2022-07-09 18:05:55 0 [Warning] You need to use --log-bin to make --binlog-format work. 2022-07-09 18:05:55 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins 2022-07-09 18:05:55 0 [Note] InnoDB: Uses event mutexes 2022-07-09 18:05:55 0 [Note] InnoDB: Compressed tables use zlib 1.2.11 2022-07-09 18:05:55 0 [Note] InnoDB: Number of pools: 1 2022-07-09 18:05:55 0 [Note] InnoDB: Using SSE2 crc32 instructions 2022-07-09 18:05:55 0 [ERROR] mysqld: Can't create/write to file '/tmp/ib1HVp7B' (Errcode: 13 "Permission denied") 2022-07-09 18:05:55 0 [ERROR] InnoDB: Unable to create temporary file; errno: 13 2022-07-09 18:05:55 0 [ERROR] mysqld: Can't create/write to file '/tmp/ibXk0H7e' (Errcode: 13 "Permission denied") 2022-07-09 18:05:55 0 [ERROR] InnoDB: Unable to create temporary file; errno: 13 2022-07-09 18:05:55 0 [ERROR] InnoDB: Plugin initialization aborted with error Generic error 2022-07-09 18:05:55 0 [Note] InnoDB: Starting shutdown... 2022-07-09 18:05:55 0 [ERROR] Plugin 'InnoDB' init function returned error. 2022-07-09 18:05:55 0 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed. 2022-07-09 18:05:55 0 [Note] Plugin 'FEEDBACK' is disabled. 2022-07-09 18:05:55 0 [ERROR] Unknown/unsupported storage engine: InnoDB 2022-07-09 18:05:55 0 [ERROR] Aborting
JAIL_IP="192.168.2.98" DEFAULT_GW_IP="192.168.2.1" POOL_PATH="/mnt/Pool/Apps" TIME_ZONE="America/New_York" HOST_NAME="legitfqdn.com" DNS_CERT=1 DNS_PLUGIN="cloudflare" DNS_TOKEN="totallylegitimatetoken" CERT_EMAIL="me@legittfqdn.com"
root@nextcloud:~ # ll /tmp total 137512 drwxrwxrwt 2 root wheel 2 Jul 9 18:05 .font-unix/ drwxrwxrwt 2 root wheel 2 Jul 9 18:05 .ICE-unix/ drwxrwxrwt 2 root wheel 2 Jul 9 18:05 .X11-unix/ drwxrwxrwt 2 root wheel 2 Jul 9 18:05 .XIM-unix/ -rw-r--r-- 1 root wheel 140681183 Jun 20 10:51 latest-23.tar.bz2 -rw-r--r-- 1 root wheel 833 Jun 20 10:51 latest-23.tar.bz2.asc -rw-r--r-- 1 root wheel 3100 May 2 07:02 nextcloud.asc
root@nextcloud:~ # ll / total 102 -rwxr-xr-x 2 root wheel 1089 Oct 23 2020 .cshrc* -rwxr-xr-x 2 root wheel 470 Oct 23 2020 .profile* drwxr-xr-x 2 root wheel 46 Mar 22 10:30 bin/ drwxr-xr-x 10 root wheel 63 Mar 22 10:30 boot/ -rwxr-xr-x 1 root wheel 6177 Oct 23 2020 COPYRIGHT* dr-xr-xr-x 14 root wheel 512 Jul 11 10:01 dev/ drwxr-xr-x 25 root wheel 106 Jul 11 10:01 etc/ drwxr-xr-x 5 root wheel 62 Mar 22 10:30 lib/ drwxr-xr-x 3 root wheel 5 Oct 23 2020 libexec/ drwxr-xr-x 2 root wheel 2 Oct 23 2020 media/ drwxr-xr-x 4 root wheel 4 Jul 11 09:57 mnt/ drwxr-xr-x 2 root wheel 2 Oct 23 2020 net/ drwxr-xr-x 2 root wheel 2 Oct 23 2020 proc/ drwxr-xr-x 2 root wheel 150 Mar 22 10:30 rescue/ drwxr-xr-x 5 root wheel 11 Jul 11 10:01 root/ drwxr-xr-x 2 root wheel 137 Oct 31 2021 sbin/ lrwxr-xr-x 1 root wheel 11 Jan 6 2021 sys@ -> usr/src/sys drwxr-xr-x 6 root wheel 9 Jul 12 03:21 tmp/ drwxr-xr-x 14 root wheel 14 Oct 23 2020 usr/ drwxr-xr-x 25 root wheel 25 Jul 11 10:01 var/
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) Command: mysql -e CREATE DATABASE nextcloud; failed! ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) Command: mysql -e GRANT ALL ON nextcloud.* TO nextcloud@localhost IDENTIFIED BY 'NVlQi7SJkrG342kTmQAZrQ=='; failed! ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) Command: mysql -e DELETE FROM mysql.user WHERE User=''; failed! ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) Command: mysql -e DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1'); failed! ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) Command: mysql -e DROP DATABASE IF EXISTS test; failed! ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) Command: mysql -e DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'; failed! mysqladmin: connect to server at 'localhost' failed error: 'Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)' Check that mysqld is running and that the socket: '/tmp/mysql.sock' exists! Command: mysqladmin --user=root password bHHdprHIldoCV4ksMiK15Q== reload failed!
