Nginx-reverseproxy and nextcloud issue

Hm who owns the other files? Run ls -a in there.

I even went in, deleted the file and created one with touch. Restarted nextcloud. still nothing.

image1669×76 20.5 KB

ls -la wrong one

I was wondering, why -a (means all right?)

So uhh… htttp://nextcoud isn’t going to work because nothing is pointing to it.

In my nginx config, you declared “nextcloud” in the upstream block which creates the “http://nextcloud” for nginx to use internally. It was never going to work by you trying to hit it from a web browser.

When I asked if nextcloud was reachable, I was asking if you can hit it by using your internal IPs. We need to establish that nextcloud even works first before we configure the proxy, otherwise we’re wasting time. Once the nextcloud is confirmed working, we then configure the proxy, then we make the network start pointing.

I wasn’t able to retrieve that IP.

But we are past that point. Nextcloud is asking for the CAN_INSTALL file which is there. But it doesn’t want to continue with the reinstallment.

image1209×386 111 KB

Wait, is it suppose to be owned by root?

Is the servicing running as root or as nginx/www-data?

Run ls -al in var/www/html

Actually, I just noticed that Nextcloud is just replacing the main page. ffs touches forehead

The nextcloud container seems to use the new --user flag to define what user it runs as. I think you can just add user: 1000 as an option to the nextcloud service in your compose file.

Though it won´t change old files so you need to chown all the files that are owned by root and should be by 1000 (that are saved on the host) or delete all of them if you don´t need them and have the container recreate them.

The nginx-swag container should be running as user 1000, so it won´t have access to them. Kind of surprised though it then displays a page at all.

The Compose file ‘.\docker-compose.yml’ is invalid because: services.nextcloud.user contains an invalid type, it should be a string

I got that error when saving before removing the container

Yes, ofc. But you can remap that later anyways.

root /config/www/nextcloud; and root /config/www/website in your nginx config(s) for the two sites then change your mounts to mount to website and nextcloud folder instead of /config/www.

Add quotes to the 1000. “1000”

Recomposed the container. The page is still there…

Error

It looks like you are trying to reinstall your Nextcloud. However the file CAN_INSTALL is missing from your config directory. Please create the file CAN_INSTALL in your config folder to continue.

Yeah, we basically just established there is no proxy. nextcloud:fpm does not provide a web server. You provide it. So what was supposed to be the proxy (I thought so too) is doing the entier hosting of the nextcloud site the nextcloud container spits out. It seems a bit silly but what can you do.

I didn’t bother to read all the docker-compose stuff, or even all the thread. However, I can say a few things from what I have glimpsed:

• You need to map port 80 and 443 to 80 and 443 respectively only from the reverse proxy (nginx or apache or whatever you are using) to your host. You don’t need to map nextcloud or anything else to any local port, as they will (and should only) be accessible by and through your reverse proxy. Just remember the local ports that these services run on in their container if they don’t use the default port 80.
• In your reverse proxy, redirect all traffic coming on port 80 to 443. If you have multiple vhosts, do that for each of them.
• Also in your reverse proxy configuration, you have 2 options for vhosts:
  1. Create a vhost with a specific subdomain name for each service, like nextcloud.cc.abyss.fi and just redirect http(s) root path (i.e. / ) to your other container’s root path (still /), which would look something like:
  • for vhost nexcloud.cc.abyss.fi proxy_pass / to http://local-container-name
    If it has a custom port, it would look like:
  • for vhost nextcloud.cc.abyss.fi proxy_pass / to http://local-container-name:8080
    Again, local containers are not accessible from your host, only from within the docker network and you don’t need to map them to a local host port.
    Or alternatively
  2. Create a single vhost for the domain, which in your case is just cc.abyss.fi and instead of redirecting the root path, you redirect custom paths to the root path of your container, so it would look something like:
  • for vhost cc.abyss.fi proxy_pass /nextcloud to http://local-container-name
  • for the same vhost (i.e. inside the same config brackets) proxy_pass / to http://a-custom-web-page-or-another-container-or-something
  • for the same vhost proxy_pass /grafana to http://grafana:3000
    So, to access nextcloud, all you’d have to do is go to https://cc.abyss.fi/nextcloud. If you’d have grafana, youd just access /grafana. This way, you don’t have to mess with DNS, only with the reverse proxy configurations. If you use the first option (the subdomain vhosts) you have to mess with both and create entries in your DNS server for each service. I recommend you use the second option.

