Aio borgbackup ends in '500 Internal Server error'

chris2420 · October 29, 2024, 10:27pm

Nextcloud version (eg, 29.0.5): Nextcloud AIO v9.7.0
Portainer installation, of your docker files. (Latest)

The issue I am facing:
Borgbackup tries to create a container and run the backup but fails with a “500 Internal Server Error.” The logs are empty. The first time I tried to set up Borgbackup, it failed, and the subdir “borg” was also not created.

I can replicate this behavior each time I try to initiate the backup.

I used to have a manual installation of Nextcloud but now switched to the docker image NC HUB9 AIO v9.7.0. I followed your installation documentation and successfully installed the NC HUB version 9.

My setup is Proxmox → Debian 12.7 (LXC) → Docker(latest) → Portainer+Agent (V2.21.3), system drive 32 GB, 8 GB RAM, 256 MB Swap, 4 cores. All containers from AIO are the latest ones.

The environment for the host of the docker images:

mounted data drive (512 GB):
/data/nc_datadrive(mountpoint)/nextcloud(chmod 750, chown 33:0)/data

The stack config file has the following entries
NEXTCLOUD_DATADIR: /data/nc_datadrive/nextcloud/data
NEXTCLOUD_MOUNT: /data/nc_datadrive/nextcloud/

The NC instance comes up as expected and looks perfectly fine. The finalization of phone-region + mime fix (OCC cmd) took place succesfully.

I consider the whole setup currently a test environment. Migration from the old Nextcloud instance will follow as soon as I consider the setup complete and stable. Some demo users and admin are configured. Drives are empty, besides the demo pictures and demo docs from NC.

To finally add the Borg-Backup I have mounted an additional drive for backup.

Mounted backup drive (1TB):
/mnt/usb_backup(mountpoint)/nc_data_bak(chmod 750, chown 33:0)

After everything looked ok to me, I planned to configure the BorgBackup.
Pressed the button “Reset Backup Location”, entered “/mnt/usb_backup/nc_data_bak” (no / at the end), and pressed the button “Setup backup location again”, followed by “Create backup”. All containers get stopped. And the backup directly fails.

I see in Portainer a newly created container, “nextcloud-aio-borgbackup,” in the status created. The logs of it show nothing.

On the AIO config page, I see the note “Last backup failed! (Logs)”. I follow the link logs to “https://:8080/api/docker/logs?id=nextcloud-aio-borgbackup” but found an empty page.

In the logs of the “nextcloud-aio-mastercontainer” I find the following lines:

NOTICE: PHP message: Slim Application Error
Type: Exception
Code: 0
Message: Could not start container nextcloud-aio-borgbackup: Server error: `POST http://127.0.0.1/v1.41/containers/nextcloud-aio-borgbackup/start` resulted in a `500 Internal Server Error` response:
error gathering device information while adding custom device "/dev/fuse": no such file or directory 
File: /var/www/docker-aio/php/src/Docker/DockerActionManager.php

In the backup path, I should find a “borg” directory nested in my “nc_data_bak,” but there is none.

Looks like I missed something, but need your advice to fix it.
I have now done the entire setup several times (with and without setting the owner “www-data” at the “nc_data_bak”), always ending up with the same problem.

Any idea is welcome.

BR
Chris

szaimen · October 29, 2024, 10:34pm

Hi, see GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

chris2420 · October 29, 2024, 11:27pm

wow, thanks for the quick reply. I applied all necessary changes to setup FUSE in the LXC and restarted.

Since that the “nextcloud-aio-nextcloud” comes up “unhealthy”.

I’ve added on proxmox server level in the lxc.conf:

lxc.cgroup2.devices.allow: c 10:229 rwm
lxc.mount.entry: /dev/fuse dev/fuse none bind,create=file

changed the existing parameter from unprivileged to privileged

unprivileged=0

restarted lxc, all and everything. The containers start, but the “nextcloud-aio-nextcloud”

the log reads

sudo: /etc/sudo.conf is owned by uid 100000, should be 0
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
Waiting for database to start...
sudo: /etc/sudo.conf is owned by uid 100000, should be 0
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
Waiting for database to start...

Do I need to reinstall ?

BR
Chris

szaimen · October 30, 2024, 11:59am

You can try to stop and start the containers via the aio interface and check if that fixes things

chris2420 · October 30, 2024, 1:02pm

That is another issue: the AIO interface is not available. I guess it depends on the other container. The AIO master container is up and running. Sure I cannot access AIO interface via NC because NC is not up, but I tried the :8080 directly - unavailable. To my understanding that AIO mastercontainer holds the AIO interface… blue sky, no clouds.

szaimen · October 30, 2024, 1:18pm

You can inspect the mastercontainer via sudo docker logs nextcloud-aio-mastercontainer; sudo docker inspect nextcloud-aio-mastercontainer

chris2420 · October 30, 2024, 3:22pm

Ok, I have done that in the master container LXC, but it shows the same error msg as before

sudo: /etc/sudo.conf is owned by uid 100000, should be 0
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set

I decided to delete all containers and completely let them build from scratch. The master container cannot continue and is throwing a similar exception:

2024-10-30T14:52:14.472313006Z Docker socket is not readable by the www-data user. Cannot continue.
2024-10-30T14:53:14.738548057Z sudo: /etc/sudo.conf is owned by uid 100000, should be 0
2024-10-30T14:53:14.738577313Z sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set

2024-10-30T14:53:14.738681510Z Trying to fix docker.sock permissions internally...
2024-10-30T14:53:14.741470139Z Adding internal www-data to group docker
2024-10-30T14:53:14.762299643Z sudo: /etc/sudo.conf is owned by uid 100000, should be 0
2024-10-30T14:53:14.762325981Z sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
2024-10-30T14:53:14.762601447Z Docker socket is not readable by the www-data user. Cannot continue.

I guess my whole mess goes back to the change to the LXC when I assigned the “privileged” attribute. Suddenly, “Docker socket” is not readable by www-data.

OK, I’m checking the file system of my LXC.

Strange, suddenly all the files are owned by the special Proxmox root 100.000… Can I influence that? Does it come from the change of an unprivileged to a privileged one?

How do I fix this, can I fix this ?

BR
Chris

szaimen · October 30, 2024, 4:29pm

Sorry, I fear I have no knowledge about LXC containers

Crafty_Penguin_Chris · November 10, 2024, 5:24pm

Making the container privileged isn’t the correct path.

For Proxmox, you would enable fuse either in the web control panel or command line. It’s in Options → Features (double click)

Keep in mind that Fuse mounts in LXC does have some know issues, usually around snapshot backups at the hypervisor layer.

Once enabled, you will need to reboot the container and recreate the borgbackup docker container by clicking the recreate backup folder in the AIO dashboard.