iocage console nextcloud
and look in /var/db/mysql/nextcloud.err
that's the cause of the error. chmod 1777 /var
within the jail and restarted, then checked the log. Here's the output from cat /var/db/mysql/nextcloud.err
as well as ll /var
2022-07-14 9:28:43 0 [Warning] You need to use --log-bin to make --binlog-format work. 2022-07-14 9:28:43 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins 2022-07-14 9:28:43 0 [Note] InnoDB: Uses event mutexes 2022-07-14 9:28:43 0 [Note] InnoDB: Compressed tables use zlib 1.2.11 2022-07-14 9:28:43 0 [Note] InnoDB: Number of pools: 1 2022-07-14 9:28:43 0 [Note] InnoDB: Using SSE2 crc32 instructions 2022-07-14 9:28:43 0 [ERROR] mysqld: Can't create/write to file '/tmp/ib7ffw5X' (Errcode: 13 "Permission denied") 2022-07-14 9:28:43 0 [ERROR] InnoDB: Unable to create temporary file; errno: 13 2022-07-14 9:28:43 0 [ERROR] mysqld: Can't create/write to file '/tmp/ibY2BySc' (Errcode: 13 "Permission denied") 2022-07-14 9:28:43 0 [ERROR] InnoDB: Unable to create temporary file; errno: 13 2022-07-14 9:28:43 0 [ERROR] InnoDB: Plugin initialization aborted with error Generic error 2022-07-14 9:28:43 0 [Note] InnoDB: Starting shutdown... 2022-07-14 9:28:43 0 [ERROR] Plugin 'InnoDB' init function returned error. 2022-07-14 9:28:43 0 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed. 2022-07-14 9:28:43 0 [Note] Plugin 'FEEDBACK' is disabled. 2022-07-14 9:28:43 0 [ERROR] Unknown/unsupported storage engine: InnoDB 2022-07-14 9:28:43 0 [ERROR] Aborting root@nextcloud:~ # ll / total 102 -rwxr-xr-x 2 root wheel 1089 Oct 23 2020 .cshrc* -rwxr-xr-x 2 root wheel 470 Oct 23 2020 .profile* drwxr-xr-x 2 root wheel 46 Mar 22 10:30 bin/ drwxr-xr-x 10 root wheel 63 Mar 22 10:30 boot/ -rwxr-xr-x 1 root wheel 6177 Oct 23 2020 COPYRIGHT* dr-xr-xr-x 14 root wheel 512 Jul 14 09:28 dev/ drwxr-xr-x 25 root wheel 106 Jul 14 09:28 etc/ drwxr-xr-x 5 root wheel 62 Mar 22 10:30 lib/ drwxr-xr-x 3 root wheel 5 Oct 23 2020 libexec/ drwxr-xr-x 2 root wheel 2 Oct 23 2020 media/ drwxr-xr-x 4 root wheel 4 Jul 12 18:44 mnt/ drwxr-xr-x 2 root wheel 2 Oct 23 2020 net/ drwxr-xr-x 2 root wheel 2 Oct 23 2020 proc/ drwxr-xr-x 2 root wheel 150 Mar 22 10:30 rescue/ drwxr-xr-x 5 root wheel 12 Jul 14 09:28 root/ drwxr-xr-x 2 root wheel 137 Oct 31 2021 sbin/ lrwxr-xr-x 1 root wheel 11 Jan 6 2021 sys@ -> usr/src/sys drwxr-xr-x 6 root wheel 9 Jul 14 09:28 tmp/ drwxr-xr-x 14 root wheel 14 Oct 23 2020 usr/ drwxrwxrwt 25 root wheel 25 Jul 14 09:28 var/
chmod 1777 /tmp
to see if that makes a difference. Error code: SSL_ERROR_INTERNAL_ERROR_ALERT
. I figured the issue is probably in obtaining the cert, so I found caddys log and that does seem to be the case. Before I go any further - does this script out of the box support using caddy to also manage dynamic dns for the nextcloud instance? If not, I'm thinking that might be where my issue is and I need to get that hooked up before anything else.No, that isn't part of Caddy's configuration as done by this script.does this script out of the box support using caddy to also manage dynamic dns for the nextcloud instance?
root@freenas[/usr/freenas-iocage-nextcloud]# iocage exec nextcloud cat /var/log/caddy/caddy.log
{"level":"info","ts":1657914818.9381704,"msg":"using provided configuration","config_file":"/usr/local/www/Caddyfile","config_adapter":"caddyfile"}
