- Lokaler Server, Ubuntu 20.04.1, X86
- Nextcloud Version: 27.1.4
- PHP Version: FPM, 8.2.13
- MariaDB
- Apache 2.4.41.
- Alle Dateien in var/www/…/nextcloud gehören www-data:www-data
Liebe Community,
es gelingt mir weder Onlyoffice noch Nextcloud Office zu nutzen. Das Problem scheinen jedoch die dazugehörigen Documentserver zu sein.
Wenn ich NCO und Collabora starte, hagelt es 3 Fehlermeldungen pro Sekunde in der Protokollierung (siehe unten).
Wenn ich Onlyoffice und den dokumentserver-community aktiviere, kann ich die Einstellungen nicht speichern, erhalte dann ein 403 Forbidden und eine Fehlermeldung (siehe unten).
Ich vermute den Fehler in meiner .htaccess, könnt ihr dort etwas entdecken, was zu dem 403 führt?
Meine .htaccess:
<IfModule mod_headers.c>
<IfModule mod_setenvif.c>
<IfModule mod_fcgid.c>
SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
</IfModule>
<IfModule mod_proxy_fcgi.c>
SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1
</IfModule>
<IfModule mod_lsapi.c>
SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
</IfModule>
</IfModule>
<IfModule mod_env.c>
# Add security and privacy related headers
# Avoid doubled headers by unsetting headers in "onsuccess" table,
# then add headers to "always" table: https://github.com/nextcloud/server/pull/19002
Header onsuccess unset Referrer-Policy
Header always set Referrer-Policy "no-referrer"
Header onsuccess unset X-Content-Type-Options
Header always set X-Content-Type-Options "nosniff"
Header onsuccess unset X-Frame-Options
Header always set X-Frame-Options "SAMEORIGIN"
Header onsuccess unset X-Permitted-Cross-Domain-Policies
Header always set X-Permitted-Cross-Domain-Policies "none"
Header onsuccess unset X-Robots-Tag
Header always set X-Robots-Tag "noindex, nofollow"
Header onsuccess unset X-XSS-Protection
Header always set X-XSS-Protection "1; mode=block"
SetEnv modHeadersAvailable true
</IfModule>
# Add cache control for static resources
<FilesMatch "\.(css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite)$">
<If "%{QUERY_STRING} =~ /(^|&)v=/">
Header set Cache-Control "max-age=15778463, immutable"
</If>
<Else>
Header set Cache-Control "max-age=15778463"
</Else>
</FilesMatch>
# Let browsers cache WOFF files for a week
<FilesMatch "\.woff2?$">
Header set Cache-Control "max-age=604800"
</FilesMatch>
</IfModule>
<IfModule mod_php.c>
php_value mbstring.func_overload 0
php_value default_charset 'UTF-8'
php_value output_buffering 0
<IfModule mod_env.c>
SetEnv htaccessWorking true
</IfModule>
</IfModule>
<IfModule mod_mime.c>
AddType image/svg+xml svg svgz
AddType application/wasm wasm
AddEncoding gzip svgz
# Serve ESM javascript files (.mjs) with correct mime type
AddType text/javascript js mjs
</IfModule>
<IfModule mod_dir.c>
DirectoryIndex index.php index.html
</IfModule>
<IfModule pagespeed_module>
ModPagespeed Off
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} DavClnt
RewriteRule ^$ /remote.php/webdav/ [L,R=302]
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
RewriteRule ^remote/(.*) remote.php [QSA,L]
RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L]
RewriteRule ^ocm-provider/?$ index.php [QSA,L]
RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>
AddDefaultCharset utf-8
Options -Indexes
#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####
ErrorDocument 403 /nextcloud/index.php/error/403
ErrorDocument 404 /nextcloud/index.php/error/404
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1]
RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1]
RewriteCond %{REQUEST_FILENAME} !\.(css|js|mjs|svg|gif|png|html|ttf|woff2?|ico|jpg|jpeg|map|webm|mp4|mp3|ogg|wav|wasm|
RewriteCond %{REQUEST_FILENAME} !/core/ajax/update\.php
RewriteCond %{REQUEST_FILENAME} !/core/img/(favicon\.ico|manifest\.json)$
RewriteCond %{REQUEST_FILENAME} !/(cron|public|remote|status)\.php
RewriteCond %{REQUEST_FILENAME} !/ocs/v(1|2)\.php
RewriteCond %{REQUEST_FILENAME} !/robots\.txt
RewriteCond %{REQUEST_FILENAME} !/(ocs-provider|updater)/
RewriteCond %{REQUEST_URI} !^/\.well-known/(acme-challenge|pki-validation)/.*
RewriteCond %{REQUEST_FILENAME} !/richdocumentscode(_arm64)?/proxy.php$
RewriteRule . index.php [PT,E=PATH_INFO:$1]
RewriteBase /nextcloud
<IfModule mod_env.c>
SetEnv front_controller_active true
<IfModule mod_dir.c>
DirectorySlash off
</IfModule>
</IfModule>
</IfModule>
Die Fehlermeldung (3x pro Sekunde), wenn ich Collabora und Nextcloud Office aktiviere:
[richdocuments] Fehler: GuzzleHttp\Exception\ClientException: Client error: `GET https://xxxxxxxx.spdns.de/nextcloud/apps/richdocumentscode/proxy.php?req=/hosting/capabilities` resulted in a `403 Forbidden` response:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden (truncated...)
