Scripted installation of Nextcloud 28 in iocage jail 2018-03-23

[Thoni]

Hello.
I have now (again) started to use this script. I want to use a standalone cert from LetsEncrypt, but without releasing ports 80 and 443.
I plan to release the ports in the router during the renewal phase and, when this is completed, to redirect the ports back to my chosen ones.
The question is: How can this process (the renewal) be initiated manually?

 

[Hidyman]

Could you add a way to change the "jail" name?
I wanted to keep my old nextcloud jail, but the script would have none of that.

 

[Basil Hendroff]

Could you add a way to change the "jail" name?
I wanted to keep my old nextcloud jail, but the script would have none of that.

Use the config option JAIL_NAME, which defaults to nextcloud.

 

[danb35]

How can this process (the renewal) be initiated manually?

AFAIK, it can't. It's directly managed by the webserver (Caddy), and I'm not aware of any manual controls to do this.

 

[xames]

I updated the nextcloud over admin on gui, but now it show me maintenance mode in browser, how i can resolve?
Thanks.

 

[NasKar]

I updated the nextcloud over admin on gui, but now it show me maintenance mode in browser, how i can resolve?
Thanks.

SSH into the jail and enter the command

Code:

su -m www -c 'php /usr/local/www/nextcloud/occ maintenance:mode --off'

 

[xames]

Thanks, work fine, but now in admin page says that:

Hay varios avisos relativos a su configuración.

• A la base de datos le faltan algunos índices. Debido al hecho de que añadir índices en tablas grandes puede llevar cierto tiempo, no se han añadido automáticamente. Se pueden añadir manualmente dichos índices perdidos mientras la instancia sigue funcionando si se ejecuta "occ db:add-missing-indices". Una vez se han añadido los índices, las consultas a esas tablas suelen ser mucho más rápidas.
  • Índice perdido "properties_path_index" en la tabla "oc_properties".
• A la base de datos le faltan algunas columnas opcionales. Debido a que agregar columnas en tablas grandes podría llevar mucho tiempo, no se agregaron automáticamente cuando podían eran opcionales. Al ejecutar "occ db:add-missing-columns", esas columnas faltantes se pueden agregar manualmente mientras la instancia sigue ejecutándose. Una vez que se agregen las columnas, algunas características pueden mejorar su capacidad de respuesta o la usabilidad.
  • Falta la columna opcional "reference_id" en la tabla "oc_comments".

Por favor, vuelve a consultar las guías de instalación ↗, y comprueba posibles errores y advertencias en el registro.

Compruebe la seguridad de su Nextcloud mediante nuestro escaneo de seguridad ↗.

 

[xames]

you have to run the command as your webserver user.
E.g: sudo -u www-data php /path/to/nextcloud/occ db:add-missing-indices

how the good commands on freenas?

su -m www -c 'php /usr/local/www/nextcloud/occ db:add-missing-indices'

 

[xames]

Now this "occ db:add-missing-columns", any solutions?

Hay varios avisos relativos a su configuración.

• A la base de datos le faltan algunas columnas opcionales. Debido a que agregar columnas en tablas grandes podría llevar mucho tiempo, no se agregaron automáticamente cuando podían eran opcionales. Al ejecutar "occ db:add-missing-columns", esas columnas faltantes se pueden agregar manualmente mientras la instancia sigue ejecutándose. Una vez que se agregen las columnas, algunas características pueden mejorar su capacidad de respuesta o la usabilidad.
  • Falta la columna opcional "reference_id" en la tabla "oc_comments".

Por favor, vuelve a consultar las guías de instalación ↗, y comprueba posibles errores y advertencias en el registro.

Compruebe la seguridad de su Nextcloud mediante nuestro escaneo de seguridad ↗.

 

[Patrick M. Hausen]

Now this "occ db:add-missing-columns", any solutions?

What is your problem?
That would be su -m www -c 'php /usr/local/www/nextcloud/occ db:add-missing-columns' just like every other occ command on a FreeBSD pkg based installation. Unfortunately I cannot read your Castellano (?) so I am just guessing.

