Scripted installation of Nextcloud 28 in iocage jail 2018-03-23

[Dave-g08]

Has anyone had any luck setting this up behind a reverse proxy (I'm using Nginx proxy manager)? I've search the thread and found it referenced but no definitive answer.
I ran the script with NO_CERT using the nextcloud jail IP as the hostname, which worked and I could access nextcloud from the IP. With the proxy set up I either get a 'too many redirects' error, or a blank page loads. I think I need edit the caddy file but am unsure what is needed. Any help would be greatly appreciated.

Here is my config.php

Code:

<?php
$CONFIG = array (
  'passwordsalt' => 'abc123',
  'secret' => 'abc123',
  'trusted_domains' =>
  array (
    0 => 'localhost',
    1 => 'nextcloud local IP',
    2 => 'reverse proxy local IP',
    3 => 'cloud.fqdn.com',
  ),
  'datadirectory' => '/mnt/files',
  'dbtype' => 'mysql',
  'version' => '22.2.0.2',
  'overwrite.cli.url' => 'https://cloud.fqdn.com/',
  'forwarded_for_headers' => 'HTTP_X_FORWARDED_FOR',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost:/tmp/mysql.sock',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => 'abc123',
  'installed' => true,
  'instanceid' => 'ocwk5qcyzdxm',
  'logtimezone' => 'Europe/London',
  'default_phone_region' => 'GB',
  'log_type' => 'file',
  'logfile' => '/var/log/nextcloud/nextcloud.log',
  'loglevel' => '2',
  'logrotate_size' => '104847600',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'redis' =>
  array (
    'host' => '/var/run/redis/redis.sock',
    'port' => 0,
  ),
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'overwritehost' => 'cloud.fqdn.com',
  'overwriteprotocol' => 'https',
  'overwriteconaddr' => 'reverse proxy local IP'
  'htaccess.RewriteBase' => '/',
  'trusted_proxies' => 'reverse proxy local IP',
  'updater.secret' => 'abc123.',
  'maintenance' => false,
  'theme' => '',
);

and my caddyfile

Code:

{
    # debug
}

192.168.1.x:80 {
    root * /usr/local/www/nextcloud
    file_server
    log {
        output file /var/log/192.168.1.x.log
        format single_field common_log
    }

    php_fastcgi 127.0.0.1:9000 {
        env front_controller_active true
    }

    # client support (e.g. os x calendar / contacts)
    redir /.well-known/carddav /remote.php/dav 301
    redir /.well-known/caldav /remote.php/dav 301
    redir /.well-known/webfinger /index.php/.well-known/webfinger 301
    redir /.well-known/nodeinfo /index.php/.well-known/nodeinfo 301

    # .htaccess / data / config / ... shouldn't be accessible from outside
    @forbidden {
        path /.htaccess
        path /data/*
        path /config/*
        path /db_structure
        path /.xml
        path /README
        path /3rdparty/*
        path /lib/*
        path /templates/*
        path /occ
        path /console.php
    }

    respond @forbidden 404
}

 

[Basil Hendroff]

Has anyone had any luck setting this up behind a reverse proxy

Yes, it does work behind an RP. I use a Caddy RP, but any RP should work. Work through step 1 of Nextcloud and OnlyOffice Integration. If step 2 fails, the issue will be with the RP configuration.

 

[Aephir]

Has anyone had any luck setting this up behind a reverse proxy (I'm using Nginx proxy manager)?

