERVER=pgpkeys.eu" etc. in the log output. I can raise the issue over in GitHub if that is more appropriate.

I stand corrected! I missed a part of the config change. I was able to get past the asc error. The log output complains about the gpg key, but the script finished successfully.

 

[xiSlickix]

I'm trying to update an older install that hasn't been updated in a while (version 23). I stopped the jail and took recursive snapshots of the entire system before I started down this path. The directory structure is the script default (nextcloud + 4 subdirectories).

The first update via the gui is getting hung up at "Delete old files" section, which probably indicates that user 'www' doesn't have access it should somewhere. Can someone point in the right direction of which log(s) I should be looking in? I see entries in /var/log/ from earlier today when I attempted the update.

Thanks

 

[victort]

That is where the logs are stored.

You might try to see who the owner is of the nextcloud dataset and its sub-datasets by ls -la It should be www:www for all but the db dataset, which is 88:88

 

[xiSlickix]

That is where the logs are stored.

You might try to see who the owner is of the nextcloud dataset and its sub-datasets by ls -la It should be www:www for all but the db dataset, which is 88:88

root@nextcloud:/var/db # ls -la | grep mysql drwxr-xr-x 5 mysql mysql 17 Dec 16 20:30 mysql root@nextcloud:/var/db # pwd /var/db

so are you saying the owner of mysql should be www?

 

[victort]

root@nextcloud:/var/db # ls -la | grep mysql drwxr-xr-x 5 mysql mysql 17 Dec 16 20:30 mysql root@nextcloud:/var/db # pwd /var/db

so are you saying the owner of mysql should be www?

The command would be run from the host, not the jail.

 

[xiSlickix]

The command would be run from the host, not the jail.

Just to be clear, the failing to "Delete old files" is happening within the Nextcloud update gui. Is that still indicative of errors in directory ownership on the TrueNAS host?

 

[victort]

Just to be clear, the failing to "Delete old files" is happening within the Nextcloud update gui. Is that still indicative of errors in directory ownership on the TrueNAS host?

It could be because the files are still mounted outside the jail.

 

[xiSlickix]

It could be because the files are still mounted outside the jail.

root@truenas[/mnt/Rotational/nextcloud]# ls -la total 61 drwxr-xr-x 7 root wheel 7 Dec 17 2021 . drwxr-xr-x 11 root wheel 11 Dec 16 20:10 .. drwxr-xr-x 2 www www 7 Dec 20 2021 config drwxr-xr-x 3 88 88 3 Dec 17 2021 db drwxrwx--- 22 www www 27 Dec 17 07:17 files drwxr-xr-x 4 root wheel 10 Dec 17 2021 freenas-iocage-nextcloud drwxr-xr-x 3 www www 4 Dec 17 2021 themes

 

[victort]

root@truenas[/mnt/Rotational/nextcloud]# ls -la total 61 drwxr-xr-x 7 root wheel 7 Dec 17 2021 . drwxr-xr-x 11 root wheel 11 Dec 16 20:10 .. drwxr-xr-x 2 www www 7 Dec 20 2021 config drwxr-xr-x 3 88 88 3 Dec 17 2021 db drwxrwx--- 22 www www 27 Dec 17 07:17 files drwxr-xr-x 4 root wheel 10 Dec 17 2021 freenas-iocage-nextcloud drwxr-xr-x 3 www www 4 Dec 17 2021 themes

This looks correct. Have you checked the nextcloud forums? Perhaps they will have a solution.

 

[xiSlickix]

This looks correct. Have you checked the nextcloud forums? Perhaps they will have a solution.

The update log was in /mnt/files (updater.log)