{"level":"info","ts":1657914818.9405901,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
{"level":"info","ts":1657914818.9407241,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0003a3e30"}
{"level":"info","ts":1657914818.940819,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
{"level":"info","ts":1657914818.9408433,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"info","ts":1657914818.9414766,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["legitfqdn.com"]}
{"level":"info","ts":1657914818.9415927,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/db/caddy/data/caddy"}
{"level":"info","ts":1657914818.9416406,"msg":"autosaved config (load with --resume flag)","file":"/var/db/caddy/config/caddy/autosave.json"}
{"level":"info","ts":1657914818.9416482,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"info","ts":1657914818.9416513,"msg":"serving initial configuration"}
Successfully started Caddy (pid=87091) - Caddy is running in the background
{"level":"info","ts":1657914818.9419012,"logger":"tls.obtain","msg":"acquiring lock","identifier":"legitfqdn.com"}
{"level":"info","ts":1657914818.9540036,"logger":"tls.obtain","msg":"lock acquired","identifier":"legitfqdn.com"}
{"level":"info","ts":1657914818.9547076,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["legitfqdn.com"],"ca":"https://acme-staging-v02.api.letsencrypt.org/directory","account":"my@email.com"}
{"level":"info","ts":1657914818.9547293,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["legitfqdn.com"],"ca":"https://acme-staging-v02.api.letsencrypt.org/directory","account":"my@email.com"}
root@freenas[/usr/freenas-iocage-nextcloud]# iocage exec nextcloud cat /var/log/caddy/caddy.log
{"level":"info","ts":1657914818.9381704,"msg":"using provided configuration","config_file":"/usr/local/www/Caddyfile","config_adapter":"caddyfile"}
{"level":"info","ts":1657914818.9405901,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
{"level":"info","ts":1657914818.9407241,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0003a3e30"}
{"level":"info","ts":1657914818.940819,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
{"level":"info","ts":1657914818.9408433,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"info","ts":1657914818.9414766,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["legitfqdn.com"]}
{"level":"info","ts":1657914818.9415927,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/db/caddy/data/caddy"}
{"level":"info","ts":1657914818.9416406,"msg":"autosaved config (load with --resume flag)","file":"/var/db/caddy/config/caddy/autosave.json"}
{"level":"info","ts":1657914818.9416482,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"info","ts":1657914818.9416513,"msg":"serving initial configuration"}
Successfully started Caddy (pid=87091) - Caddy is running in the background
{"level":"info","ts":1657914818.9419012,"logger":"tls.obtain","msg":"acquiring lock","identifier":"legitfqdn.com"}
{"level":"info","ts":1657914818.9540036,"logger":"tls.obtain","msg":"lock acquired","identifier":"legitfqdn.com"}
{"level":"info","ts":1657914818.9547076,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["legitfqdn.com"],"ca":"https://acme-staging-v02.api.letsencrypt.org/directory","account":"my@email.com"}
{"level":"info","ts":1657914818.9547293,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["legitfqdn.com"],"ca":"https://acme-staging-v02.api.letsencrypt.org/directory","account":"my@email.com"}
