Hi all,
I am currently setting up a small test environment to verify releases before upgrading on my prod.
For test i use an raspberry pi 4 and the raspios_arm64-2021-05-28 version. I have removed the X11 after installing it on the Pi.
My configuration is a minor modification of the official docker-compose template on the docker.
I am using the docker-compose template
docker/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/.
docker-compose.yml looks like
version: '3'
services:
db:
image: mariadb
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
restart: always
volumes:
- /opt/nextcloud/db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=xxx
env_file:
- db.env
redis:
image: redis:alpine
restart: always
app:
image: nextcloud:stable-fpm-alpine
restart: always
volumes:
- /opt/nextcloud/app/nextcloud:/var/www/html
- /opt/nextcloud/app/config:/var/www/html/config
- /opt/nextcloud/app/custom_apps:/var/www/html/custom_apps
- /opt/nextcloud/app/data:/var/www/html/data
- /opt/nextcloud/app/themes:/var/www/html/themes
environment:
- MYSQL_HOST=db
- REDIS_HOST=redis
env_file:
- db.env
depends_on:
- db
- redis
web:
build: ./web
restart: always
volumes:
- /opt/nextcloud/app/nextcloud:/var/www/html:ro
environment:
- VIRTUAL_HOST=nextcloud-test.domain.io
- LETSENCRYPT_HOST=nextcloud-test.domain.io
- LETSENCRYPT_EMAIL=my@mail.io
depends_on:
- app
networks:
- proxy-tier
- default
cron:
image: nextcloud:stable-fpm-alpine
restart: always
volumes:
- /opt/nextcloud/app/nextcloud:/var/www/html
entrypoint: /cron.sh
depends_on:
- db
- redis
proxy:
build: ./proxy
restart: always
ports:
- 80:80
- 443:443
labels:
com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: "true"
volumes:
- /opt/nextcloud/nginx/certs:/etc/nginx/certs:ro
- /opt/nextcloud/nginx/vhost.d:/etc/nginx/vhost.d
- /opt/nextcloud/nginx/html:/usr/share/nginx/html
- /var/run/docker.sock:/tmp/docker.sock:ro
networks:
- proxy-tier
letsencrypt-companion:
image: jrcs/letsencrypt-nginx-proxy-companion
restart: always
volumes:
- /opt/nextcloud/nginx/certs:/etc/nginx/certs
- /opt/nextcloud/nginx/vhost.d:/etc/nginx/vhost.d
- /opt/nextcloud/nginx/html:/usr/share/nginx/html
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- proxy-tier
depends_on:
- proxy
volumes:
db:
nextcloud:
config:
custom_apps:
data:
themes:
certs:
vhost.d:
html:
networks:
proxy-tier:
When I start/create the docker-compose by
sudo docker-compose up -d
I have a positive output
Creating network "nextcloud_default" with the default driver
Creating network "nextcloud_proxy-tier" with the default driver
Creating nextcloud_proxy_1 ... done
Creating nextcloud_db_1 ... done
Creating nextcloud_redis_1 ... done
Creating nextcloud_letsencrypt-companion_1 ... done
Creating nextcloud_app_1 ... done
Creating nextcloud_cron_1 ... done
Creating nextcloud_web_1 ... done
The app/config and app/nextcloud folders are filled. Only the config.php is missing in the app/config folder.
I am aware, that the www-data:www-data user:group needs to have permission on the app folder, which I also set.
What confuses me is the following output
x@test: /opt/nextcloud/app $ ls -lah
drwxr-xr-x 7 www-data www-data 4.0K Jun 13 20:37 .
drwxr-xr-x 9 root root 4.0K Jun 13 19:13 ..
drwxr-xr-x 2 82 root 4.0K Jun 13 21:52 config
drwxr-xr-x 2 82 root 4.0K Jun 13 17:06 custom_apps
drwxr-xr-x 3 www-data www-data 4.0K Jun 13 15:34 data
drwxr-xr-x 14 82 root 4.0K Jun 13 21:52 nextcloud
drwxr-xr-x 3 www-data www-data 4.0K Jun 13 18:20 themes
First I have never seen this kind of user permission, maybe there is something new. Nevertheless, I fix it by applying
sudo chown -R www-data:www-data /opt/nextcloud/app/
Besides this, I do not see anything helpful in the logfiles
x@test: /opt/nextcloud $ sudo docker-compose logs
Attaching to nextcloud_web_1, nextcloud_app_1, nextcloud_cron_1, nextcloud_letsencrypt-companion_1, nextcloud_redis_1, nextcloud_proxy_1, nextcloud_db_1
app_1 | Configuring Redis as session handler
app_1 | Initializing nextcloud 20.0.10.1 ...
