hello,
I have a problem with downloads via browser over the internet and in WLAN via the Nextcloud app.
From a size of < 1 GB or even more, the download terminates with a hint of failure.
Nextcloud version : 12.0.4
Operating system and version : Ubuntu 16.04.3
Apache or nginx version : nginx 1.10.3
PHP version : 7.0.22
Is this the first time you’ve seen this error?: no
Can you reliably replicate it? (If so, please outline steps): yes
The issue you are facing:
Any download < 1 GB failed after time or larg file size
The output of your Nextcloud log in Admin > Logging: no error Logs found and php7.0-fpm.log no errors found
The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):
<?php
$CONFIG = array (
‘instanceid’ => ‘ID-0000000’,
‘passwordsalt’ => ‘SALT-AAAAAAAAAA’,
‘secret’ => ‘SECRET-BBBBBBB’,
‘trusted_domains’ =>
array (
0 => ‘DMZ-IP’,
1 => ‘DNS-HOST-NAME’,
),
‘datadirectory’ => ‘/path/to/nextcloud-data’,
‘overwrite.cli.url’ => ‘https://DMZ-IP’,
‘dbtype’ => ‘mysql’,
‘version’ => ‘12.0.4.3’,
‘dbname’ => ‘NAME_db’,
‘dbhost’ => ‘REMOTE-DB-HOST-IP’,
‘dbport’ => ‘’,
‘dbtableprefix’ => ‘prefix_’,
‘dbuser’ => ‘DB-ADMIN-USER’,
‘dbpassword’ => ‘DB-ADMIN-PASS’,
‘installed’ => true,
‘logtimezone’ => ‘Europe/Berlin’,
‘logtype’ => ‘nextcloud’,
‘log_file’ => ‘/path/to/nextcloud-data/nextcloud.log’,
‘memcache.local’ => ‘\OC\Memcache\APCu’,
‘trashbin_retention_obligation’ => ‘30’,
‘forcessl’ => true,
‘loglevel’ => 2,
‘maintenance’ => false,
);
/etc/php/7.0/fpm/php.ini:
; Maximum execution time of each script, in seconds
max_execution_time = 3600
; Maximum amount of time each script may spend parsing request data.
max_input_time = 60
; Maximum amount of memory a script may consume (128MB)
memory_limit = 512M
; Maximum size of POST data that PHP will accept.
post_max_size = 10G
; Temporary directory for HTTP uploaded files (will use system default if not
upload_tmp_dir = /var/nx_data/
; Maximum allowed size for uploaded files.
upload_max_filesize = 10G
; Maximum number of files that can be uploaded via a single request
max_file_uploads = 20
/etc/php/7.0/fpm/pool.d/www.conf :
request_terminate_timeout = 3600
/var/www/nextcloud .user.ini :
upload_max_filesize=10000M
post_max_size=10000M
memory_limit=512M
mbstring.func_overload=0
always_populate_raw_post_data=-1
default_charset='UTF-8’
output_buffering=0
/var/www/nextcloud .htacess :
…
…
< /IfModule>
< IfModule mod_php5.c>
php_value upload_max_filesize 10G
php_value post_max_size 10G
php_value memory_limit 512M
php_value mbstring.func_overload 0
php_value always_populate_raw_post_data -1
php_value default_charset 'UTF-8’
php_value output_buffering 0
< IfModule mod_env.c>
SetEnv htaccessWorking true
< /IfModule>
< /IfModule>
< IfModule mod_php7.c>
php_value upload_max_filesize 10G
php_value post_max_size 10G
php_value memory_limit 512M
php_value mbstring.func_overload 0
php_value default_charset 'UTF-8’
php_value output_buffering 0
php_value max_input_time 3600
php_value max_execution_time 3600
/etc/nginx/sites-available/MY-Cloud.conf :
upstream php-handler {
server unix:/run/php/php7.0-fpm.sock;
}
server_tokens off;
more_set_headers Server;
server {
listen 80;
server_name DNS-HOST-NAME DMZ-IP;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name DNS-HOST-NAME DMZ-IP;
ssl_certificate /etc/nginx/ssl/NAME.crt;
ssl_certificate_key /etc/nginx/ssl/NAME.key;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 5m;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.2;
ssl_ciphers ‘ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK’;
ssl_ecdh_curve prime256v1;
add_header Strict-Transport-Security “max-age=15768000; includeSubDomains; preload;”;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection “1; mode=block”;
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy “no-referrer”;
root /path/to/nextcloud/;
client_max_body_size 10G;
client_body_buffer_size 15M;
fastcgi_buffers 64 4K;
gzip off;
rewrite ^/caldav(.)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(?:.htaccess|data|config|db_structure.xml|README){
deny all;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:.|autotest|cron|occ|issue|indie|db_|console) {
deny all;
}
location / {
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^/]+/)$ $1/index.html;
try_files $uri $uri/ =404;
}
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34]).php(?:$|/) {
fastcgi_split_path_info ^(.+.php)(/.+)$;
fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_pass php-handler;
fastcgi_request_buffering off;
fastcgi_read_timeout 333600;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
return 404;
}
location ~ ^/(?:.|autotest|occ|issue|indie|db_|console) {
return 404;
}
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri/ =404;
index index.php;
}
location ~* .(?:css|js)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control “public, max-age=7200”;
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options “SAMEORIGIN”;
add_header X-XSS-Protection “1; mode=block”;
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy “no-referrer”;
# Optional: Don’t log access to assets
access_log off;
}
location ~* .(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control “public, max-age=7200”;
access_log off;
}
}
The output of your nginx/system log in /var/log/nginx/access.log:
External IP - - [22/Dec/2017:09:25:26 +0100] “GET /remote.php/webdav/NAME-TO-NAS/audio/Videos/Adam%20Beyer%20EPIC%20TECHNO%20DJ%20Set%20from%20Drumcode%20Halloween%2C%20Tobacco%20Dock.mp4?downloadStartSecret=86dr
46voemu HTTP/1.1” 200 727630848 “-” "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
External IP - - [22/Dec/2017:09:25:32 +0100] “GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1” 200 74 “-” "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
External IP - - [22/Dec/2017:09:26:02 +0100] “GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1” 200 74 “-” "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
External IP - - [22/Dec/2017:09:26:32 +0100] “GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1” 200 74 “-” “Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0”