 

[xames]

ok i try this command. Works fine. Thanks.

 

[Patrick M. Hausen]

ok i try this command. Works fine. Thanks.

Whenever you find some instruction reading occ something ... replace with su -m www -c 'php /usr/local/www/nextcloud/occ something ...'. Always the same.

 

[Pancackewaffle]

I installed this script way back when it was NC v15 or something like that. There was the initial section that said to install without using LetsEncrypt and then run a couple commands to enable LetsEncrypt... I went back to this and that section was gone :( that's alright, not trying to impress anyone except me.

I am however updating/upgrading all of my server stuff lately now (upgraded FreeNAS to 12.0, upgraded all jails to 12.0/12.1, upgraded all plugins and software). Then there is the NextCloud jail that allows automatic updates although cannot get past version 19 because PHP 7.2 is not supported by version 20.

Is there an easy way to upgrade from 7.2 to 7.3/7.4 (whatever would be the most beneficial)? I tried following this thread (https://www.truenas.com/community/threads/updating-php-in-nextcloud-jail.80784/) although it is not dumbed down enough for me to punch in any commands. I made a txt file that has the list of the output for "pkg info" and all php72 packages are listed there but I do not know how to make this easy, I.e. One command to delete all php72 packages and another command to install all php74 packages.

Any help would be much appreciated.

 

[G8One2]

I installed this script way back when it was NC v15 or something like that. There was the initial section that said to install without using LetsEncrypt and then run a couple commands to enable LetsEncrypt... I went back to this and that section was gone :( that's alright, not trying to impress anyone except me.

I am however updating/upgrading all of my server stuff lately now (upgraded FreeNAS to 12.0, upgraded all jails to 12.0/12.1, upgraded all plugins and software). Then there is the NextCloud jail that allows automatic updates although cannot get past version 19 because PHP 7.2 is not supported by version 20.

Is there an easy way to upgrade from 7.2 to 7.3/7.4 (whatever would be the most beneficial)? I tried following this thread (https://www.truenas.com/community/threads/updating-php-in-nextcloud-jail.80784/) although it is not dumbed down enough for me to punch in any commands. I made a txt file that has the list of the output for "pkg info" and all php72 packages are listed there but I do not know how to make this easy, I.e. One command to delete all php72 packages and another command to install all php74 packages.

Any help would be much appreciated.

This thread may be helpful.... https://www.truenas.com/community/threads/updating-php-in-nextcloud-jail.80784/#post-560130

 

[wavesswe]

I used tris script a couple of moths ago and it had worked really well. I did it with Duckdns and SSL.

Now my homelab has grown and I would like to put it under my nginx reverseproxy that built up and have running with other servers. But I can’t figure out how to access it with local IP and allow my reverse proxy to access. I have never fiddled with Caddy before and it seams the the Caddy info is for a newer version than what mine is built on.

is this possible? I can’t access the local ip or via the reverse proxy.

all help and guidens is highly appreciated!

 

[xames]

I have version 19.0.5, can we upgrade to new 20 version or not yet? and how.

 

[Darcon11]

Hi,

first thank you for putting effort in creating such a wonderful script. This saves a lot of trouble for noob user (like me). Although I'm experiencing issue with I think proper caddy settings. I've tried installation several times from scratch and always caddy.log shows similar issue. Don't know if this is important but pinging my subdomain returns IP address (from Cloudflare) with good response time.
Thanks in advance for any help.

