Scripted installation of Nextcloud 28 in iocage jail 2018-03-23

[danb35]

Actually, the change for Apache to use HTTP/2, by itself, is straightforward enough--but it means you can't use the prefork MPM, which means you can't use mod_php, which means you need to use php-fpm, which means... All of that's done in the script as it stands now though. But if iX is going to have a plugin that makes my script unnecessary, cool.

 

[NasKar]

Trying to make it simple to isolate the writing of the pkg.json file but I get a not found error. I copied the echo command from your git page.

Code:

 ./echo.sh
{"pkgs":["nano","curl","sudo","mariadb101-server","redis","php72-ctype","php72-dom","php72-gd","php72-iconv","php72-json","php72-mbstring","php72-posix","php72-simplexml","php72-xmlreader","php72-xmlwriter","php72-zip","php72-zlib","php72-pdo_mysql","php72-hash","php72-xml","php72-session","php72-mysqli","php72-wddx","php72-xsl","php72-filter","php72-curl","php72-fileinfo","php72-bz2","php72-intl","php72-openssl","php72-ldap","php72-ftp","php72-imap","php72-exif","php72-gmp","php72-memcache","php72-opcache","php72-pcntl","php72","bash","p5-Locale-gettext","help2man","texinfo","m4","autoconf","socat","git"]}
./echo.sh: {"pkgs":["nginx","mariadb101-server","redis","php70-bz2","php70-ctype","php70-curl","php70-dom","php70-exif","php70-fileinfo","php70-filter","php70-gd","php70-hash","php70-iconv","php70-intl","php70-json","php70-mbstring","php70-mcrypt"]}: not found
Please supply a valid JSON file with the format:
{
	"pkgs": [
	"foo",
	"bar"
	]
}

Code:

#!/bin/sh
echo '{"pkgs":["nano","curl","sudo","mariadb101-server","redis","php72-ctype","php72-dom","php72-gd","php72-iconv","php72-json","php72-mbstring","php72-posix","php72-simplexml","php72-xmlreader","php72-xmlwriter","php72-zip","php72-zlib","php$
> /tmp/pkg.json
iocage create -n "nextcloudS" -p /tmp/pkg.json -r 11.1-RELEASE ip4_addr="vnet0|192.168.5.92/24" defaultrouter="192.168.5.1" vnet="on" allow_raw_sockets="1" boot="on"

 

[NasKar]

The line of code is cut off at php$

echo '{"pkgs":["nano","curl","sudo","mariadb101-server","redis","php72-ctype","php72-dom","php72-gd","php72-iconv","php72-json","php72-mbstring","php72-posix","php72-simplexml","php72-xmlreader","php72-xmlwriter","php72-zip","php72-zlib","php$ > /tmp/pkg.json

 

[danb35]

The line of code is cut off at php$

Yes, and it also looks like the > /tmp/pkg.json is on a separate line. I think your issue is coming from unintended line breaks. If you're using nano as your editor, use the -w flag to keep it from inserting line breaks where you don't want them.

 

[NasKar]

Yes, and it also looks like the > /tmp/pkg.json is on a separate line. I think your issue is coming from unintended line breaks. If you're using nano as your editor, use the -w flag to keep it from inserting line breaks where you don't want them.

Wow I have a headache from this. I am using nano and never heard of the -w flag but that worked. Thanks

 

[danb35]

OTOH, the output you posted above suggests that a multiline format for the json is perfectly acceptable, and it'd make the script a lot easier to read. I'll see about changing that.

Edit: Yes, it works just fine that way, and is much more readable. Updated.

 

[Yaguznal]

Although most said sounds like Chinese to me, I love following this colab. Makes me feel warm and fuzzy :) I guess I'm getting a glimpse of what opensource is all about.
Thanks guys!

 

[blue_ice]

After running the script on 11.1-U4, I got these errors:

1.

