Hello nextcloud community,
I have a hell of a hard time configuring nextcloud docker image. Please bear in mind I have a rudimentary knowledge of how apache is serving files for a webserver.
I intend to use a NGINX reverse proxy, so I need to have a baseURL to serve different applications on the same server. I donât want to manage the SSL/https at the nextcloud app level but at the nginx level.
So http will do for this nextcloud and it is the aim.
As a result, I wanted to append /nc/ to the base URL (access to http://example.com/nc/ instead of http://example.com/).
To make it easier and as part of this post, I am not considering the proxy for now, I just want to have owncloud working using http and being able to access it through http://example.com/nc/. So there is NO proxy involved as part of the following:
Here is the relatively simple docker-compose.yml :
volumes:
nextcloud-data:
nextcloud-db:
networks:
frontend:
# add this if the network is already existing!
# external: true
backend:
services:
nextcloud-app:
image: nextcloud
restart: always
ports:
- "80:80"
- "81:81"
- "443:443"
volumes:
- /media/nextcloud-data:/var/www/html
- /home/user1/Docker/nextcloud-christian-lempa/logs:/var/log/apache2
environment:
- MYSQL_PASSWORD=*******
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=nextcloud-db
- NEXTCLOUD_TRUSTED_DOMAINS=example.com
- OVERWRITEHOST=example.com
- OVERWRITEPROTOCOL=http
- OVERWRITEWEBROOT=/nc
networks:
- frontend
- backend
nextcloud-db:
image: mariadb
restart: always
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
volumes:
- /media/nextcloud-db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=*******
- MYSQL_PASSWORD=*******
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
healthcheck:
test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
start_period: 10s
interval: 10s
timeout: 5s
retries: 3
networks:
- backend
Following this it should be working from my understanding.
But it doesnât because apache2 is searching files in /var/www/html/nc.
So I had to manually create a symlink in the container:
ln -s /var/www/html/ /var/www/html/nc
chown www-data:root -h /var/www/html/nc
Now I can access the first page, asking me to define an admin user and password. Once these two fields are defined, here come the second, trickier issue :
We can see the page stating âinstallingââŚBut then I get redirected to a page http://example.com/nc/index.php/core/apps/recommended stating :
Recommended apps
Could not fetch list of apps from the App Store.
The network tab of chrome developer tools shows the following errors :
10Refused to apply style from '<URL>' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
recommended:1 Refused to apply style from 'http://example.com/nc/apps/theming/theme/light-highcontrast.css?plain=0&v=21421e36' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
recommended:1 Refused to apply style from 'http://example.com/nc/apps/theming/theme/default.css?plain=1&v=21421e36' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
recommended:1 Refused to apply style from 'http://example.com/nc/apps/theming/theme/dark.css?plain=0&v=21421e36' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
recommended:1 Refused to apply style from 'http://example.com/nc/apps/theming/theme/dark-highcontrast.css?plain=0&v=21421e36' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
recommended:1 Refused to apply style from 'http://example.com/nc/apps/theming/theme/light.css?plain=1&v=21421e36' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
recommended:1 Refused to apply style from 'http://example.com/nc/apps/theming/theme/light.css?plain=0&v=21421e36' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
recommended:1 Refused to apply style from 'http://example.com/nc/apps/theming/theme/dark.css?plain=1&v=21421e36' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
recommended:1 Refused to apply style from 'http://example.com/nc/apps/theming/theme/light-highcontrast.css?plain=1&v=21421e36' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
recommended:1 Refused to apply style from 'http://example.com/nc/apps/theming/theme/opendyslexic.css?plain=0&v=21421e36' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
recommended:1 Refused to apply style from 'http://example.com/nc/apps/theming/theme/dark-highcontrast.css?plain=1&v=21421e36' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
recommended:23
GET http://example.com/nc/js/core/merged-template-prepend.js?v=9ae81861-0 net::ERR_ABORTED 404 (Not Found)