Obviously, the syntax I wrote for proxy_pass is wrong in any reverse proxy, I just tried to make it into 1 line, so it’s easier to read. Use the syntax for your specific reverse proxy (apache, nginx, haproxy etc.).

Also, I strongly suggest that you add a reverse proxy deny rule to anything /admin (or for custom path, /nextcloud/admin or similar) and only allow access from known IP addresses, like your local host’s network.

At this point, I’d just recreate the containers from scratch.

Can you go to /var/www/html/data and see if there are any log files (I think should be in that folder). And if so what’s in them.

nextcloud.log

{"reqId":"qVaGuicKrW136DDtQXH6","level":3,"time":"2021-09-29T14:00:00+00:00","remoteAddr":"","user":"--","app":"cron","method":"","url":"--","message":"Not installed","userAgent":"--","version":"","exception":{"Exception":"Exception","Message":"Not installed","Code":0,"Trace":[{"file":"/var/www/html/lib/base.php","line":649,"function":"checkInstalled","class":"OC","type":"::","args":[{"__class__":"OC\\SystemConfig"}]},{"file":"/var/www/html/lib/base.php","line":1083,"function":"init","class":"OC","type":"::","args":[]},{"file":"/var/www/html/cron.php","line":42,"args":["/var/www/html/lib/base.php"],"function":"require_once"}],"File":"/var/www/html/lib/base.php","Line":277,"CustomMessage":"--"}}
{"reqId":"LZnVHDbdXD0JHivpE7AM","level":3,"time":"2021-09-29T14:15:02+00:00","remoteAddr":"","user":"--","app":"cron","method":"","url":"--","message":"Not installed","userAgent":"--","version":"","exception":{"Exception":"Exception","Message":"Not installed","Code":0,"Trace":[{"file":"/var/www/html/lib/base.php","line":649,"function":"checkInstalled","class":"OC","type":"::","args":[{"__class__":"OC\\SystemConfig"}]},{"file":"/var/www/html/lib/base.php","line":1083,"function":"init","class":"OC","type":"::","args":[]},{"file":"/var/www/html/cron.php","line":42,"args":["/var/www/html/lib/base.php"],"function":"require_once"}],"File":"/var/www/html/lib/base.php","Line":277,"CustomMessage":"--"}}
{"reqId":"stJsCzeYWKXbMSBN1KcU","level":3,"time":"2021-09-29T14:30:01+00:00","remoteAddr":"","user":"--","app":"cron","method":"","url":"--","message":"Not installed","userAgent":"--","version":"","exception":{"Exception":"Exception","Message":"Not installed","Code":0,"Trace":[{"file":"/var/www/html/lib/base.php","line":649,"function":"checkInstalled","class":"OC","type":"::","args":[{"__class__":"OC\\SystemConfig"}]},{"file":"/var/www/html/lib/base.php","line":1083,"function":"init","class":"OC","type":"::","args":[]},{"file":"/var/www/html/cron.php","line":42,"args":["/var/www/html/lib/base.php"],"function":"require_once"}],"File":"/var/www/html/lib/base.php","Line":277,"CustomMessage":"--"}}
{"reqId":"883kYyaWcZaDlEPY6Avy","level":3,"time":"2021-09-29T14:45:00+00:00","remoteAddr":"","user":"--","app":"cron","method":"","url":"--","message":"Not installed","userAgent":"--","version":"","exception":{"Exception":"Exception","Message":"Not installed","Code":0,"Trace":[{"file":"/var/www/html/lib/base.php","line":649,"function":"checkInstalled","class":"OC","type":"::","args":[{"__class__":"OC\\SystemConfig"}]},{"file":"/var/www/html/lib/base.php","line":1083,"function":"init","class":"OC","type":"::","args":[]},{"file":"/var/www/html/cron.php","line":42,"args":["/var/www/html/lib/base.php"],"function":"require_once"}],"File":"/var/www/html/lib/base.php","Line":277,"CustomMessage":"--"}}