2023-12-17T10:18:26-0500 Dwsw4UHkc6 [info] currentStep() 2023-12-17T10:18:26-0500 Dwsw4UHkc6 [info] Step 8 is in state "end". 2023-12-17T10:18:26-0500 Dwsw4UHkc6 [info] POST request for step "9" 2023-12-17T10:18:26-0500 Dwsw4UHkc6 [info] startStep("9") 2023-12-17T10:18:26-0500 Dwsw4UHkc6 [info] deleteOldFiles() 2023-12-17T10:18:27-0500 Dwsw4UHkc6 [error] POST request failed with other exception 2023-12-17T10:18:27-0500 Dwsw4UHkc6 [error] Exception: Exception Message: Could not rmdir /usr/local/www/nextcloud/updater/../apps/user_ldap Code:0 Trace: #0 /usr/local/www/nextcloud/updater/index.php(939): Updater->recursiveDelete('/usr/local/w ww/...') #1 /usr/local/www/nextcloud/updater/index.php(1385): Updater->deleteOldFiles() #2 {main} File:/usr/local/www/nextcloud/updater/index.php Line:911 2023-12-17T10:18:27-0500 Dwsw4UHkc6 [info] rollbackChanges("9") 2023-12-17T10:18:27-0500 Dwsw4UHkc6 [info] unlink .step 2023-12-17T10:18:27-0500 Dwsw4UHkc6 [info] rollbackChanges - step >= 7 2023-12-17T10:18:27-0500 Dwsw4UHkc6 [info] end of rollbackChanges() 2023-12-17T10:22:20-0500 hu2cciTEyV [info] request to updater 2023-12-17T10:22:20-0500 hu2cciTEyV [info] currentStep() 2023-12-17T10:22:20-0500 hu2cciTEyV [info] POST request for step "9" 2023-12-17T10:22:21-0500 hu2cciTEyV [info] startStep("9") 2023-12-17T10:22:21-0500 hu2cciTEyV [info] deleteOldFiles() 2023-12-17T10:22:21-0500 hu2cciTEyV [error] POST request failed with other exception 2023-12-17T10:22:21-0500 hu2cciTEyV [error] Exception: Exception Message: Could not rmdir /usr/local/www/nextcloud/updater/../apps/user_ldap Code:0 Trace: #0 /usr/local/www/nextcloud/updater/index.php(939): Updater->recursiveDelete('/usr/local/w ww/...') #1 /usr/local/www/nextcloud/updater/index.php(1385): Updater->deleteOldFiles() #2 {main} File:/usr/local/www/nextcloud/updater/index.php Line:911

So, clearly something is not owned correctly in that directory. And to be clear, I had to recover this install from a previous failed update, and clearly took ownership of something as root that I should not have. "Oops".

root@nextcloud:/usr/local/www/nextcloud/apps/user_ldap # ls -altrh total 37 drwxr-xr-x 2 root www 9B Dec 19 2021 ajax-bkp drwxr-xr-x 2 root www 9B Dec 19 2021 ajax-modified drwxr-xr-x 14 www www 14B Dec 17 07:18 .. drwxr-xr-x 4 www www 4B Dec 17 07:18 . root@nextcloud:/usr/local/www/nextcloud/apps/user_ldap # root@nextcloud:/usr/local/www/nextcloud/apps/user_ldap # chown -R www ./ajax-bkp/ root@nextcloud:/usr/local/www/nextcloud/apps/user_ldap # chown -R www ./ajax-modified/ root@nextcloud:/usr/local/www/nextcloud/apps/user_ldap # root@nextcloud:/usr/local/www/nextcloud/apps/user_ldap # ls -altrh total 37 drwxr-xr-x 2 www www 9B Dec 19 2021 ajax-bkp drwxr-xr-x 2 www www 9B Dec 19 2021 ajax-modified drwxr-xr-x 14 www www 14B Dec 17 07:18 .. drwxr-xr-x 4 www www 4B Dec 17 07:18 . root@nextcloud:/usr/local/www/nextcloud/apps/user_ldap #

GUI update finished this time cleanly.

 

[GJSchaller]

Is there a way to enable IPv6 during jail creation, in the Config file? It's minor, but would be nice so I don't have to do it manually after creating the jail.

Thank you!

 

[victort]

Is there a way to enable IPv6 during jail creation, in the Config file? It's minor, but would be nice so I don't have to do it manually after creating the jail.

Thank you!

A simple ipv6=on added to the jail creation command should do it.

 

[RedPull]

Is there an easy way to update the Cloudflare 'DNS_TOKEN' after a successful install?
I tried to change it in the Caddyfile, and it won't work after a 'service caddy reload'.

 

[victort]

Is there an easy way to update the Cloudflare 'DNS_TOKEN' after a successful install?
I tried to change it in the Caddyfile, and it won't work after a 'service caddy reload'.

Yes. That’s all there is to it.
Try service caddy restart

 

[gthgth]

Hi,

Sorry if this isn't the right place, I can start a new thread if that's better...

I've been working to get Next Cloud working on TrueNAS Core and am struggling the get everything up and running. I originally tried using the plugin, and that worked for a few months and then I updated something and it broke. I'm now trying with the script created by @danb35. I'm using a domain on Cloudflare. I used the below config file:

JAIL_IP="192.168.1.199"
DEFAULT_GW_IP="192.168.1.1"
POOL_PATH-" /mnt/PoolName"
TIME_ZONE="Europe/London"
HOST_NAME= 'NAS.mydomain.com"
DNS_CERT=1
DNS_PLUGIN="cloudflare"
DNS_TOKEN- "token from cloudflare"
CERT_EMAIL-"myemail@email.com"

The script ran and received the message:

Installation complete!
Using your web browser, go to https://NAS.mydomain.com to log in Default user is admin, password is ...