recommended:1 Refused to execute script from 'http://example.com/nc/js/core/merged-template-prepend.js?v=9ae81861-0' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
session-heartbeat.js:103 session heartbeat polling started
RecommendedApps.vue:140
GET http://example.com/nc/settings/apps/list 404 (Not Found)
(anonymous) @ xhr.js:258
xhr @ xhr.js:49
p @ dispatchRequest.js:51
_request @ Axios.js:170
request @ Axios.js:40
a.A.forEach.w.<computed> @ Axios.js:196
(anonymous) @ bind.js:5
mounted @ RecommendedApps.vue:140
un @ vue.runtime.esm.js:3033
Un @ vue.runtime.esm.js:4048
e @ vue.runtime.esm.js:3921
ja.$mount @ vue.runtime.esm.js:8797
43474 @ recommendedapps.js:40
i @ bootstrap:19
(anonymous) @ core-recommendedapps.js?v=9ae81861-0:2
i.O @ chunk loaded:25
(anonymous) @ core-recommendedapps.js?v=9ae81861-0:2
(anonymous) @ core-recommendedapps.js?v=9ae81861-0:2
Show 11 more frames
Show less
RecommendedApps.vue:148 [ERROR] core: could not fetch app list {app: 'core', uid: 'admin', level: 2, error: r}
value @ ConsoleLogger.js:74
value @ ConsoleLogger.js:100
mounted @ RecommendedApps.vue:148
await in mounted (async)
un @ vue.runtime.esm.js:3033
Un @ vue.runtime.esm.js:4048
e @ vue.runtime.esm.js:3921
ja.$mount @ vue.runtime.esm.js:8797
43474 @ recommendedapps.js:40
i @ bootstrap:19
(anonymous) @ core-recommendedapps.js?v=9ae81861-0:2
i.O @ chunk loaded:25
(anonymous) @ core-recommendedapps.js?v=9ae81861-0:2
(anonymous) @ core-recommendedapps.js?v=9ae81861-0:2
Show 6 more frames
Show less
session-heartbeat.js:86
GET http://example.com/nc/csrftoken 404 (Not Found)
send @ jquery.js:9940
ajax @ jquery.js:9521
C.each.C.<computed> @ jquery.js:9677
(anonymous) @ session-heartbeat.js:86
Pt @ session-heartbeat.js:93
setInterval (async)
Ot @ session-heartbeat.js:101
(anonymous) @ session-heartbeat.js:157
Ze @ init.js:111
(anonymous) @ main.js:45
Show 3 more frames
Show less
session-heartbeat.js:96 session heartbeat failed {readyState: 4, getResponseHeader: Ć, getAllResponseHeaders: Ć, setRequestHeader: Ć, overrideMimeType: Ć, âŚ}
Pt @ session-heartbeat.js:96
setInterval (async)
Ot @ session-heartbeat.js:101
(anonymous) @ session-heartbeat.js:157
Ze @ init.js:111
(anonymous) @ main.js:45
session-heartbeat.js:86
GET http://example.com/nc/csrftoken 404 (Not Found)
send @ jquery.js:9940
ajax @ jquery.js:9521
C.each.C.<computed> @ jquery.js:9677
(anonymous) @ session-heartbeat.js:86
Pt @ session-heartbeat.js:93
setInterval (async)
Ot @ session-heartbeat.js:101
(anonymous) @ session-heartbeat.js:157
Ze @ init.js:111
(anonymous) @ main.js:45
Show 3 more frames
Show less
session-heartbeat.js:96 session heartbeat failed {readyState: 4, getResponseHeader: Ć, getAllResponseHeaders: Ć, setRequestHeader: Ć, overrideMimeType: Ć, âŚ}
I wonât get into too much details, but I spent more than 10 hours of troubleshooting to understand it was due to one file in the container :
-rw-râr-- 1 www-data www-data 3954 Jul 29 13:36 /var/www/html/.htaccess
Once this one is removed, I can access the apps, and login as expected. Without removing it, I had all sorts of 404 errors (permission related it seems in the end).
I am nevertheless aware that this file /var/www/html/.htaccess is there for a reason, for a security reason.
I am also aware that nextcloud is designed to work with https and an SSL cert. But I donât have a fixed domain (I use a no-ip domain as well as a self signed cert for my proxy to access over internet), so the only way I got it to work was by running nextcloud in http and then get https traffic through my reverse proxy for security.
Would it be fair to request the docker image to be modified so that it does the creating a symlink and editing of /var/www/html/.htaccess automatically when using the parameter OVERWRITEWEBROOT in docker-compose file? As it is open source, I am willing to do it, it shouldnât be too complicated now that I pinpointed the problem (provided someone here is a pro at apache2 rewrite rules).
So the only problem remaining here is that I am not sure how to rewrite all the rewrite rules so that they integrate the /nc/ or whatever is passed as an argument to OVERWRITEWEBROOT when using docker-compose.
Indeed, if no OVERWRITEWEBROOT parameter is passed, I can setup the http nextcloud without symlink and without removing or editing .htaccess.
If this is not considered a bug or at least a feature request, is the container not supposed to work with the parameters I have passed when creating the container with docker-compose?
Thanks!