Scripted installation of Nextcloud 28 in iocage jail 2018-03-23

[airflow]

What version of MariaDB are you using?

10.4.14

 

[Basil Hendroff]

@airflow Thanks for doing the hard yards on this. I wasn't able to get 10.4 working so stayed on 10.3

 

[airflow]

@airflow Thanks for doing the hard yards on this. I wasn't able to get 10.4 working so stayed on 10.3

JFYI, I have used 10.4 succesfully before. The problem started occuring at the version-upgrade from 10.4.12 to 10.4.14.

 

[beltet]

Hi!
After moving most of my server instances from my FreeNAS box to a dedicated VM machine I have now a reverse proxy running on the VM machine that handles my TLS certificates.

So my question is, will I get some troubles when I point a subdomain to the nextcloud jail? As the jail uses caddy for getting the certificates?
And how shall I do to disable Caddy? Or uninstall it?
I haven't dared to start the jail if it breaks something.
I think I would be able to find out myself, but wants some tips before I start.
Btw, I don't have any essential files on the nextcloud instance.

 

[beltet]

Ok, so I now have removed my old jail with nextcloud, and trying to get run the script again to make a new jail that I can run with my reverse proxy. But I must do something wrong, as I cannot connect to nextcloud after I ran the script. Not by https to the hostname or IP directly. So my questions are:

What cert option shall I use in the config file?
I have a certificate from letsencrypt that's is pulled regularly in a docker container also residing the reverse proxy.

What hostname shall i use? As that seems important, because last time I set it up I needed to connect through the hostname and not ip.
Why can't I use the ip?
I will reverse proxy the nextcloud.my-domain.se to the jail, so I think it should be that in hostname right?

Anyway, I'm a little bit confused about the hostname and security on nextcloud. Seems like I'm hitting the wall all the time. Because of the initial security on nextcloud.

 

[Basil Hendroff]

Ok, so I now have removed my old jail with nextcloud, and trying to get run the script again to make a new jail that I can run with my reverse proxy. But I must do something wrong, as I cannot connect to nextcloud after I ran the script. Not by https to the hostname or IP directly. So my questions are:

What cert option shall I use in the config file?
I have a certificate from letsencrypt that's is pulled regularly in a docker container also residing the reverse proxy.

What hostname shall i use? As that seems important, because last time I set it up I needed to connect through the hostname and not ip.
Why can't I use the ip?
I will reverse proxy the nextcloud.my-domain.se to the jail, so I think it should be that in hostname right?

Anyway, I'm a little bit confused about the hostname and security on nextcloud. Seems like I'm hitting the wall all the time. Because of the initial security on nextcloud.

You may find steps 1 and 2 of the resource Nextcloud and OnlyOffice Integration useful.

 

[beltet]

You may find steps 1 and 2 of the resource Nextcloud and OnlyOffice Integration useful.

Wow! Thanks!
The "For Nextcloud to operate correctly behind a reverse proxy, overwrite parameters will need to be modified." line was really what I was looking for.
Now I have a working nextcloud jail again. Awesome!
Next up is to intigrate a Onlyoffice instance aswell!

Thanks again for the pointer!

 

[Dellyjoe]

Hello everyone,

Has anyone been able to update this jail to 12.1, I went from 11.3-p12 and tried to move to 12.1-p10 and it seems to have created an error,


Internal Server Error

The server encountered an internal error and was unable to complete your request.
Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.
More details can be found in the server log.


Did I break my nextcloud sever?

Any advice would be great

If this is the wrong thread plz let me know.

Thank you,
Joe

 

[beltet]

Hello everyone,

Has anyone been able to update this jail to 12.1, I went from 11.3-p12 and tried to move to 12.1-p10 and it seems to have created an error,


Internal Server Error

The server encountered an internal error and was unable to complete your request.
Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.
More details can be found in the server log.


Did I break my nextcloud sever?

Any advice would be great

If this is the wrong thread plz let me know.

Thank you,
Joe

I got a Internal server error when I updated from Nextcloud 19 to 20. I restarted the jail and have not got it again. But that may not apply to your problem.

 

[Dellyjoe]

I got a Internal server error when I updated from Nextcloud 19 to 20. I restarted the jail and have not got it again. But that may not apply to your problem.

ya that didn't seem to work,

I have a bigger issue, after the issue happened I decided to import a snapshot of a jail from one month ago, that came with a filed to read from stream error. So then I deleted the jail, but a bug happened and it deleted both my jails, and they were named nextcloud and nextcloud_backup.


So now I'm really sad b/c I just lost my jail.

Happy I still have my data, but no nextcloud jail. What is the next steps?