at <<closure>>
0. /var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 69
GuzzleHttp\Exception\RequestException::create("*** sensitive parameters replaced ***")
1. /var/www/html/nextcloud/3rdparty/guzzlehttp/promises/src/Promise.php line 204
GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
2. /var/www/html/nextcloud/3rdparty/guzzlehttp/promises/src/Promise.php line 153
GuzzleHttp\Promise\Promise::callHandler()
3. /var/www/html/nextcloud/3rdparty/guzzlehttp/promises/src/TaskQueue.php line 48
GuzzleHttp\Promise\Promise::GuzzleHttp\Promise\{closure}("*** sensitive parameters replaced ***")
4. /var/www/html/nextcloud/3rdparty/guzzlehttp/promises/src/Promise.php line 248
GuzzleHttp\Promise\TaskQueue->run()
5. /var/www/html/nextcloud/3rdparty/guzzlehttp/promises/src/Promise.php line 224
GuzzleHttp\Promise\Promise->invokeWaitFn()
6. /var/www/html/nextcloud/3rdparty/guzzlehttp/promises/src/Promise.php line 269
GuzzleHttp\Promise\Promise->waitIfPending()
7. /var/www/html/nextcloud/3rdparty/guzzlehttp/promises/src/Promise.php line 226
GuzzleHttp\Promise\Promise->invokeWaitList()
8. /var/www/html/nextcloud/3rdparty/guzzlehttp/promises/src/Promise.php line 62
GuzzleHttp\Promise\Promise->waitIfPending()
9. /var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/Client.php line 187
GuzzleHttp\Promise\Promise->wait()
10. /var/www/html/nextcloud/lib/private/Http/Client/Client.php line 230
GuzzleHttp\Client->request()
11. /var/www/html/nextcloud/apps/richdocuments/lib/Service/CapabilitiesService.php line 135
OC\Http\Client\Client->get()
12. /var/www/html/nextcloud/apps/richdocuments/lib/Service/CapabilitiesService.php line 73
OCA\Richdocuments\Service\CapabilitiesService->refetch()
13. /var/www/html/nextcloud/apps/richdocuments/lib/AppInfo/Application.php line 93
OCA\Richdocuments\Service\CapabilitiesService->getCapabilities()
14. /var/www/html/nextcloud/lib/private/AppFramework/Bootstrap/FunctionInjector.php line 45
OCA\Richdocuments\AppInfo\Application->OCA\Richdocuments\AppInfo\{closure}("*** sensitive parameters replaced ***")
15. /var/www/html/nextcloud/lib/private/AppFramework/Bootstrap/BootContext.php line 50
OC\AppFramework\Bootstrap\FunctionInjector->injectFn()
16. /var/www/html/nextcloud/apps/richdocuments/lib/AppInfo/Application.php line 92
OC\AppFramework\Bootstrap\BootContext->injectFn()
17. /var/www/html/nextcloud/lib/private/AppFramework/Bootstrap/Coordinator.php line 200
OCA\Richdocuments\AppInfo\Application->boot()
18. /var/www/html/nextcloud/lib/private/App/AppManager.php line 437
OC\AppFramework\Bootstrap\Coordinator->bootApp()
19. /var/www/html/nextcloud/lib/private/App/AppManager.php line 216
OC\App\AppManager->loadApp()
20. /var/www/html/nextcloud/lib/private/legacy/OC_App.php line 126
OC\App\AppManager->loadApps()
21. /var/www/html/nextcloud/lib/base.php line 1048
OC_App::loadApps()
22. /var/www/html/nextcloud/index.php line 36
OC::handleRequest()
GET /nextcloud/index.php/apps/logreader/poll?lastReqId=UbDLOU1YB3VVUYehNiwQ
from 89.245.104.158 by Andreas at 2023-11-25T01:03:14+01:00
Die Fehlermeldung, wenn ich Onlyoffice und documentserver_community aktiviere:
[documentserver_community] Fehler: Exception: Segmentation fault (core dumped)
at <<closure>>
0. /var/www/html/nextcloud/apps/documentserver_community/lib/LocalAppData.php line 80
OCA\DocumentServer\Document\FontManager->OCA\DocumentServer\Document\{closure}("*** sensitive parameters replaced ***")
1. /var/www/html/nextcloud/apps/documentserver_community/lib/Document/FontManager.php line 49
OCA\DocumentServer\LocalAppData->getReadLocalPath()
2. /var/www/html/nextcloud/apps/documentserver_community/lib/Migration/RebuildFonts.php line 52
OCA\DocumentServer\Document\FontManager->rebuildFonts()
3. /var/www/html/nextcloud/lib/private/Repair.php line 127
OCA\DocumentServer\Migration\RebuildFonts->run()
4. /var/www/html/nextcloud/lib/private/legacy/OC_App.php line 905
OC\Repair->run()
5. /var/www/html/nextcloud/lib/private/Installer.php line 157
OC_App::executeRepairSteps()
6. /var/www/html/nextcloud/apps/settings/lib/Controller/AppSettingsController.php line 451
OC\Installer->installApp()
7. /var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php line 230
OCA\Settings\Controller\AppSettingsController->enableApps()
8. /var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php line 137
OC\AppFramework\Http\Dispatcher->executeController()
9. /var/www/html/nextcloud/lib/private/AppFramework/App.php line 183
OC\AppFramework\Http\Dispatcher->dispatch()
10. /var/www/html/nextcloud/lib/private/Route/Router.php line 315
OC\AppFramework\App::main()
11. /var/www/html/nextcloud/lib/base.php line 1068
OC\Route\Router->match()
12. /var/www/html/nextcloud/index.php line 36
OC::handleRequest()
POST /nextcloud/index.php/settings/apps/enable
from 87.123.81.92 by Andreas at 2023-11-25T12:12:21+01:00
Wenn ich versuche zu speichern:
Hat jemand eine Idee, wo das Problem ist?
Alles Andere läuft einwandfrei.
Ich hoffe, dass die Formatierung des Posts stimmt, ansonsten schon mal sorry dafür!
Viele Grüße und vielen Dank!
Andreas