It appears there may be an issue with the latest docker image on tag 15.0.0.
Im running it behind haproxy and when I go into the security section of settings I see the following warning (which ive never seen before):
There are some warnings regarding your setup.
The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds. For enhanced security, it is recommended to enable HSTS as described in the security tips ā.
Your web server is not properly set up to resolve "/.well-known/caldav". Further information can be found in the documentation.
Your web server is not properly set up to resolve "/.well-known/carddav". Further information can be found in the documentation.
Some columns in the database are missing a conversion to big int. Due to the fact that changing column types on big tables could take some time they were not changed automatically. By running 'occ db:convert-filecache-bigint' those pending changes could be applied manually. This operation needs to be made while the instance is offline. For further details read the documentation page about this.
filecache.mtime
filecache.storage_mtime
Please double check the installation guides , and check for any errors or warnings in the log.
Is this a known issue? Or have I missed something?
Really appreciate your help.
Best wishes
Andrew
Check the security of your Nextcloud over our security scan .
I am however seeing these errors as well and Im confused as to why we would get them when its the nextcloud 15.0.0 docker image Im running?
There are some warnings regarding your setup.
Your web server is not properly set up to resolve ā/.well-known/caldavā. Further information can be found in the documentation.
Your web server is not properly set up to resolve ā/.well-known/carddavā. Further information can be found in the documentation.
Some columns in the database are missing a conversion to big int. Due to the fact that changing column types on big tables could take some time they were not changed automatically. By running āocc db:convert-filecache-bigintā those pending changes could be applied manually. This operation needs to be made while the instance is offline. For further details read the documentation page about this.
just do an occ db:convert-filecache-bigint
IMHO thatās a āmissing featureā caused by Nextcloud Inc. After a fresh install nothing should be missing. I included the occ command in the setup of nc.
Iām getting the same error message after I run my playbook. Nextcloud/nginx/Traefik. Nevertheless the forewarding/redirect from /.well-known/carddav to /remote.php/dav is working. But since I donāt use this I canāt really checkā¦
Wow thats brilliant thank you !
andrew@microserver:~$ docker exec --user www-data 6c4441b6328a php occ db:convert-filecache-bigint
Following columns will be updated:
filecache.mtime
filecache.storage_mtime
This can take up to hours, depending on the number of files in your instance!
Finally my only error I see is when I used the nextcloud scanning service - I get an A rating and this error:
__Host-Prefix
The __Host prefix mitigates cookie injection vulnerabilities within potential third-party software sharing the same second level domain. It is an additional hardening on top of ānormalā same-site cookies.
Anyone seen a fix or workaround for this by anychance?
provide more details.
you are running nextcloud in docker container?
you entered docker exec --user www-data <nextcloud-container-id> php occ db:convert-filecache-bigint?