app_1 | Initializing finished
app_1 | New nextcloud instance
app_1 | [13-Jun-2021 19:52:07] NOTICE: fpm is running, pid 1
app_1 | [13-Jun-2021 19:52:07] NOTICE: ready to handle connections
cron_1 | crond: crond (busybox 1.32.1) started, log level 0
cron_1 | crond: user:www-data entry:*/5 * * * * php -f /var/www/html/cron.php
cron_1 | 100001000010000100001000010000100001000010000100001000010000
cron_1 | 111111111111111111111111
cron_1 | 11111111111111111111111111111111
cron_1 | 111111111111
cron_1 | 1111111
cron_1 | crond: user:www-data entry:*/5 * * * * php -f /var/www/html/cron.php
cron_1 | 100001000010000100001000010000100001000010000100001000010000
cron_1 | 111111111111111111111111
cron_1 | 11111111111111111111111111111111
cron_1 | 111111111111
cron_1 | 1111111
cron_1 | crond: wakeup dt=33
cron_1 | crond: file www-data:
cron_1 | crond: line php -f /var/www/html/cron.php
cron_1 | crond: wakeup dt=60
cron_1 | crond: file www-data:
cron_1 | crond: line php -f /var/www/html/cron.php
cron_1 | crond: wakeup dt=60
cron_1 | crond: file www-data:
cron_1 | crond: line php -f /var/www/html/cron.php
cron_1 | crond: wakeup dt=60
cron_1 | crond: file www-data:
cron_1 | crond: line php -f /var/www/html/cron.php
cron_1 | crond: job: 0 php -f /var/www/html/cron.php
cron_1 | crond: USER www-data pid 6 cmd php -f /var/www/html/cron.php
cron_1 | crond: child running /bin/ash
cron_1 | Cannot write into "config" directory!
cron_1 | This can usually be fixed by giving the webserver write access to the config directory
cron_1 |
cron_1 | Or, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it.
cron_1 | See https://docs.nextcloud.com/server/20/go.php?to=admin-config
cron_1 | crond: wakeup dt=10
cron_1 | crond: wakeup dt=50
cron_1 | crond: file www-data:
cron_1 | crond: line php -f /var/www/html/cron.php
cron_1 | crond: wakeup dt=60
cron_1 | crond: file www-data:
cron_1 | crond: line php -f /var/www/html/cron.php
cron_1 | crond: wakeup dt=60
cron_1 | crond: file www-data:
cron_1 | crond: line php -f /var/www/html/cron.php
cron_1 | crond: wakeup dt=60
cron_1 | crond: file www-data:
cron_1 | crond: line php -f /var/www/html/cron.php
cron_1 | crond: wakeup dt=60
cron_1 | crond: file www-data:
cron_1 | crond: line php -f /var/www/html/cron.php
cron_1 | crond: job: 0 php -f /var/www/html/cron.php
cron_1 | crond: USER www-data pid 7 cmd php -f /var/www/html/cron.php
cron_1 | crond: child running /bin/ash
cron_1 | Cannot write into "config" directory!
cron_1 | This can usually be fixed by giving the webserver write access to the config directory
cron_1 |
cron_1 | Or, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it.
cron_1 | See https://docs.nextcloud.com/server/20/go.php?to=admin-config
cron_1 | crond: wakeup dt=10
cron_1 | crond: wakeup dt=50
cron_1 | crond: file www-data:
cron_1 | crond: line php -f /var/www/html/cron.php
cron_1 | crond: wakeup dt=60
cron_1 | crond: file www-data:
cron_1 | crond: line php -f /var/www/html/cron.php
web_1 | /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
web_1 | /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
web_1 | /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
web_1 | 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
web_1 | 10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
web_1 | /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
web_1 | /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
web_1 | /docker-entrypoint.sh: Configuration complete; ready for start up
redis_1 | 1:C 13 Jun 2021 19:51:24.568 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
redis_1 | 1:C 13 Jun 2021 19:51:24.568 # Redis version=6.2.4, bits=64, commit=00000000, modified=0, pid=1, just started
redis_1 | 1:C 13 Jun 2021 19:51:24.568 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
redis_1 | 1:M 13 Jun 2021 19:51:24.570 * monotonic clock: POSIX clock_gettime
redis_1 | 1:M 13 Jun 2021 19:51:24.582 * Running mode=standalone, port=6379.