Yes, that's how I'm running. That is, I have nginx on a different machine serving all my services to the world. I didn't (manually) edit the Caddyfile at any point, but I did have to make a few changes to the config.php to get things up and running. Here's mine:

Code:

<?php
$CONFIG = array (
  'passwordsalt' => 'REDACTED',
  'secret' => 'REDACTED',
  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 => 'MY_FQDN',
    2 => '10.0.10.21',
    3 => '10.0.10.61',
  ),
  'trusted_proxies' => 
  array (
    0 => '10.0.30.21',
  ),
  'datadirectory' => '/mnt/files',
  'dbtype' => 'mysql',
  'version' => '22.2.0.2',
  'overwrite.cli.url' => 'https://MY_FQDN',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost:/tmp/mysql.sock',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => 'REDACTED',
  'installed' => true,
  'instanceid' => 'REDACTED',
  'logtimezone' => 'REDACTED',
  'default_phone_region' => 'REDACTED',
  'log_type' => 'file',
  'logfile' => '/var/log/nextcloud/nextcloud.log',
  'loglevel' => '2',
  'logrotate_size' => '104847600',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'updater.secret' => 'REDACTED',
  'maintenance' => false,
);

(I have a few more things in there, but that's stuff like two factor, mail, etc., not something that should be relevant for setting this up behind nginx).

10.0.10.21 is the machine that runs nginx (and a few other things, that's why it's not only under "trusted_proxies"). 10.0.10.61 is another machine (VM) unrelated to nginx setup. The 'overwrite.cli.url' => 'https://MY_FQDN', is one I remember having to set in order to connect with my macOS client, can't remember if I had any access without it.

As Basil said, it might also be an nginx issue. Here's my config (I haven't changed the included ssl.conf and proxy.con from the default generated from Linuxserver/swag docker container):

Code:

server {
        listen 443 ssl;

        add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;

        root /config/www;
        index index.html index.htm index.php;

        server_name MY_FQDN;

        include /config/nginx/ssl.conf;

        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        client_max_body_size 0;

        location / {
                include /config/nginx/proxy.conf;
                proxy_pass http://10.0.30.67;
        }

        location /.well-known/carddav {
            return 301 $scheme://$host/remote.php/dav;
        }

        location /.well-known/caldav {
            return 301 $scheme://$host/remote.php/dav;
        }
}

where 10.0.30.67 is the nextcloud jail.

 

[Dave-g08]

Thanks Basil and Aephir for your help. I reran the script using the FQDN, rather than the IP and all works fine. Think it must have been the initial set up of the caddyfile

 

[InGenetic]

hi all ,
did anyone here ever get error 502 Bad Gateway , sometimes when try to access nextcloud site on jail freenas ?
because i often get error 502 Bad Gateway , dunno why it's happening ?

please kindly anyone can help me, have to solve the problem ?
usually if i get the error 502 Bad Gateway , i do "restart" my nextcloud from restart menu inside "jail".

Thank you

 

[Patrick M. Hausen]

You need to look at the error log of the web server inside your jail ...

 

[InGenetic]

You need to look at the error log of the web server inside your jail ...

Hi mr. Patrick,

where's the location of the log file ?
is it the logging menu on nextcloud settings menu ?

Thanks n regards,

 

[Patrick M. Hausen]

No, it's in the shell when you log on to the Nextcloud jail via SSH.
What webserver are you using? Nginx? Caddy? Apache?

 

[InGenetic]

No, it's in the shell when you log on to the Nextcloud jail via SSH.
What webserver are you using? Nginx? Caddy? Apache?

i think it's caddy , i follow all guidance here from mr.danb35 his my mentor :) , please correct me if i am wrong sir ,

where i can find the log file ?

Thanks n regards,

 

[Patrick M. Hausen]

I don't run caddy, but it's probably somewhere in /var/log ...
Nginx for example logs to /var/log/nginx/access.log and /var/log/nginx/error.log - the latter is relevant when facing a 502 or similar.

If you cannot find it, you will find what is configured somewhere at /usr/local/etc/caddy...something.

HTH,
Patrick

 

[Aephir]

i think it's caddy

If you "just" used the script following the guidelines outlined here, then it would be Caddy (assuming you are not running the jail like me as "local only" behind e.g. nginx). And if so, the log (Caddy only makes one, as far as I'm aware) would be at /var/log/caddy/caddy.log inside the jail.

Try accessing your Nextcloud both with the local IP (you might need to edit /usr/local/www/nextcloud/config/cofig.php to add local IPs to trusted_domain), and the FQDN you specified in the nextcloud-config file you made before installing.