When I try to go to https://NAS.mydomain.com or https://192.168.1.199 I get the message "Safari can't open the page https://192.168.1.199 because Safari can't establish as secure connection to the server 192.168.1.199" and in Chrome I get ERR_SSL_PROTOCOL_ERROR.

I tried running

iocage exec nextcloud /root/remove-staging.sh

in the jail shell in case the staging was causing a problem, but I get:

iocage: Command not found.

I've since tried adding a tunnel through Cloudflare to access the system externally and when I use https://NAS.mydomain.com I now get "Bad gateway Error code 502" with an error under Host.

I'd be grateful for any suggestions that you might have to help me get Next Cloud up and running.

 

[victort]

Hi,

Sorry if this isn't the right place, I can start a new thread if that's better...

I've been working to get Next Cloud working on TrueNAS Core and am struggling the get everything up and running. I originally tried using the plugin, and that worked for a few months and then I updated something and it broke. I'm now trying with the script created by @danb35. I'm using a domain on Cloudflare. I used the below config file:


The script ran and received the message:


When I try to go to https://NAS.mydomain.com or https://192.168.1.199 I get the message "Safari can't open the page https://192.168.1.199 because Safari can't establish as secure connection to the server 192.168.1.199" and in Chrome I get ERR_SSL_PROTOCOL_ERROR.

I tried running

in the jail shell in case the staging was causing a problem, but I get:


I've since tried adding a tunnel through Cloudflare to access the system externally and when I use https://NAS.mydomain.com I now get "Bad gateway Error code 502" with an error under Host.

I'd be grateful for any suggestions that you might have to help me get Next Cloud up and running.

Can you try to restart your jail?

If that doesn’t work, try tail /var/log/caddy/caddy.log to see if there are any obvious errors.

 

[RedPull]

Yes. That’s all there is to it.
Try service caddy restart

Okay, that works! In addition to my question, I deleted the Cloudflare account and registered again with the same email, but now it does not work anymore (due to another account ID, I might guess). How can I best fix this?

{"level":"info","ts":1703598136.05488,"msg":"using provided ig_file": "/usr/local/www/Caddyfile","config_adapter":"caddyfile"} Error: adapting config using caddyfile: parsing caddyfile tokens for 'tls': /local/www/Caddyfile:20 - Error during parsing: getting module named ers.****************************************': module not registered: ers.****************************************, import chain: [''] Error: caddy process exited with error: exit status 1

 

[victort]

Okay, that works! In addition to my question, I deleted the Cloudflare account and registered again with the same email, but now it does not work anymore (due to another account ID, I might guess). How can I best fix this?

{"level":"info","ts":1703598136.05488,"msg":"using provided ig_file": "/usr/local/www/Caddyfile","config_adapter":"caddyfile"} Error: adapting config using caddyfile: parsing caddyfile tokens for 'tls': /local/www/Caddyfile:20 - Error during parsing: getting module named ers.****************************************': module not registered: ers.****************************************, import chain: [''] Error: caddy process exited with error: exit status 1

Looks like you are missing some of the text here. Did you create a new token and enter it in the “tls” directive?

 

[RedPull]

here is what my caddyfile looks like.

Code:

{
        # debug
        #acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
        email name@domain.com
        # default_sni cloud.domain.com
}

cloud.domain.com {
        root * /usr/local/www/nextcloud
        file_server
        log {
                output file /var/log/cloud.domain.com.log
        }

        php_fastcgi 127.0.0.1:9000 {
                env front_controller_active true
        }

        tls {
                dns ******my_new_api_token******
        }

        header {
                enable HSTS
                Strict-Transport-Security max-age=31536000;
        }

        # client support (e.g. os x calendar / contacts)
        redir /.well-known/carddav /remote.php/dav 301
        redir /.well-known/caldav /remote.php/dav 301
        redir /.well-known/webfinger /index.php/.well-known/webfinger 301
        redir /.well-known/nodeinfo /index.php/.well-known/nodeinfo 301

        # .htaccess / data / config / ... shouldn't be accessible from outside
        @forbidden {
                path /.htaccess
                path /data/*
                path /config/*
                path /db_structure
                path /.xml
                path /README
                path /3rdparty/*
                path /lib/*
                path /templates/*
                path /occ
                path /console.php
        }

        respond @forbidden 404
}

Shouldn't Cloudflare be mentioned somewhere?

 

[terrorbye]

Hello, Is there a way to change my fnq after i finished installing nextcloud, for example i want to change it from truenas.xxxxx.com to nextcloud.xxxx.com