redis_1 | 1:M 13 Jun 2021 19:51:24.582 # Server initialized
redis_1 | 1:M 13 Jun 2021 19:51:24.582 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
redis_1 | 1:M 13 Jun 2021 19:51:24.587 * Ready to accept connections
letsencrypt-companion_1 | Info: running acme-companion version v2.1.0-10-gcd3b51b
letsencrypt-companion_1 | Warning: '/etc/acme.sh' does not appear to be a mounted volume.
letsencrypt-companion_1 | Info: Custom Diffie-Hellman group found, generation skipped.
letsencrypt-companion_1 | Reloading nginx proxy (580edd713a2cfde79090dc210e0977e538d4066e129ed45b2ad93a05aec28d98)...
letsencrypt-companion_1 | 2021/06/13 19:51:30 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
letsencrypt-companion_1 | 2021/06/13 19:51:30 [notice] 51#51: signal process started
letsencrypt-companion_1 | 2021/06/13 19:51:30 Generated '/app/letsencrypt_service_data' from 7 containers
letsencrypt-companion_1 | 2021/06/13 19:51:30 Running '/app/signal_le_service'
letsencrypt-companion_1 | 2021/06/13 19:51:30 Watching docker events
letsencrypt-companion_1 | 2021/06/13 19:51:30 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
letsencrypt-companion_1 | [Sun Jun 13 19:51:32 UTC 2021] Create account key ok.
letsencrypt-companion_1 | [Sun Jun 13 19:51:32 UTC 2021] Registering account: https://acme-v02.api.letsencrypt.org/directory
letsencrypt-companion_1 | [Sun Jun 13 19:51:34 UTC 2021] Registered
letsencrypt-companion_1 | [Sun Jun 13 19:51:34 UTC 2021] ACCOUNT_THUMBPRINT='xxx'
letsencrypt-companion_1 | Reloading nginx proxy (580edd713a2cfde79090dc210e0977e538d4066e129ed45b2ad93a05aec28d98)...
letsencrypt-companion_1 | 2021/06/13 19:51:35 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification ''
letsencrypt-companion_1 | 2021/06/13 19:51:35 [notice] 76#76: signal process started
letsencrypt-companion_1 | Creating/renewal nextcloud-test.domain.io certificates... (nextcloud-test.domain.io)
letsencrypt-companion_1 | [Sun Jun 13 19:51:37 UTC 2021] Using CA: https://acme-v02.api.letsencrypt.org/directory
letsencrypt-companion_1 | [Sun Jun 13 19:51:37 UTC 2021] Creating domain key
letsencrypt-companion_1 | [Sun Jun 13 19:51:40 UTC 2021] The domain key is here: /etc/acme.sh/my@mail.io/nextcloud-test.domain.io/nextcloud-test.domain.io.key
letsencrypt-companion_1 | [Sun Jun 13 19:51:40 UTC 2021] Single domain='nextcloud-test.domain.io'
letsencrypt-companion_1 | [Sun Jun 13 19:51:40 UTC 2021] Getting domain auth token for each domain
letsencrypt-companion_1 | [Sun Jun 13 19:51:43 UTC 2021] Getting webroot for domain='nextcloud-test.domain.io'
letsencrypt-companion_1 | [Sun Jun 13 19:51:44 UTC 2021] Verifying: nextcloud-test.domain.io
letsencrypt-companion_1 | [Sun Jun 13 19:51:48 UTC 2021] nextcloud-test.domain.io:Verify error:Invalid response from http://nextcloud-test.domain.io/.well-known/acme-challenge/tqKBT7vW-yTvcd_EzlfSrfvS-zHURUyU1bhZ0_9-NPU [87.168.140.171]:
letsencrypt-companion_1 | [Sun Jun 13 19:51:48 UTC 2021] Please check log file for more details: /dev/null
letsencrypt-companion_1 | Sleep for 3600s
proxy_1 | WARNING: /etc/nginx/dhparam/dhparam.pem was not found. A pre-generated dhparam.pem will be used for now while a new one
proxy_1 | is being generated in the background. Once the new dhparam.pem is in place, nginx will be reloaded.