 

[InGenetic]

I don't run caddy, but it's probably somewhere in /var/log ...
Nginx for example logs to /var/log/nginx/access.log and /var/log/nginx/error.log - the latter is relevant when facing a 502 or similar.

If you cannot find it, you will find what is configured somewhere at /usr/local/etc/caddy...something.

HTH,
Patrick

Hi Mr. Patrick,

till now , my nextcloud have not getting error anymore, because , i always reboot the server every 2-3 days (i did this to prevent all user complaining me because they can not access to nextcloud), it will happening if dont restart for almost 1 week or , after someone upload the big file or a lot of file to my nextcloud ,

actually , what usually can cause that problem ? is it caddy ? if caddy , what must i have to do ? beside restarting the server machine ?

Please advice

Regards

 

[Patrick M. Hausen]

There us nothibg that "usually causes this problem". You need to look at the log files to determine what causes your problem.

 

[Lcs_26]

Hi, I did the Nextcloud install with @danb35 script, everything went great, but in the nextcloud config page, when you need to login for the first time, it returns me this error: Error while trying to create admin user: Failed to connect to the database: An exception occurred in the driver: SQLSTATE[HY000] [2002] No such file or directory

I think the problem has to do with the database name, I'm trying "nextcloud", as I couldn't find anywhere where the db name was mentioned, just the username and password. I'm new to all this so I might have missed something.

 

[danb35]

I think the problem has to do with the database name

No, the problem has nothing to do with the database name. If it's asking you that, something went very badly wrong when the script ran--at a minimum, the command to complete the nextcloud installation failed, but there's likely an underlying reason for that. Try looking through the output of the script (if you ran it as I recommend in the README, it will all be saved in nextcloud.log) for errors.

 

[Lcs_26]

Ok, I think this might have something to do with my problem:


ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/my>
Command: mysql -e CREATE DATABASE nextcloud; failed!
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/my>
Command: mysql -e GRANT ALL ON nextcloud.* TO nextcloud@localhost IDENTIFIED BY>
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/my>
Command: mysql -e DELETE FROM mysql.user WHERE User=''; failed!
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/my>
Command: mysql -e DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('lo>
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/my>
Command: mysql -e DROP DATABASE IF EXISTS test; failed!
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/my>
Command: mysql -e DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'; failed!
^Gmysqladmin: connect to server at 'localhost' failed
error: 'Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2>
Check that mysqld is running and that the socket: '/tmp/mysql.sock' exists!

I don't know, I don't see anything else that seems broken, though it might be just my limited knowledge.

BTW: in the config file before installing, I changed NC version to 22, while the script dafaulted to 21, I don't know if that could have something to do with this problems

 

[Lcs_26]

I´m trying to do a clean reinstall, I deleted the jail, the freenas-iocage-nextcloud dir, and the datasets, but when redoing it says: Reinstall detected, skipping generation of new config and database. How do I do a clean uninstall so I can try installing again?

 

[InGenetic]

There us nothibg that "usually causes this problem". You need to look at the log files to determine what causes your problem.

Hi Mr. Patrick,

ok noted, i will post the error if 502 gateway any more, yesterday i've just upgrade the server ram , from 16GB to 32GB , i hope it can solve the problem , if not , i will post here again and need more advice from ppl here.

Really thanks for the reply.

Regards,

 

[Pctravel]

@danb35 Morning, I have a quick question for your script. I installed over a year ago and worked great. At some point I can no longer access Nextcloud locally or through my website. I checked my website an it is still active, ios app also doesn't see the version running in my jail. I can ping it from my local network (the jail IP), and login to the jail shell fine. I just updated to Truenas from freenas and everything looks to be working. I was thinking of just rerunning the script. To do that do I need to rename my picture folder and after install copy and paste them back into nextcloud folder through the interface? or can I just rerun the script with the folders already populated?

 

[danb35]

can I just rerun the script with the folders already populated?

You should be able to--from what I can see in the git history, the "reinstall" logic was added to the script 2+ years ago.