 

[danb35]

but a bug happened and it deleted both my jails

That seems to be a really big bug (that should have been a showstopper) in 12.0.

What is the next steps?

If you have all the data directories still, try a reinstall using the script.

 

[Dellyjoe]

That seems to be a really big bug (that should have been a showstopper) in 12.0.

If you have all the data directories still, try a reinstall using the script.

Thank you for the replay @danb35 You are a god in my book so I will try and response to you the best I know.

the files are still there as you said.

here is the old config

JAIL_IP="10.0.0.39"
DEFAULT_GW_IP="10.0.0.1"
POOL_PATH="/mnt/Tank1"
TIME_ZONE="America/New_York"
HOST_NAME="vitXXXXX.com"
STANDALONE_CERT=1
CERT_EMAIL=joseph.XXXX@outlXXX.com
DNS_PLUGIN="cloudflare"
DNS_ENV="joseph.XXXX@outlXXX.com=foo@bar.baz CLOUDFLARE_API_KEY=blah"

Do I have to change anything here? do we go through the same process with the SSL certs? I'm thinking we keep them given we still want it to auto update

Also your scripts seems to install NC.19 will this be an issue I was at nc.20.4

I also had other configs within nextcloud I guess I can't get them back given the jail is gone? I do have an old snapshot can I extract that and see If I can find them?


I will wait for your replay.

Thank you,
Joe

 

[danb35]

Do I have to change anything here?

Yes, you'll need to get an API Token from Cloudflare. The README describes the process.
No, actually you won't, because you're getting a standalone cert. You can safely delete the DNS_PLUGIN and DNS_ENV lines.

Also your scripts seems to install NC.19

True, I haven't updated to 20 yet. You should be able to install 20 by editing line 298 of the script to read:

Code:

FILE="latest-20.tar.bz2"

I'll caution, though, that as yet I haven't had time to mess with NC 20.

 

[Dellyjoe]

Yes, you'll need to get an API Token from Cloudflare. The README describes the process.
No, actually you won't, because you're getting a standalone cert. You can safely delete the DNS_PLUGIN and DNS_ENV lines.

True, I haven't updated to 20 yet. You should be able to install 20 by editing line 298 of the script to read:

Code:

FILE="latest-20.tar.bz2"

I'll caution, though, that as yet I haven't had time to mess with NC 20.

Will it renew automaticity even if I don't include the two lines below? also should I re download the script given we are in Truecore ? and not freenas?
DNS_PLUGIN="cloudflare"
DNS_ENV="joseph.XXXX@outlXXX.com=foo@bar.baz CLOUDFLARE_API_KEY=blah"

And I will just leave it with nc. 19 given I can just update it when I have it up and running.

Just want to be sure, given I don't want to mess anything up again.

Joe

 

[danb35]

Will it renew automaticity even if I don't include the two lines below?

Yes--again, you're telling it to get the standalone cert (i.e., to use HTTP validation), so the DNS parameters are irrelevant.

also should I re download the script given we are in Truecore ?

TrueNAS vs. FreeNAS shouldn't make a difference, but I'd recommend updating the script. git pull.

 

[Dellyjoe]

Yes--again, you're telling it to get the standalone cert (i.e., to use HTTP validation), so the DNS parameters are irrelevant.

TrueNAS vs. FreeNAS shouldn't make a difference, but I'd recommend updating the script. git pull.

ok, thank you danb35 I will let you know how it goes !

Joe

 

[danb35]

I will let you know how it goes !

To be on the safe side, take a recursive snapshot of the nextcloud dataset first. That way, if it borks your data, you can roll back.

 

[Dellyjoe]

Not a good day for me, can't get the script to work

script nextcloud.log ./nextcloud-jail.sh
script: ./nextcloud-jail.sh: No such file or directory

Script done, output file is nextcloud.log


-------------------------------------------------------------------
root@freenas[~]# vi nextcloud.log
Script started on Sun Oct 25 18:06:11 2020
Command: ./nextcloud-jail.sh
script: ./nextcloud-jail.sh: No such file or directory^M

Command exit status: 1
Script done on Sun Oct 25 18:06:11 2020



root@freenas[/mnt/Tank1/freenas-iocage-nextcloud]# ls
.git includes nextcloud-config README.md
.gitignore LICENSE nextcloud-jail.sh


seems to me that there is a file with that name

Joe

 

[danb35]

script: ./nextcloud-jail.sh: No such file or directory

That means you aren't in the directory where the script is.

 

[Dellyjoe]

That means you aren't in the directory where the script is.

ya sorry danb35, it is installing now, just having a bad day is all.

Thanks for sticking with me, I will let you know how it goes.
Joe