{"reqId":"Uvdk2W1HLGxeFIpzuAQj","level":3,"time":"2021-09-29T15:15:01+00:00","remoteAddr":"","user":"--","app":"cron","method":"","url":"--","message":"Not installed","userAgent":"--","version":"","exception":{"Exception":"Exception","Message":"Not installed","Code":0,"Trace":[{"file":"/var/www/html/lib/base.php","line":649,"function":"checkInstalled","class":"OC","type":"::","args":[{"__class__":"OC\\SystemConfig"}]},{"file":"/var/www/html/lib/base.php","line":1083,"function":"init","class":"OC","type":"::","args":[]},{"file":"/var/www/html/cron.php","line":42,"args":["/var/www/html/lib/base.php"],"function":"require_once"}],"File":"/var/www/html/lib/base.php","Line":277,"CustomMessage":"--"}}
{"reqId":"5ccvpxGXgtsMsQQwxtU0","level":3,"time":"2021-09-29T15:30:01+00:00","remoteAddr":"","user":"--","app":"cron","method":"","url":"--","message":"Not installed","userAgent":"--","version":"","exception":{"Exception":"Exception","Message":"Not installed","Code":0,"Trace":[{"file":"/var/www/html/lib/base.php","line":649,"function":"checkInstalled","class":"OC","type":"::","args":[{"__class__":"OC\\SystemConfig"}]},{"file":"/var/www/html/lib/base.php","line":1083,"function":"init","class":"OC","type":"::","args":[]},{"file":"/var/www/html/cron.php","line":42,"args":["/var/www/html/lib/base.php"],"function":"require_once"}],"File":"/var/www/html/lib/base.php","Line":277,"CustomMessage":"--"}}
{"reqId":"6f5iNsPb4f6HiJVcNQ8c","level":3,"time":"2021-09-29T15:45:00+00:00","remoteAddr":"","user":"--","app":"cron","method":"","url":"--","message":"Not installed","userAgent":"--","version":"","exception":{"Exception":"Exception","Message":"Not installed","Code":0,"Trace":[{"file":"/var/www/html/lib/base.php","line":649,"function":"checkInstalled","class":"OC","type":"::","args":[{"__class__":"OC\\SystemConfig"}]},{"file":"/var/www/html/lib/base.php","line":1083,"function":"init","class":"OC","type":"::","args":[]},{"file":"/var/www/html/cron.php","line":42,"args":["/var/www/html/lib/base.php"],"function":"require_once"}],"File":"/var/www/html/lib/base.php","Line":277,"CustomMessage":"--"}}
{"reqId":"K7oNOYP1knonVkYlAuOS","level":3,"time":"2021-09-29T16:00:01+00:00","remoteAddr":"","user":"--","app":"cron","method":"","url":"--","message":"Not installed","userAgent":"--","version":"","exception":{"Exception":"Exception","Message":"Not installed","Code":0,"Trace":[{"file":"/var/www/html/lib/base.php","line":649,"function":"checkInstalled","class":"OC","type":"::","args":[{"__class__":"OC\\SystemConfig"}]},{"file":"/var/www/html/lib/base.php","line":1083,"function":"init","class":"OC","type":"::","args":[]},{"file":"/var/www/html/cron.php","line":42,"args":["/var/www/html/lib/base.php"],"function":"require_once"}],"File":"/var/www/html/lib/base.php","Line":277,"CustomMessage":"--"}}

Not use docker and just host it standalone.

OK, radical suggestion: nuke all containers you have and start afresh. One by one, “don’t run until you can walk” kinda-thing.

And please, PLEASE DUMP WIN-OS as host!! Install Nextcloud on the bare-metal hardware. Then play with containers/docker/whatever.