Zu beginn hier einmal den systembericht
Server configuration detail
Operating system: Linux 5.15.0-91-generic #101-Ubuntu SMP Tue Nov 14 13:30:08 UTC 2023 x86_64
Webserver: nginx/1.18.0 (fpm-fcgi)
Database: mysql 11.2.2
PHP version: 8.1.2-1ubuntu2.14
Modules loaded: Core, date, libxml, openssl, pcre, zlib, filter, hash, json, Reflection, SPL, session, standard, sodium, cgi-fcgi, mysqlnd, PDO, xml, apcu, bcmath, calendar, ctype, curl, dom, mbstring, FFI, fileinfo, ftp, gd, gettext, gmp, iconv, igbinary, imagick, intl, ldap, exif, mysqli, pdo_mysql, Phar, posix, readline, redis, shmop, SimpleXML, smbclient, soap, sockets, sysvmsg, sysvsem, sysvshm, tokenizer, xmlreader, xmlrpc, xmlwriter, xsl, zip, libsmbclient, Zend OPcache
Nextcloud version: 27.1.5 - 27.1.5.1
Updated from an older Nextcloud/ownCloud or fresh install:
Where did you install Nextcloud from: unknown
<details><summary>Signing status</summary>
[]
</details>
<details><summary>List of activated apps</summary>
Enabled:
- activity: 2.19.0
- admin_audit: 1.17.0
- bruteforcesettings: 2.7.0
- calendar: 4.6.4
- cfg_share_links: 4.2.0
- circles: 27.0.1
- cloud_federation_api: 1.10.0
- comments: 1.17.0
- contacts: 5.5.1
- contactsinteraction: 1.8.0
- dashboard: 7.7.0
- dav: 1.27.0
- federatedfilesharing: 1.17.0
- federation: 1.17.0
- files: 1.22.0
- files_pdfviewer: 2.8.0
- files_reminders: 1.0.0
- files_rightclick: 1.6.0
- files_sharing: 1.19.0
- files_trashbin: 1.17.0
- files_versions: 1.20.0
- firstrunwizard: 2.16.0
- logreader: 2.12.0
- lookup_server_connector: 1.15.0
- mail: 3.5.5
- nextcloud_announcements: 1.16.0
- notes: 4.9.2
- notifications: 2.15.0
- oauth2: 1.15.1
- password_policy: 1.17.0
- photos: 2.3.0
- privacy: 1.11.0
- provisioning_api: 1.17.0
- recommendations: 1.6.0
- related_resources: 1.2.0
- richdocuments: 8.2.4
- serverinfo: 1.17.0
- settings: 1.9.0
- sharebymail: 1.17.0
- spreed: 17.1.4
- support: 1.10.0
- survey_client: 1.15.0
- systemtags: 1.17.0
- text: 3.8.0
- theming: 2.2.0
- twofactor_backupcodes: 1.16.0
- updatenotification: 1.17.0
- user_status: 1.7.0
- viewer: 2.1.0
- weather_status: 1.7.0
- workflowengine: 2.9.0
Disabled:
- encryption
- files_external
- suspicious_login
- twofactor_totp
- user_ldap
</details>
<details><summary>Configuration (config/config.php)</summary>
{
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"cloud.gamingbaeren.de"
],
"trusted_proxies": "***REMOVED SENSITIVE VALUE***",
"default_phone_region": "DE",
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"dbtype": "mysql",
"version": "27.1.5.1",
"overwrite.cli.url": "http:\/\/cloud.gamingbaeren.de",
"overwriteprotocol": "https",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"filelocking.enabled": true,
"memcache.local": "\\OC\\Memcache\\Redis",
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"port": 0,
"timeout": 0
},
"mail_smtpmode": "smtp",
"mail_sendmailmode": "smtp",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpauth": 1,
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "587",
"maintenance": false,
"theme": "",
"loglevel": 0
}
</details>
Cron Configuration: Array
(
[backgroundjobs_mode] => cron
[lastcron] => 1706001602
)
External storages: files_external is disabled
Encryption: no
User-backends:
OC\User\Database
Talk configuration:
STUN servers
stun.nextcloud.com:443
TURN servers
no custom server configured
Signaling servers (mode: default):
SIP dialin is disabled
SIP dialout is disabled
no custom server configured
Recording servers:
Recording is enabled
Recording consent is set to "default"
no recording server configured
Browser: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 OPR/106.0.0.0
immer wen eine datei etwas größer ist schlägt der Upload via app oder webinterface fehl. nutze als webserver nginx und ist hinter einer reverse proxy von nginx
hier ist proxy config
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name cloud.gamingbaeren.de; # REPLACE HERE
ssl_certificate /etc/letsencrypt/live/web.gamingbaeren.de/fullchain.pem; # REPLACE HERE
ssl_certificate_key /etc/letsencrypt/live/web.gamingbaeren.de/privkey.pem; # REPLACE HERE
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
ssl_prefer_server_ciphers on;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_pass http://87.106.159.77:80/;
proxy_ssl_session_reuse off;
proxy_set_header Host $http_host;
proxy_pass_header Server;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
location ^~ /.well-known {
location = /.well-known/carddav { return 301 /remote.php/dav/; }
location = /.well-known/caldav { return 301 /remote.php/dav/; }
location ^~ /.well-known { return 301 /index.php$uri; }
try_files $uri $uri/ =404;
}
}
und hier die Nginx config
server {
listen 80;
listen [::]:80;
root /var/www/nextcloud;
index index.php index.html index.htm;
server_name cloud.gamingbaeren.de;
client_max_body_size 512M;
fastcgi_buffers 64 4K;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
location / {
rewrite ^ /index.php$uri;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
return 404;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
return 404;
}
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+).php(?:$|/) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ^~ /.well-known {
location = /.well-known/carddav { return 301 /remote.php/dav/; }
location = /.well-known/caldav { return 301 /remote.php/dav/; }
location ^~ /.well-known { return 301 /index.php$uri; }
try_files $uri $uri/ =404;
}
location ~ \.css {
add_header Content-Type text/css;
}
location ~ \.js {
add_header Content-Type application/x-javascript;
}
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri $uri/ =404;
index index.php;
}
location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
access_log off;
}
location ~ \.woff2?$ {
try_files $uri /index.php$request_uri;
expires 7d; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
}
}