Nextcloud is not installed - only a limited number of commands are available
Can't create or write into the data directory /mnt/files
True
Nextcloud is not installed - only a limited number of commands are available

[Symfony\Component\Console\Exception\CommandNotFoundException]
Command "app:enable" is not defined.
Did you mean this?
app:check-code


True
Nextcloud is not installed - only a limited number of commands are available


[Symfony\Component\Console\Exception\CommandNotFoundException]
There are no commands defined in the "encryption" namespace.

[Symfony\Component\Console\Exception\CommandNotFoundException]
There are no commands defined in the "background" namespace.

2. where are db/files datasets?


My nextcloud-config file:

Code:

JAIL_IP="192.168.1.102"
DEFAULT_GW_IP="192.168.1.1"
INTERFACE="re0"
VNET="off"
POOL_PATH="/mnt/Volumen1"
JAIL_NAME="nextcloud"
TIME_ZONE="America/Toronto"
HOST_NAME="mynextclous.ddns.net"
DB_PATH="/mnt/Volumen1"
FILES_PATH="/mnt/Volumen1"
PORTS_PATH="/mnt/Volumen1"
STANDALONE_CERT=1
DNS_CERT=0
TEST_CERT="--test"

Thanks

 

[jasemo]

Hey danb, just got back after being out of town and looking forward to trying the script. Thanks for all your great work.

Forgive my ignorance here, but can I ask, are there any best-practices reasons that all the guides I've seen don't create the "db" and "files" datasets within a "Nextcloud" dataset to keep them together? It just strikes me that this would make the structure easier to navigate.

Apologies if this point is now moot with the script, but I always wondered...

 

[danb35]

DB_PATH="/mnt/Volumen1"
FILES_PATH="/mnt/Volumen1"
PORTS_PATH="/mnt/Volumen1"

This is your problem. If you're going to set these, they all need to be separate paths, and in most cases you wouldn't need to set them at all. Unless there's a particular reason that you need to set them to different places (like, as another user mentioned up-thread, putting the database dataset on an SSD pool), just take these out of nextcloud-config.

where are db/files datasets?

They're wherever you create them. By default, they're expected to be in your main data pool. In your case, that would be /mnt/Volumen1/db and /mnt/Volumen1/files.

Suggest you remove DB_PATH, FILES_PATH, and PORTS_PATH from nextcloud-config, destroy the nextcloud jail ( iocage destroy -f nextcloud), and re-run the script.

 

[danb35]

are there any best-practices reasons that all the guides I've seen don't create the "db" and "files" datasets within a "Nextcloud" dataset to keep them together?

Not that I know of, and to be honest, I hadn't thought of it. It'd be simple enough to change DB_PATH and FILES_PATH accordingly, of course.

 

[blue_ice]

This is your problem. If you're going to set these, they all need to be separate paths, and in most cases you wouldn't need to set them at all. Unless there's a particular reason that you need to set them to different places (like, as another user mentioned up-thread, putting the database dataset on an SSD pool), just take these out of nextcloud-config.

They're wherever you create them. By default, they're expected to be in your main data pool. In your case, that would be /mnt/Volumen1/db and /mnt/Volumen1/files.

Suggest you remove DB_PATH, FILES_PATH, and PORTS_PATH from nextcloud-config, destroy the nextcloud jail ( iocage destroy -f nextcloud), and re-run the script.

Danb35, it works fine, thanks, your script is really awesome.

Freenas 11.1-U4

 

[blue_ice]

Script works fine but after installation, I lost all access to SMB resources

 

[TimvH]

Script works fine but after installation, I lost all access to SMB resources

That's probably because you're not using vnet, the ip address is now attached to re0 which probably is also the interface you used to connect you FreeNAS box to your LAN network.
My advice, enable VNET for the Nextcloud jail from the new FreeNAS UI and set a IP different than your FreeNAS box. Use ifconfig re0 delete 192.168.1.102 if that IP is only used for the Nextcloud jail before you change the jail settings.



