Everything fine or not?

Nemskiller · May 11, 2019, 5:15pm

certbot renew
Or
letsencrypt renew

vatolin · May 11, 2019, 5:21pm

pi@raspberrypi:~ $ sudo letsencrypt renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/vatocloud.firewall-gateway.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/vatocloud.firewall-gateway.com/fullchain.pem expires on 2019-07-10 (skipped)
No renewals were attempted.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

And

pi@raspberrypi:~ $ sudo certbot --force-renewal
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Certbot doesn't know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run "certbot certonly" to do so. You'll need to manually configure your web server to use the resulting certificate.
pi@raspberrypi:~ $ man certbot
pi@raspberrypi:~ $ sudo certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
The requested nginx plugin does not appear to be installed

Nemskiller · May 11, 2019, 5:31pm

Your cert isn’t expired.
You have a problem on your nextcloud.conf file with ssl. Follow what i told you before

vatolin · May 11, 2019, 6:58pm

pi@raspberrypi:/ $ locate nextcloud.conf
/etc/apache2/sites-available/nextcloud.conf

And the content of the file is:

Alias /nextcloud "/var/www/html/"

<Directory /var/www/html/>
  Options +FollowSymlinks
  AllowOverride All

 <IfModule mod_dav.c>
  Dav off
 </IfModule>

 SetEnv HOME /var/www/html
 SetEnv HTTP_HOME /var/www/html

</Directory>

Nemskiller · May 11, 2019, 7:03pm

You are using apache or ngnix as your web server ?
You installed your server yourself or by using an image already built in ?

vatolin · May 11, 2019, 7:07pm

I have installed my server by myself using this instruction and have moved the data by solution 2 of this instruction.

Nemskiller · May 11, 2019, 7:23pm

So you are using nginx and your conf file is named default in /etc/nginx/sites-enabled

vatolin · May 11, 2019, 7:57pm

This is the content of the file you have mentioned:

upstream php-handler {
 #server 127.0.0.1:9000;
 server unix:/var/run/php/php7.0-fpm.sock;
}

server {
 listen 80;
 listen [::]:80;
 server_name vatocloud.firewall-gateway.com;
 # enforce https
 return 301 https://$server_name$request_uri;
 #root /var/www/html/;
}

server {
 listen 443 ssl http2;
 listen [::]:443 ssl http2;
 server_name vatocloud.firewall-gateway.com;

 ssl_certificate /etc/letsencrypt/live/vatocloud.firewall-gateway.com/fullchain.pem;
 ssl_certificate_key /etc/letsencrypt/live/vatocloud.firewall-gateway.com/privkey.pem;

# Add headers to serve security related headers
 # Before enabling Strict-Transport-Security headers please read into this
 # topic first.
 add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
 #
 # WARNING: Only add the preload option once you read about
 # the consequences in https://hstspreload.org/. This option
 # will add the domain to a hardcoded list that is shipped
 # in all major browsers and getting removed from this list
 # could take several months.
 add_header X-Content-Type-Options nosniff;
 add_header X-XSS-Protection "1; mode=block";
 add_header X-Robots-Tag none;
 add_header X-Download-Options noopen;
 add_header X-Permitted-Cross-Domain-Policies none;
 add_header Referrer-Policy "no-referrer" always;

# Path to the root of your installation
 root /var/www/html/;

location = /robots.txt {
 allow all;
 log_not_found off;
 access_log off;
 }

# The following 2 rules are only needed for the user_webfinger app.
 # Uncomment it if you're planning to use this app.
 #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
 #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
 # last;

location = /.well-known/carddav {
 return 301 $scheme://$host/remote.php/dav;
 }
 location = /.well-known/caldav {
 return 301 $scheme://$host/remote.php/dav;
 }

# set max upload size
 client_max_body_size 512M;
 fastcgi_buffers 64 4K;

# Enable gzip but do not remove ETag headers
 gzip on;
 gzip_vary on;
 gzip_comp_level 4;
 gzip_min_length 256;
 gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
 gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.m$

# Uncomment if your server is build with the ngx_pagespeed module
 # This module is currently not supported.
 #pagespeed off;

location / {
 rewrite ^ /index.php$uri;
 }

location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
 deny all;
 }
 location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
 deny all;
 }

location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
 fastcgi_split_path_info ^(.+\.php)(/.*)$;
 include fastcgi_params;
 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 fastcgi_param PATH_INFO $fastcgi_path_info;
 fastcgi_param HTTPS on;
 #Avoid sending the security headers twice
 fastcgi_param modHeadersAvailable true;
 fastcgi_param front_controller_active true;
 fastcgi_pass php-handler;
 fastcgi_intercept_errors on;
 fastcgi_request_buffering off;
 }

location ~ ^/(?:updater|ocs-provider)(?:$|/) {
 try_files $uri/ =404;
 index index.php;
 }

# Adding the cache control header for js and css files
 # Make sure it is BELOW the PHP block
 location ~ \.(?:css|js|woff|svg|gif)$ {
 try_files $uri /index.php$uri$is_args$args;
 add_header Cache-Control "public, max-age=15778463";
 # Add headers to serve security related headers (It is intended to
 # have those duplicated to the ones above)
 # Before enabling Strict-Transport-Security headers please read into
 # this topic first.
 # add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
 #
 # WARNING: Only add the preload option once you read about
 # the consequences in https://hstspreload.org/. This option
 # will add the domain to a hardcoded list that is shipped
 # in all major browsers and getting removed from this list
 # could take several months.
 add_header X-Content-Type-Options nosniff;
 add_header X-XSS-Protection "1; mode=block";
 add_header X-Robots-Tag none;
 add_header X-Download-Options noopen;
 add_header X-Permitted-Cross-Domain-Policies none;
 # Optional: Don't log access to assets
 access_log off;
 }

location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
 try_files $uri /index.php$uri$is_args$args;
 # Optional: Don't log access to other assets
 access_log off;
 }
}

Nemskiller · May 11, 2019, 8:12pm

Go into this folder :
/var/run/php/ do you see a file called : php7.3-fpm.sock ?

