Scripted installation of Nextcloud 28 in iocage jail 2018-03-23

[jasemo]

Good to know. It's been working that way but I wanted to be sure I'd done everything to prevent something going wrong in the future.

 

[Bostjan]

The script

I’ve installed the script on FreeNAS-11.1-U4. The script finished successfully.
I DIDN’T run the command as it is suggested for U3 and U4.

Code:

cd /tmp
git clone --recursive https://github.com/iocage/iocage
cp -R iocage/iocage/lib/ /usr/local/lib/python3.6/site-packages/iocage/lib

Probably it worked because I’ve previously have used the iocage and made some jails.

-------------------
I receive and error while connecting to the URL of MY FQDN.
-------------------


-------------------
Current status.
I can PING the IP (192.168.x.x) of the jail AND the FQDN of the jail from my internal computers (192.168.x.x).

I can also ping the IP (192.168.x.x) and FQDN of the jail from my second “internal” network (10.x.x.x). (from NATed VirtualBox instances)

I can ping the the FreeNAS IP and google.com FROM jail.

The ping works.

-------------------
I use just one router on my network which is IPS’s router. I could do port forwarding.
-------------------




-------------------
Services that are running on NC server jail
[root@nextcloud ~]# service -e
/etc/rc.d/cleanvar
/etc/rc.d/netif
/etc/rc.d/newsyslog
/etc/rc.d/syslogd
/etc/rc.d/virecover
/etc/rc.d/motd
/usr/local/etc/rc.d/redis
/usr/local/etc/rc.d/php-fpm
/usr/local/etc/rc.d/mysql-server
/usr/local/etc/rc.d/apache24
/etc/rc.d/cron

-------------------
When connecting from local computer (192.168.x.x) from browser to my nexcloud server through IP (192.168.x.x) the IP gets rewritten to my FQDN and get an error
ERR_CONNECTION_REFUSED

I also tried to connect from my “second” internal network (10.x.x.x), the IP (URL) of the server also gets rewritten to my FQDN and get an error
ERR_CONNECTION_REFUSED

-------------------
When connecting from outside of my network (from internet) to my FQDN (OR my wan IP) first I get warning the certificate is not walid (at creation time I selected the –test variant) and then I get an error

Internal Server Error

The server encountered an internal error and was unable to complete your request.
Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.
More details can be found in the server log.


----
/var/log/httpd-error.log
----
[Wed Apr 26 14:27:35.786787 2018] [ssl:warn] [pid 83312:tid 34397577216] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Wed Apr 26 14:27:35.790870 2018] [mpm_event:notice] [pid 83312:tid 34397577216] AH00489: Apache/2.4.33 (FreeBSD) OpenSSL/1.0.2k-freebsd configured -- resuming normal operations
[Wed Apr 26 14:27:35.790991 2018] [core:notice] [pid 83312:tid 34397577216] AH00094: Command line: '/usr/local/sbin/httpd -D NOHTTPACCEPT'



-------------------
What can I do?

 

[NasKar]

ran the script and I getting errors after running the Redis command.

