Config file has leading content

Hey everyone! I’m running into an error which I’m hoping to get your insight on:

/app # frankenphp php-cli occ files:scan
An unhandled exception has been thrown:
Exception: Config file has leading content, please remove everything before "<?php" in config.php in /app/lib/private/Config.php:257
Stack trace:
#0 /app/lib/private/Config.php(71): OC\Config->readData()
#1 /app/lib/base.php(150): OC\Config->__construct('/app/config/')
#2 /app/lib/base.php(622): OC::initPaths()
#3 /app/lib/base.php(1181): OC::init()
#4 /app/console.php(48): require_once('/app/lib/base.p...')
#5 /app/occ(11): require_once('/app/console.ph...')

I’ve just SCPed over the contents of my old Snap-based nextcloud instance which I’d like to retire in favour of my own Docker-based solution. I’ve built it using a Caddy module called FrankenPHP running in one container and a Postgres instance in another. I ran through the installation using the provided occ script, which worked well.

I encountered this issue during setup numerous times, but was able to resolve it each time by simply deleting the config file and running frankenphp php-cli occ maintainence:install again with the configuration I’d like, but I don’t have that luxury anymore since I’d like to keep my current config.

The curious thing is that the error reports leading content before the <?php section in the main config file, but there isn’t anything there. This thread seems to suggest hidden characters, but hexdumping the contents of my config file proves there’s nothing there.

I’m hoping for extra help. Here’s my config.php

<?php
$CONFIG = array (
  'passwordsalt' => '/* redacted */',
  'secret' => '/* redacted */',
  'trusted_domains' => 
  array (
    0 => 'nextcloud./*my domain*/',
  ),
  'datadirectory' => '/user',
  'dbtype' => 'pgsql',
  'version' => '29.0.1.1',
  'overwrite.cli.url' => 'http://nextcloud./*my domain*/',
  'dbname' => 'nextcloud',
  'dbhost' => 'db',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'oc_/*user*/',
  'dbpassword' => '/* redacted */',
  'installed' => true,
  'instanceid' => 'ochw1if5x1yo',
  'openssl' => 
  array (
    'config' => '/app/3rdparty/phpseclib/phpseclib/phpseclib/openssl.cnf',
  ),
  'twofactor_enforced' => 'true',
  'twofactor_enforced_groups' => 
  array (
    0 => 'admin',
  ),
  'twofactor_enforced_excluded_groups' => 
  array (
  ),
  'app_install_overwrite' => 
  array (
    0 => 'cms_pico',
  ),
  'app.mail.imap.timeout' => 20,
  'app.mail.smtp.timeout' => 20,
  'app.mail.sieve.timeout' => 20,
  'app.mail.verify-tls-peer' => false,
);
?>

Another frustrating thing is that despite the occ script not working, the instance itself seems to be fine, and use/interpret the config as expected.

Any ideas what the cause/solution could be? Let me know if you’d like me to post my docker-compose.yaml file

It sort of sounds like your command line use of PHP isn’t using the PHP cli binary, but the FPM or CGI one… Or something along those lines.

Hard to say since you’re mixing FrankenPHP into the mix.

What does frankenphp php-cli -v indicate?

EDIT: One other thought occurred to me: it could be referring to anybody the config files in your config/ folder since they get merged.

Hey sorry for the late reply. I just checked fphp. Here’s the result:

root@nextcloud:~# docker exec root-nextcloud-1 frankenphp php-cli -v

Warning: Unknown: Failed to open stream: No such file or directory in Unknown on line 0

Fatal error: Failed opening required '-v' (include_path='.:') in Unknown on line 0

I suspect you may be right. What I don’t understand however is why it partially works? Why can I run nc if PHP itself is broken?

What I don’t understand however is why it partially works? Why can I run nc if PHP itself is broken?

Nextcloud Server itself - at least the web app portion - runs under the Apache/mod_php or FPM PHP SAPIs. The command line bits (occ) run under the CLI PHP SAPI.

Since you’re using FrankenPHP you’re in uncharted territory with Nextcloud. Does FrankenPHP require you to trigger PHP via their binary for some reason even at the command line? That seems unnecessary since I thought it was basically just an app server for PHP.

Hm I’m not sure what you mean by trigger php via the binary. As far as I know, Frankenphp is a caddy-flavoured wrapper around some well-known PHP interpreter but I’m the wrong person to ask…

Since it’s not a typical deployment used with Nextcloud (and certainly not supported) I figured you’d chosen FrankenPHP for a reason and knew what you were getting into. :slight_smile:

A quick look suggests that FrankenPHP indeed does not really use PHP’s CLI SAPI. Despite the cli in the command you’re running, it always uses the web SAPI. Thus it won’t work with occ likely.

You may be able to workaround it by using php rather than frankenphp when at the command line.

However you are very much in unsupported territory.

Ye that’s valid. You see, I have a bit of experience with Caddy and wanted to use it as a reverse proxy anyway. Since learning about Frankenphp, I figured it’s a drop-in replacement for a regular PHP stack - in my defense, it has been so far

1 Like

Hi @J-Cake,

I think you found a bug in frankenphp :raised_hands:

Config file has leading content, please remove everything before "<?php" in config.php

The error is shown if php’s headers_sent() function returns true.

<?php

var_dump(headers_sent());

The above test script return’s false if run with php’s default cli binary and true when executed with frankenphp php-cli.

Mind to log an issue at https://github.com/dunglas/frankenphp?

Ah okay good to know I’m not going insane :stuck_out_tongue: I’ll report it now!