{"level":"info","ts":1657914824.523008,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"legitfqdn.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1657914824.6923845,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"legitfqdn.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for legitfqdn.com (probably OK if presenting failed)"}
{"level":"error","ts":1657914824.778099,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"legitfqdn.com","issuer":"acme-staging-v02.api.letsencrypt.org-directory","error":"[legitfqdn.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.legitfqdn.com\": unexpected response code 'SERVFAIL' for _acme-challenge.legitfqdn.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/60950124/3205145384) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}
{"level":"info","ts":1657914824.7784033,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["legitfqdn.com"],"ca":"https://acme-staging-v02.api.letsencrypt.org/directory","account":"my@email.com"}
{"level":"info","ts":1657914824.7784214,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["legitfqdn.com"],"ca":"https://acme-staging-v02.api.letsencrypt.org/directory","account":"my@email.com"}
{"level":"info","ts":1657914825.2626982,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"legitfqdn.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1657914825.4083707,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"legitfqdn.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for legitfqdn.com (probably OK if presenting failed)"}
{"level":"error","ts":1657914825.4902375,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"legitfqdn.com","issuer":"acme-staging-v02.api.letsencrypt.org-directory","error":"[legitfqdn.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.legitfqdn.com\": unexpected response code 'SERVFAIL' for _acme-challenge.legitfqdn.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/60950124/3205145504) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}
{"level":"error","ts":1657914825.490318,"logger":"tls.obtain","msg":"will retry","error":"[legitfqdn.com] Obtain: [legitfqdn.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.legitfqdn.com\": unexpected response code 'SERVFAIL' for _acme-challenge.legitfqdn.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/60950124/3205145504) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":1,"retrying_in":60,"elapsed":6.536283503,"max_duration":2592000}
Non-authoritative answer:
legitfqdn.com
primary name server = apollo.ns.cloudflare.com
responsible mail addr = dns.cloudflare.com
serial = 2283389409
refresh = 10000 (2 hours 46 mins 40 secs)
retry = 2400 (40 mins)
expire = 604800 (7 days)
default TTL = 3600 (1 hour)
root@nextcloud:/usr/local/www # cat Caddyfile { # debug acme_ca https://acme-staging-v02.api.letsencrypt.org/directory email me@email.com # default_sni legitfqdn.com } legitfqdn.com { root * /usr/local/www/nextcloud file_server log { output file /var/log/legitfqdn.com.log } php_fastcgi 127.0.0.1:9000 { env front_controller_active true } tls { dns cloudflare TOTALLY-MY-TOKEN } header { # enable HSTS # Strict-Transport-Security max-age=31536000; } # client support (e.g. os x calendar / contacts) redir /.well-known/carddav /remote.php/dav 301 redir /.well-known/caldav /remote.php/dav 301 redir /.well-known/webfinger /index.php/.well-known/webfinger 301 redir /.well-known/nodeinfo /index.php/.well-known/nodeinfo 301 # .htaccess / data / config / ... shouldn't be accessible from outside @forbidden { path /.htaccess path /data/* path /config/* path /db_structure path /.xml path /README path /3rdparty/* path /lib/* path /templates/* path /occ path /console.php } respond @forbidden 404 }