System config value memcache.locking set to string \OC\Memcache\Redis

An unhandled exception has been thrown:
RedisException: Connection refused in /usr/local/www/apache24/data/nextcloud/lib/private/RedisFactory.php:84
Stack trace:
#0 /usr/local/www/apache24/data/nextcloud/lib/private/RedisFactory.php(84): Redis->connect('127.0.0.1', 6379, 0)
#1 /usr/local/www/apache24/data/nextcloud/lib/private/RedisFactory.php(100): OC\RedisFactory->create()
#2 /usr/local/www/apache24/data/nextcloud/lib/private/Memcache/Redis.php(42): OC\RedisFactory->getInstance()
#3 /usr/local/www/apache24/data/nextcloud/lib/private/Memcache/Factory.php(134): OC\Memcache\Redis->__construct('7034c4413b9c934...')
#4 /usr/local/www/apache24/data/nextcloud/lib/private/Server.php(854): OC\Memcache\Factory->createLocking('lock')
#5 /usr/local/www/apache24/data/nextcloud/3rdparty/pimple/pimple/src/Pimple/Container.php(113): OC\Server->OC\{closure}(Object(OC\Server))
#6 /usr/local/www/apache24/data/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(116): Pimple\Container->offsetGet('OCP\\Lock\\ILocki...')
#7 /usr/local/www/apache24/data/nextcloud/lib/private/ServerContainer.php(132): OC\AppFramework\Utility\SimpleContainer->query('OCP\\Lock\\ILocki...')
#8 /usr/local/www/apache24/data/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(164): OC\ServerContainer->query('OCP\\Lock\\ILocki...')
#9 /usr/local/www/apache24/data/nextcloud/3rdparty/pimple/pimple/src/Pimple/Container.php(109): OC\AppFramework\Utility\SimpleContainer->OC\AppFramework\Utility\{closure}(Object(OC\Server))
#10 /usr/local/www/apache24/data/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(116): Pimple\Container->offsetGet('LockingProvider')
#11 /usr/local/www/apache24/data/nextcloud/lib/private/ServerContainer.php(132): OC\AppFramework\Utility\SimpleContainer->query('LockingProvider')
#12 /usr/local/www/apache24/data/nextcloud/lib/private/Server.php(1765): OC\ServerContainer->query('LockingProvider')
#13 /usr/local/www/apache24/data/nextcloud/lib/private/Files/View.php(114): OC\Server->getLockingProvider()
#14 /usr/local/www/apache24/data/nextcloud/lib/private/Server.php(193): OC\Files\View->__construct()
#15 /usr/local/www/apache24/data/nextcloud/3rdparty/pimple/pimple/src/Pimple/Container.php(113): OC\Server->OC\{closure}(Object(OC\Server))
#16 /usr/local/www/apache24/data/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(116): Pimple\Container->offsetGet('EncryptionManag...')
#17 /usr/local/www/apache24/data/nextcloud/lib/private/ServerContainer.php(132): OC\AppFramework\Utility\SimpleContainer->query('EncryptionManag...')
#18 /usr/local/www/apache24/data/nextcloud/lib/private/Server.php(1229): OC\ServerContainer->query('EncryptionManag...')
#19 /usr/local/www/apache24/data/nextcloud/lib/base.php(866): OC\Server->getEncryptionManager()
#20 /usr/local/www/apache24/data/nextcloud/lib/base.php(738): OC::registerEncryptionWrapper()
#21 /usr/local/www/apache24/data/nextcloud/lib/base.php(1081): OC::init()
#22 /usr/local/www/apache24/data/nextcloud/console.php(46): require_once('/usr/local/www/...')
#23 /usr/local/www/apache24/data/nextcloud/occ(11): require_once('/usr/local/www/...')
#24 {main}True



Any idea on how to fix the errors with Redis?

 

[danb35]

#0 /usr/local/www/apache24/data/nextcloud/lib/private/RedisFactory.php(84): Redis->connect('127.0.0.1', 6379, 0)

This looks like it's trying to connect to the IP/port rather than to the socket file. The next two commands change the configuration so it wouldn't do that, but I haven't seen it error out like this before. Does the script continue after this, or does it die at this point?

 

[NasKar]

This looks like it's trying to connect to the IP/port rather than to the socket file. The next two commands change the configuration so it wouldn't do that, but I haven't seen it error out like this before. Does the script continue after this, or does it die at this point?

I get multiple errors of this nature from the #CLI installation and Configuration of Nextcloud section after the first redis command and just posted the first one. The script runs to the end.

 

[maartenweyns]

When connecting from outside of my network (from internet) to my FQDN (OR my wan IP) first I get warning the certificate is not walid (at creation time I selected the –test variant) and then I get an error

Internal Server Error

The server encountered an internal error and was unable to complete your request.
Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.
More details can be found in the server log.

I'm getting the same problem. Did you fix this?

Sent from my HUAWEI VNS-L31 using Tapatalk

 

[sdgenxr]

Ok, I'm a bit of a noob when it comes to issuing command line statements and could use a little clarification on the installation process.

