Fresh install from docker: 500/503 error

I installed Nextcloud from Docker, but I got some problems.

My docker-compose.yml file:

version: '3'

services:

  proxy:
    image: jwilder/nginx-proxy:alpine
    labels:
      - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy=true"
    container_name: nextcloud-proxy
    networks:
      - nextcloud_network
    ports:
      - 380:80
      - 3443:443
    volumes:
      - ./proxy/conf.d:/etc/nginx/conf.d:rw
      - ./proxy/vhost.d:/etc/nginx/vhost.d:rw
      - ./proxy/html:/usr/share/nginx/html:rw
      - ./proxy/certs:/etc/nginx/certs:ro
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/tmp/docker.sock:ro
    restart: unless-stopped


  letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: nextcloud-letsencrypt
    depends_on:
      - proxy
    networks:
      - nextcloud_network
    volumes:
      - ./proxy/certs:/etc/nginx/certs:rw
      - ./proxy/vhost.d:/etc/nginx/vhost.d:rw
      - ./proxy/html:/usr/share/nginx/html:rw
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
    restart: unless-stopped

  db:
    image: mariadb
    container_name: nextcloud-mariadb
    networks:
      - nextcloud_network
    volumes:
      - db:/var/lib/mysql
      - /etc/localtime:/etc/localtime:ro
    environment:
      - MYSQL_ROOT_PASSWORD=mysecurepassword
      - MYSQL_PASSWORD=mysql
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
    restart: unless-stopped

  app:
    image: nextcloud:latest
    container_name: nextcloud-app
    networks:
      - nextcloud_network
    depends_on:
      - letsencrypt
      - proxy
      - db
    volumes:
      - nextcloud:/var/www/nextcloud
      - ./app/config:/var/www/nextcloud/config
      - ./app/custom_apps:/var/www/nextcloud/custom_apps
      - ./app/data:/var/www/nextcloud/data
      - ./app/themes:/var/www/nextcloud/themes
      - /etc/localtime:/etc/localtime:ro
    environment:
      - VIRTUAL_HOST=nextcloud. domain .eu
      - LETSENCRYPT_HOST=nextcloud .domain .eu
      - LETSENCRYPT_EMAIL=myname@gmail.com
    restart: unless-stopped

volumes:
  nextcloud:
  db:

networks:
  nextcloud_network:

I changed two things only:

Ports (so I can access NC on ports 380 and 3443):

  - 380:80
  - 3443:443

And paths under volumes config section:

from /var/www/html to /var/www/nextcloud

The problem:

If I am trying to access https:// nextcloud.domain.eu:3443 I get 500 Internal Server Error. If I am trying to access with IP address locally https:// 192.168.1.54:3443 I get 503 Service Temporarily Unavailable.

Logs:

$ sudo docker logs nextcloud-mariadb
        2020-05-08 14:19:19+02:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 1:10.4.12+maria~bionic started.
        2020-05-08 14:19:21+02:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
        2020-05-08 14:19:22+02:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 1:10.4.12+maria~bionic started.
        2020-05-08 14:19:23 0 [Note] mysqld (mysqld 10.4.12-MariaDB-1:10.4.12+maria~bionic) starting as process 1 ...
        2020-05-08 14:19:23 0 [Note] InnoDB: Using Linux native AIO
        2020-05-08 14:19:23 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
        2020-05-08 14:19:23 0 [Note] InnoDB: Uses event mutexes
        2020-05-08 14:19:23 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
        2020-05-08 14:19:23 0 [Note] InnoDB: Number of pools: 1
        2020-05-08 14:19:23 0 [Note] InnoDB: Using SSE2 crc32 instructions
        2020-05-08 14:19:23 0 [Note] mysqld: O_TMPFILE is not supported on /tmp (disabling future attempts)
        2020-05-08 14:19:23 0 [Note] InnoDB: Initializing buffer pool, total size = 256M, instances = 1, chunk size = 128M
        2020-05-08 14:19:23 0 [Note] InnoDB: Completed initialization of buffer pool
        2020-05-08 14:19:23 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
        2020-05-08 14:19:23 0 [Note] InnoDB: 128 out of 128 rollback segments are active.
        2020-05-08 14:19:23 0 [Note] InnoDB: Creating shared tablespace for temporary tables
        2020-05-08 14:19:23 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
        2020-05-08 14:19:23 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
        2020-05-08 14:19:23 0 [Note] InnoDB: 10.4.12 started; log sequence number 61008; transaction id 21
        2020-05-08 14:19:23 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
        2020-05-08 14:19:23 0 [Note] Plugin 'FEEDBACK' is disabled.
        2020-05-08 14:19:23 0 [Note] Server socket created on IP: '::'.
        2020-05-08 14:19:23 0 [Note] InnoDB: Buffer pool(s) load completed at 200508 14:19:23
        2020-05-08 14:19:23 0 [Warning] 'proxies_priv' entry '@% root@564dfdec1d5e' ignored in --skip-name-resolve mode.
        2020-05-08 14:19:23 0 [Note] Reading of all Master_info entries succeeded
        2020-05-08 14:19:23 0 [Note] Added new Master_info '' to hash table
        2020-05-08 14:19:23 0 [Note] mysqld: ready for connections.
        Version: '10.4.12-MariaDB-1:10.4.12+maria~bionic'  socket: '/var/run/mysqld/mysqld.sock'  port: 3306  mariadb.org binary distribution
$ sudo docker logs nextcloud-app
[Fri May 08 14:30:42.558991 2020] [mpm_prefork:notice] [pid 1] AH00170: caught SIGWINCH, shutting down gracefully
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.22.0.5. Set the 'ServerName' directive globally to suppress this message
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.22.0.5. Set the 'ServerName' directive globally to suppress this message
[Fri May 08 14:31:32.255496 2020] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.38 (Debian) PHP/7.3.17 configured -- resuming normal operations
[Fri May 08 14:31:32.255593 2020] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'