In my opinion it's best to give every jail it's own IP and use portforwarding to give the outside world access to a Nginx jail with a reverse proxy setup(example), this way you can set nextcloud.yourdomain.com to access the Nextcloud jail and syncthing.yourdomain.com to the Syncthing jail for example. That way people don't get unwanted access to your FreeNAS box which might be dangerous if SSH is enabled, even more so when login as root is enabled.


Edit:
I've added two lines to the script to fix rewrite. This means that for example https://domain.name/index.php/apps/files/?dir=/&fileid=283 now shows as: https://domain.name/apps/files/?dir=/&fileid=283 making the url prettier and shorter.
You can make these changes to an existing installation by running these two commands yourself: iocage exec ${JAIL_NAME} su -m www -c 'php /usr/local/www/apache24/data/nextcloud/occ config:system:set htaccess.RewriteBase --value="/"'
iocage exec ${JAIL_NAME} su -m www -c 'php /usr/local/www/apache24/data/nextcloud/occ maintenance:update:htaccess'

But doing that makes already shared links dead so for some it might not be handy.
PR is sent so it will probably be in @danb35 's repo soon.

 

[blue_ice]

That's probably because you're not using vnet, the IP address is now attached to re0 which probably is also the interface you used to connect you FreeNAS box to your LAN network.
My advice, enable VNET for the Nextcloud jail from the new FreeNAS UI and set a IP different than your FreeNAS box. Use ifconfig re0 delete 192.168.1.102 if that IP is only used for the Nextcloud jail before you change the jail settings.

TimvH: I stoppped the iocage nextcloud, so the IP assigned to nextcloud is unassigned from re0, the only active IP is from Freenas box .100, but the shares are still unreachable (tested in windows and android).

I destroyed the iocage and I did a fresh Freenas installation, imported configuration, same issue; somehow the script changed permissions

Any ideas?

 

[TimvH]

TimvH: I stoppped the iocage nextcloud, so the IP assigned to nextcloud is unassigned from re0, the only active IP is from Freenas box .100, but the shares are still unreachable (tested in windows and android).

I destroyed the iocage and I did a fresh Freenas installation, imported configuration, same issue; somehow the script changed permissions

Any ideas?

That's weird, have you configured SMB right?
The only folders the script touches in your storage pool are /tank/portsnap and /tank/db.
You can however make a new user named smb or something and configure smb to use that user as anonymous account if you want everyone to have access without a password, and then change the ownership of the folders linked to a share to the user you've just made. That's the way I've got it setup. If you want some shares to be private you can change the ownership to another user and/or group.

 

[jasemo]

What are the issues associated with ISP's that give out dynamic IPs?
I have a FQDN from namecheap which lets my DD-WRT router daily update my (rarely changing) IP to an "A + Dynamic DNS Record" will this be enough to connect to over https?

 

[TimvH]

What are the issues associated with ISP's that give out dynamic IPs?
I have a FQDN from namecheap which lets my DD-WRT router daily update my (rarely changing) IP to an "A + Dynamic DNS Record" will this be enough to connect to over https?

Yup, I also have a dynamic name, but it only changes once in like two years. Shouldn't matter though. You just won't be able to access your domain until the DNS gets updated and the DNS servers implement the change.

 

[jasemo]

Ok. That was my "check if my next question is totally pointless question".

So, can the script be run over the top of a previous failed run? or what should I do before I retry another run if I've had difficulties?

I'm trying to setup Nextcloud to be accessed at (for example) "nextcloud.myFQDN.com" but I received:

Code:

nextcloud.myFQDN.com:Verify error:DNS problem: NXDOMAIN looking up A for nextcloud.myFQDN.com

which was then followed by:

Code:

* Stopping nextcloud

and a whole pile of:

Code:

Nextcloud is not installed - only a limited number of commands are available

errors, right at the tale end of the script.

It looks like I have a bit of trial and error to go. What do I need to do to get the script ready to try again?

 

[danb35]

What do I need to do to get the script ready to try again?

iocage destroy -f nextcloud followed by rm -rf /mnt/tank/db/*. At what point do you see that NXDOMAIN error?