1. When upgrading iocage, I get a response for the first two commands but not the last one.
   Code:

   cp -R iocage/iocage/lib/ /usr/local/lib/python3.6/site-packages/iocage/lib

2. With regard to the prerequisites, do the names for the two new datasets need to be exactly as defined in the readme.md. Or can they be changed during the installation, if so, what lines?
3. During the installation process, how do I DL the repository into a convenient directory? How do I create a new file for the config?

Sorry for the simple questions, but this is a bit new to me.
Thanks!

 

[sdgenxr]

I found a better step by step directions over here (https://forums.freenas.org/index.ph...stallation-of-nextcloud-13-in-iocage-jail.90/) and get the following error when running

Code:

./nextcloud-jail.sh

/root/freenas-iocage-nextcloud/nextcloud-config: http://php.net/manual/en/timezones.php: not found
Configuration error: Either STANDALONE_CERT or DNS_CERT
must be set to 1.

JAIL_IP="192.168.1.200"
DEFAULT_GW_IP="192.168.1.1"
INTERFACE="igb0"
POOL_PATH="/mnt/Vol_1/NCFiles"
JAIL_NAME="nextcloud"
TIME_ZONE="America/Los_Angeles" # See
http://php.net/manual/en/timezones.php
HOST_NAME="MY_FQDN"
STANDALONE_CERT=0
DNS_CERT=0
TEST_CERT="--test"

 

[NasKar]

Ok, I'm a bit of a noob when it comes to issuing command line statements and could use a little clarification on the installation process.

1. When upgrading iocage, I get a response for the first two commands but not the last one.
   Code:

   cp -R iocage/iocage/lib/ /usr/local/lib/python3.6/site-packages/iocage/lib

2. With regard to the prerequisites, do the names for the two new datasets need to be exactly as defined in the readme.md. Or can they be changed during the installation, if so, what lines?
3. During the installation process, how do I DL the repository into a convenient directory? How do I create a new file for the config?

Sorry for the simple questions, but this is a bit new to me.
Thanks!

2. Can be changed but then you have to change them in the script to match.
3. mkdir /git
cd /git
pkg install git
git clone https://github.com/danb35/freenas-iocage-nextcloud.git

I use nano a text editor to create the config

 

[danb35]

When upgrading iocage, I get a response for the first two commands but not the last one.

Normal.

With regard to the prerequisites, do the names for the two new datasets need to be exactly as defined in the readme.md. Or can they be changed during the installation, if so, what lines?

You can change them; if you do, you'll need to specify DB_PATH and FILES_PATH in your config file to point to the respective paths.

During the installation process, how do I DL the repository into a convenient directory?

Use the cd command to change to the desired directory. For example, if your pool is called tank, and you want to put the script right into the root of your pool, you'd do cd /mnt/tank followed by git clone https://github.com/danb35/freenas-iocage-nextcloud.

How do I create a new file for the config?

Use any text editor you like; I prefer nano. nano nextcloud-config.

 

[danb35]

/root/freenas-iocage-nextcloud/nextcloud-config: http://php.net/manual/en/timezones.php: not found

You have a line wrap in your config file, putting the URL to the PHP documentation on its own line. Delete that.

Configuration error: Either STANDALONE_CERT or DNS_CERT must be set to 1.

Exactly what it says--one or the other of those must be set to 1.

HOST_NAME="MY_FQDN"

I hope you're just putting in MY_FQDN for the sake of posting here on the forum--in actual use, you must use a fully-qualified domain name that you own (or at least control).

 

[danb35]

Also, you'll want to pull a fresh copy of the script (change into the directory where you downloaded it and run git pull). I made a change that should fix the Redis errors some folks are reporting.

 

[NasKar]

Also, you'll want to pull a fresh copy of the script (change into the directory where you downloaded it and run git pull). I made a change that should fix the Redis errors some folks are reporting.