$ sudo docker logs nextcloud-proxy
dockergen.1 | 2020/05/08 14:30:43 Received event die for container 53c36d57ccc0
dockergen.1 | 2020/05/08 14:30:43 Received event stop for container 53c36d57ccc0
dockergen.1 | 2020/05/08 14:30:44 Generated '/etc/nginx/conf.d/default.conf' from 13 containers
dockergen.1 | 2020/05/08 14:30:44 Running 'nginx -s reload'
dockergen.1 | 2020/05/08 14:30:44 Received event die for container 3c2d34ccb6a8
dockergen.1 | 2020/05/08 14:30:44 Received event stop for container 3c2d34ccb6a8
Custom dhparam.pem file found, generation skipped
forego     | starting dockergen.1 on port 5000
forego     | starting nginx.1 on port 5100
dockergen.1 | 2020/05/08 14:31:29 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload'
dockergen.1 | 2020/05/08 14:31:29 Watching docker events
dockergen.1 | 2020/05/08 14:31:31 Generated '/etc/nginx/conf.d/default.conf' from 14 containers
dockergen.1 | 2020/05/08 14:31:31 Running 'nginx -s reload'
dockergen.1 | 2020/05/08 14:31:31 Received event start for container 53c36d57ccc0
dockergen.1 | 2020/05/08 14:31:31 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload'
nginx.1    | 192.168.1.54 192.168.1.100 - - [08/May/2020:14:31:48 +0200] "GET / HTTP/2.0" 503 197 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.5 Safari/605.1.15"
nginx.1    | 192.168.1.54 192.168.1.100 - - [08/May/2020:14:31:50 +0200] "GET / HTTP/2.0" 503 197 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.5 Safari/605.1.15"
nginx.1    | nextcloud.mihalko.eu 192.168.1.1 - - [08/May/2020:14:31:56 +0200] "GET / HTTP/2.0" 500 177 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.5 Safari/605.1.15"

$ sudo docker logs nextcloud-letsencrypt
2020/05/08 14:31:32 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
2020/05/08 14:31:32 [notice] 39#39: signal process started
2020/05/08 14:31:32 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
2020/05/08 14:31:32 Watching docker events
2020/05/08 14:31:33 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
/etc/nginx/certs/nextcloud.mihalko.eu /app
Reloading nginx proxy (eb04c68ff0e165ca611a86dab7a6f8f8e380eb2dd70d46959668e6e384bf199e)...
2020/05/08 14:31:34 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
2020/05/08 14:31:34 [notice] 63#63: signal process started
Creating/renewal nextcloud.mihalko.eu certificates... (nextcloud.mihalko.eu)
2020-05-08 12:31:37,845:INFO:simp_le:1450: Generating new certificate private key
2020-05-08 12:31:50,948:ERROR:simp_le:1417: CA marked some of the authorizations as invalid, which likely means it could not access http://example.com/.well-known/acme-challenge/X. Did you set correct path in -d example.com:path or --default_root? Are all your domains accessible from the internet? Please check your domains' DNS entries, your host's network/firewall setup and your webserver config. If a domain's DNS entry has both A and AAAA fields set up, some CAs such as Let's Encrypt will perform the challenge validation over IPv6. If your DNS provider does not answer correctly to CAA records request, Let's Encrypt won't issue a certificate for your domain (see https://letsencrypt.org/docs/caa/). Failing authorizations: https://acme-v02.api.letsencrypt.org/acme/authz-v3/4448077622
Challenge validation has failed, see error log.

Debugging tips: -v improves output verbosity. Help is available under --help.
/app
Sleep for 3600
Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version (eg, 18.0.2):
Operating system and version (eg, Ubuntu 20.04):
Apache or nginx version (eg, Apache 2.4.25):
PHP version (eg, 7.1):

The issue you are facing:

Is this the first time you’ve seen this error? (Y/N):

Steps to replicate it:

The output of your Nextcloud log in Admin > Logging:

PASTE HERE

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

PASTE HERE

The output of your Apache/nginx/system log in /var/log/____:

PASTE HERE

do you think it will match with this skript?

here i’m not sure. but if you don’t get a valid letsencrypt cert you should look into this.

First question I have is if you change them back, does it work?

Also, I suspect there is an issue with the paths. was it your intention to change the paths inside the container? Why? Depending on how and when you changed them, you may have moved some of Nextcloud’s internal files where it can’t find them.

Thanks for the help.

I think both of you are right about paths. I changed them back (then docker-compose down then up to start over), but I get the same error. I can’t change back the ports to defaults, because they are already in use on the host. /

that why you may use a ingress router aka reverse proxy in front of your services.

which service is using port 80/443? (web server i know. but for what purpose.)