If yes modify your default file by remplacing this
unix:/var/run/php/php7.0-fpm.sock
By this
unix:/var/run/php/php7.3-fpm.

Restart your server and test again.
If it’s not working see the new error in the log file

vatolin · May 11, 2019, 8:24pm

[quote=“Nemskiller, post:25, topic:53065, full:true”]
unix:/var/run/php/php7.3-fpm.[/quote]

With dot after fpm and without sock after the dot, right?

Nemskiller · May 11, 2019, 8:25pm

With .sock

vatolin · May 11, 2019, 8:28pm

Hmm. I’ve tried to connect my NextCloud but only a blank page appears in the browser window.

2019/05/11 21:31:09 [error] 598#598: *47 FastCGI sent in stderr: "PHP message: PHP Fatal error:  Uncaught Doctrine\DBAL\DBALException: Failed to connect to the database: An exception occured in driver: could not find driver$
Stack trace:
#0 /home/pi/usbdrive/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(429): OC\DB\Connection->connect()
#1 /home/pi/usbdrive/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(389): Doctrine\DBAL\Connection->getDatabasePlatformVersion()
#2 /home/pi/usbdrive/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(328): Doctrine\DBAL\Connection->detectDatabasePlatform()
#3 /home/pi/usbdrive/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(623): Doctrine\DBAL\Connection->getDatabasePlatform()
#4 /home/pi/usbdrive/html/lib/private/DB/Connection.php(151): Doctrine\DBAL\Connection->setTransactionIsolation(2)
#5 /home/pi/usbdrive/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/DriverManager.php(172): OC\DB\Connection->__construct(Array, Objec...PHP message: PHP Fatal error:  Uncaught Doctrine\DBAL\DBALException: Failed to connect $
Stack trace:
#0 /home/pi/usbdrive/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(429): OC\DB\Connection->connect()
#1 /home/pi/usbdrive/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(389): Doctrine\DBAL\Connection->getDatabasePlatformVersion()
#2 /home/pi/usbdrive/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(328): Doctrine\DBAL\Connection->detectDatabasePlatform()
#3 /home/pi/usbdrive/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(623): Doctrine\DBAL\Connection->getDatabasePlatform()
#4 /home/pi/usbdrive/html/lib/private/DB/Connection.php(151): Doctrine\DBAL\Connection->setTransactionIsolation(2)
#5 /home/pi/usbdrive/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/DriverManager.php(17

Nemskiller · May 11, 2019, 8:55pm

Database connection error.
If your installation is new, you could start from stratch by deleting your config.php file in the config folder of nextcloud.

If your installation isn’t new you have to move this file without removing it to somewhere else. Reload the page and you will see if you’re redirected to the installation page.

vatolin · May 11, 2019, 9:03pm

I’ll try it. But at the moment, I want to say: Thank you so much! I have learned so much by your patient assistance. Great, that people like you are in the comunity. Thank you!

vatolin · May 11, 2019, 9:11pm

Oops! Which of them I should (re)move?

pi@raspberrypi:~ $ sudo locate config.php
/home/pi/usbdrive/html/3rdparty/swiftmailer/swiftmailer/lib/swiftmailer_generate_mimes_config.php
/home/pi/usbdrive/html/apps/files_external/lib/config.php
/home/pi/usbdrive/html/config/config.php
/var/www/dataBackup/3rdparty/swiftmailer/swiftmailer/lib/swiftmailer_generate_mimes_config.php
/var/www/dataBackup/apps/files_external/lib/config.php
/var/www/dataBackup/config/config.php

Nemskiller · May 11, 2019, 9:20pm

There is a problem
Your nginx conf file says :
Nextcloud web files are in /var/www/html/

But when you search for config.php you find it in your home folder and in a /var/www/databackup folder…

Try into /home/pi/usbdrive/html first. I think it’s an alias

vatolin · May 11, 2019, 9:24pm

Not really. I am a bloody beginner. And I think the way I’ve moved my NC from the mSDC onto the external USB drive has complicated everything.

Nemskiller · May 11, 2019, 9:42pm

Congratulations

Now do you still have some warnings in your admin panel ?

vatolin · May 12, 2019, 9:50am

NC doesn’t accept my username/password and doesn’t allow the password to be reset because no email adress be stored.

As I understand the content of config.php, NC connects the wrong database, right?

<?php
$CONFIG = array (
  'instanceid' => '<string>',
  'passwordsalt' => '<string>',
  'secret' => '<string>',
  'trusted_domains' => 
  array (
    0 => 'vatocloud.firewall-gateway.com',
  ),
  'datadirectory' => '/home/pi/usbdrive/html/data',
  'dbtype' => 'sqlite3',
  'version' => '15.0.7.0',
  'overwrite.cli.url' => 'https://vatocloud.firewall-gateway.com',
  'installed' => true,
);

I think it must be postgresql instead of sqlite3, right?

Nemskiller · May 12, 2019, 10:14am

True
You have to put postresql
The database user
The database name
The database userpassword

Search on the web how to use postgresql, how to connect, how to change userpassword, how to list database names