Can you explain why set redis host --value="/tmp/redis.sock"' and set redis port --value=0 --type=integer' need to be before the
iocage exec ${JAIL_NAME} su -m www -c 'php /usr/local/www/apache24/data/nextcloud/occ config:system:set memcache.locking --value="\OC\Memcache\Redis"'

I stumbled on that fix by accident when I put it after the last su -m ww -c php ... commands in my fork of your script. That error made me crazy.

Why does the nextcloud site use commands like

Code:

sudo -u www-data php occ maintenance:mode --on

but in freenas we use su -m www -c php ....
Can't seem to find the answer.

 

[danb35]

Can you explain why set redis host --value="/tmp/redis.sock"' and set redis port --value=0 --type=integer' need to be before the
iocage exec ${JAIL_NAME} su -m www -c 'php /usr/local/www/apache24/data/nextcloud/occ config:system:set memcache.locking --value="\OC\Memcache\Redis"'

Apparently because when you set memcache.locking to Redis, it tries to make that connection immediately. If it doesn't know where to connect (because you haven't set it yet), it gives fatal errors. What I don't know is why it used to work, but now doesn't. Maybe it was a change with Nextcloud 13.0.2.

but in freenas we use su -m www -c php ....

The difference between www and www-data is a matter of the user that the Apache process is running as. The reason I don't use sudo in my script is because that would be just one more package I'd have to install in the jail.

 

[sdgenxr]

You can change them; if you do, you'll need to specify DB_PATH and FILES_PATH in your config file to point to the respective paths.

Thanks. With regard to the respective paths, would it be VOLUME/ZVOL/DATASET ? I.E. "Vol_1/Vol_1/NCFiles"

 

[danb35]

With regard to the respective paths, would it be VOLUME/ZVOL/DATASET ? I.E. "Vol_1/Vol_1/NCFiles"

There are no zvols involved. The paths will be the filesystem paths to wherever the respective things are. So, if your pool is Vol_1, and you have a dataset in Vol_1 called NCFiles, the path would be /mnt/Vol_1/NCFiles.

 

[sdgenxr]

For some reason, I keep running into problems on my installation with the following config:

Code:

JAIL_IP="192.168.1.200"
DEFAULT_GW_IP="192.168.1.1"
INTERFACE="igb0"
POOL_PATH="/mnt/Vol_1"
DB_PATH= "/mnt/Vol_1/NCdb"
FILES_PATH="/mnt/Vol_1/NCFiles"
JAIL_NAME="nextcloud"
TIME_ZONE="America/Los_Angeles"
# See http://php.net/manual/en/timezones.php
HOST_NAME="MY_FQDN"
STANDALONE_CERT=1
DNS_CERT=0
TEST_CERT="--test"

First error is:

Code:

/tmp/freenas-iocage-nextcloud/nextcloud-config: /mnt/Vol_1/NCdb: Permission denied
ls: /mnt/Vol_1/db: No such file or directory
jail 'nextcloud' not found!

Yet, when I check the permissions for NCdb, it belongs to root and wheel where root has write permission.

The script runs through and states that the installation is complete, yet I cannot access Nextcloud through my FQDN or 192.168.1.200. I've started over again, deleting the tmp dir, iocage dataset and now get this error:

Code:

/tmp/freenas-iocage-nextcloud/nextcloud-config: /mnt/Vol_1/NCdb: Permission denied
/mnt/Vol_1/db is not empty!
DB_PATH must be empty, otherwise this script will break your existing database.

Should I go in and manually remove the /mnt/Vol_1/db dir?

Any thoughts or guidance would be greatly appreciated!

 

[danb35]

DB_PATH= "/mnt/Vol_1/NCdb"

You have a space here that shouldn't be there.

The script runs through and states that the installation is complete,

Yeah, error-checking could still stand to be improved.

 

[sdgenxr]

Yeah, error-checking could still stand to be improved.

How can I help?

 

[Rickinfl]

WOW seems like a lot of work maybe I'm missing something. I created a VM, install Ubuntu, LAMP, then installed Nextcloud 13, Added Nic - VLAN105 (DMZ)...... then went to the beach got some sun and enjoyed life.