Below is what log is showing:

{"level":"info","ts":1607447105.1510344,"logger":"tls.obtain","msg":"acquiring lock","identifier":"nextcloud.xxxxxxxx.com"}
{"level":"info","ts":1607447105.1512468,"logger":"tls.obtain","msg":"lock acquired","identifier":"nextcloud.xxxxxxxx.com"}
{"level":"info","ts":1607447105.1616662,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["nextcloud.xxxxxxxx.com"]}
{"level":"info","ts":1607447105.1616912,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["nextcloud.xxxxxxxx.com"]}
{"level":"info","ts":1607447111.354722,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1607447111.3637018,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for nextcloud.xxxxxxxx.com (probably OK if presenting failed)"}
{"level":"error","ts":1607447111.9554074,"logger":"tls.obtain","msg":"will retry","error":"[nextcloud.xxxxxxxx.com] Obtain: [nextcloud.xxxxxxxx.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.nextcloud.xxxxxxxx.com\": unexpected response code 'SERVFAIL' for _acme-challenge.nextcloud.xxxxxxxx.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17002462/198719121) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":1,"retrying_in":60,"elapsed":6.804145879,"max_duration":2592000}
{"level":"info","ts":1607447172.9871175,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1607447172.9945846,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for nextcloud.xxxxxxxx.com (probably OK if presenting failed)"}
{"level":"error","ts":1607447173.1735477,"logger":"tls.obtain","msg":"will retry","error":"[nextcloud.xxxxxxxx.com] Obtain: [nextcloud.xxxxxxxx.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.nextcloud.xxxxxxxx.com\": unexpected response code 'SERVFAIL' for _acme-challenge.nextcloud.xxxxxxxx.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17002462/198719475) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":2,"retrying_in":120,"elapsed":68.022286307,"max_duration":2592000}
{"level":"info","ts":1607447294.8404133,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1607447294.847765,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for nextcloud.xxxxxxxx.com (probably OK if presenting failed)"}
{"level":"error","ts":1607447295.5622807,"logger":"tls.obtain","msg":"will retry","error":"[nextcloud.xxxxxxxx.com] Obtain: [nextcloud.xxxxxxxx.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.nextcloud.xxxxxxxx.com\": unexpected response code 'SERVFAIL' for _acme-challenge.nextcloud.xxxxxxxx.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17002462/198720268) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":3,"retrying_in":120,"elapsed":190.411019535,"max_duration":2592000}
{"level":"info","ts":1607447423.4674728,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1607447423.4764502,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for nextcloud.xxxxxxxx.com (probably OK if presenting failed)"}
{"level":"error","ts":1607447424.624118,"logger":"tls.obtain","msg":"will retry","error":"[nextcloud.xxxxxxxx.com] Obtain: [nextcloud.xxxxxxxx.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.nextcloud.xxxxxxxx.com\": unexpected response code 'SERVFAIL' for _acme-challenge.nextcloud.xxxxxxxx.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17002462/198720989) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":4,"retrying_in":300,"elapsed":319.472856884,"max_duration":2592000}
{"level":"info","ts":1607447726.9597428,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1607447726.966326,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for nextcloud.xxxxxxxx.com (probably OK if presenting failed)"}
{"level":"error","ts":1607447727.569134,"logger":"tls.obtain","msg":"will retry","error":"[nextcloud.xxxxxxxx.com] Obtain: [nextcloud.xxxxxxxx.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.nextcloud.xxxxxxxx.com\": unexpected response code 'SERVFAIL' for _acme-challenge.nextcloud.xxxxxxxx.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17002462/198722636) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":5,"retrying_in":600,"elapsed":622.417872966,"max_duration":2592000}

 

[xames]

Please edit that and put inside quotes please.

 

[Darcon11]

Hey,

That's odd but I cannot edit my own post.... Anyway I'm guessing that you meant to quote lines from my caddy.log.

Well I'll edit previous one or delete when there will be an option so it will not mess up forum page.

{"level":"info","ts":1607447105.1510344,"logger":"tls.obtain","msg":"acquiring lock","identifier":"nextcloud.xxxxxxxx.com"}
{"level":"info","ts":1607447105.1512468,"logger":"tls.obtain","msg":"lock acquired","identifier":"nextcloud.xxxxxxxx.com"}
{"level":"info","ts":1607447105.1616662,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["nextcloud.xxxxxxxx.com"]}
{"level":"info","ts":1607447105.1616912,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["nextcloud.xxxxxxxx.com"]}
{"level":"info","ts":1607447111.354722,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1607447111.3637018,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for nextcloud.xxxxxxxx.com (probably OK if presenting failed)"}
{"level":"error","ts":1607447111.9554074,"logger":"tls.obtain","msg":"will retry","error":"[nextcloud.xxxxxxxx.com] Obtain: [nextcloud.xxxxxxxx.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.nextcloud.xxxxxxxx.com\": unexpected response code 'SERVFAIL' for _acme-challenge.nextcloud.xxxxxxxx.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17002462/198719121) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":1,"retrying_in":60,"elapsed":6.804145879,"max_duration":2592000}
{"level":"info","ts":1607447172.9871175,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1607447172.9945846,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for nextcloud.xxxxxxxx.com (probably OK if presenting failed)"}
{"level":"error","ts":1607447173.1735477,"logger":"tls.obtain","msg":"will retry","error":"[nextcloud.xxxxxxxx.com] Obtain: [nextcloud.xxxxxxxx.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.nextcloud.xxxxxxxx.com\": unexpected response code 'SERVFAIL' for _acme-challenge.nextcloud.xxxxxxxx.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17002462/198719475) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":2,"retrying_in":120,"elapsed":68.022286307,"max_duration":2592000}
{"level":"info","ts":1607447294.8404133,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1607447294.847765,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for nextcloud.xxxxxxxx.com (probably OK if presenting failed)"}
{"level":"error","ts":1607447295.5622807,"logger":"tls.obtain","msg":"will retry","error":"[nextcloud.xxxxxxxx.com] Obtain: [nextcloud.xxxxxxxx.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.nextcloud.xxxxxxxx.com\": unexpected response code 'SERVFAIL' for _acme-challenge.nextcloud.xxxxxxxx.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17002462/198720268) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":3,"retrying_in":120,"elapsed":190.411019535,"max_duration":2592000}
{"level":"info","ts":1607447423.4674728,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1607447423.4764502,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for nextcloud.xxxxxxxx.com (probably OK if presenting failed)"}
{"level":"error","ts":1607447424.624118,"logger":"tls.obtain","msg":"will retry","error":"[nextcloud.xxxxxxxx.com] Obtain: [nextcloud.xxxxxxxx.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.nextcloud.xxxxxxxx.com\": unexpected response code 'SERVFAIL' for _acme-challenge.nextcloud.xxxxxxxx.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17002462/198720989) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":4,"retrying_in":300,"elapsed":319.472856884,"max_duration":2592000}
{"level":"info","ts":1607447726.9597428,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1607447726.966326,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for nextcloud.xxxxxxxx.com (probably OK if presenting failed)"}
{"level":"error","ts":1607447727.569134,"logger":"tls.obtain","msg":"will retry","error":"[nextcloud.xxxxxxxx.com] Obtain: [nextcloud.xxxxxxxx.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.nextcloud.xxxxxxxx.com\": unexpected response code 'SERVFAIL' for _acme-challenge.nextcloud.xxxxxxxx.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17002462/198722636) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":5,"retrying_in":600,"elapsed":622.417872966,"max_duration":2592000}

 

[Darcon11]

Hey,

That's odd but I cannot edit my own post.... Anyway I'm guessing that you meant to quote lines from my caddy.log.

Well I'll edit previous one or delete when there will be an option so it will not mess up forum page.

Did a little bit of more research and looks like nextcloud web server is not working. Nextcloud.logs are empty and here's return of curl for localhost:

Code:

root@nextcloud:/mnt/files # curl -v localhost:9000
*   Trying ::1:9000...
* connect to ::1 port 9000 failed: Connection refused
*   Trying 127.0.0.1:9000...
* Connected to localhost (127.0.0.1) port 9000 (#0)
> GET / HTTP/1.1
> Host: localhost:9000
> User-Agent: curl/7.72.0
> Accept: */*
> 
* Empty reply from server
* Connection #0 to host localhost left intact
curl: (52) Empty reply from server

Any help would be much appreciated.