proxy_1 | Generating DSA parameters, 4096 bit long prime
proxy_1 | forego | starting dockergen.1 on port 5000
proxy_1 | forego | starting nginx.1 on port 5100
proxy_1 | dockergen.1 | 2021/06/13 19:51:27 Generated '/etc/nginx/conf.d/default.conf' from 4 containers
proxy_1 | dockergen.1 | 2021/06/13 19:51:27 Running 'nginx -s reload'
proxy_1 | dockergen.1 | 2021/06/13 19:51:27 Watching docker events
proxy_1 | dockergen.1 | 2021/06/13 19:51:27 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload'
proxy_1 | dockergen.1 | 2021/06/13 19:51:27 Received event start for container 36972025c655
proxy_1 | dockergen.1 | 2021/06/13 19:51:27 Received event start for container 5e5733816dc3
proxy_1 | dockergen.1 | 2021/06/13 19:51:27 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload'
proxy_1 | dockergen.1 | 2021/06/13 19:51:28 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload'
proxy_1 | dockergen.1 | 2021/06/13 19:51:29 Received event start for container a43110b37eca
proxy_1 | dockergen.1 | 2021/06/13 19:51:29 Generated '/etc/nginx/conf.d/default.conf' from 7 containers
proxy_1 | dockergen.1 | 2021/06/13 19:51:29 Running 'nginx -s reload'
proxy_1 | 2021/06/13 19:53:11 [notice] 103#103: signal process started
proxy_1 | dhparam generation complete, reloading nginx
db_1 | 2021-06-13 19:51:23+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.5.10+maria~focal started.
db_1 | 2021-06-13 19:51:26+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
db_1 | 2021-06-13 19:51:26+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.5.10+maria~focal started.
db_1 | 2021-06-13 19:51:26 0 [Note] mysqld (mysqld 10.5.10-MariaDB-1:10.5.10+maria~focal) starting as process 1 ...
db_1 | 2021-06-13 19:51:26 0 [Warning] You need to use --log-bin to make --binlog-format work.
db_1 | 2021-06-13 19:51:27 0 [Note] InnoDB: Uses event mutexes
db_1 | 2021-06-13 19:51:27 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
db_1 | 2021-06-13 19:51:27 0 [Note] InnoDB: Number of pools: 1
db_1 | 2021-06-13 19:51:27 0 [Note] InnoDB: Using ARMv8 crc32 instructions
db_1 | 2021-06-13 19:51:27 0 [Note] mysqld: O_TMPFILE is not supported on /tmp (disabling future attempts)
db_1 | 2021-06-13 19:51:27 0 [Note] InnoDB: Using Linux native AIO
db_1 | 2021-06-13 19:51:27 0 [Note] InnoDB: Initializing buffer pool, total size = 134217728, chunk size = 134217728
db_1 | 2021-06-13 19:51:27 0 [Note] InnoDB: Completed initialization of buffer pool
db_1 | 2021-06-13 19:51:27 0 [Note] InnoDB: 128 rollback segments are active.
db_1 | 2021-06-13 19:51:27 0 [Note] InnoDB: Creating shared tablespace for temporary tables
db_1 | 2021-06-13 19:51:27 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
db_1 | 2021-06-13 19:51:27 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
db_1 | 2021-06-13 19:51:27 0 [Note] InnoDB: 10.5.10 started; log sequence number 45250; transaction id 20
db_1 | 2021-06-13 19:51:27 0 [Note] Plugin 'FEEDBACK' is disabled.
db_1 | 2021-06-13 19:51:27 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
db_1 | 2021-06-13 19:51:27 0 [Note] Server socket created on IP: '::'.
db_1 | 2021-06-13 19:51:27 0 [Note] InnoDB: Buffer pool(s) load completed at 210613 19:51:27
db_1 | 2021-06-13 19:51:27 0 [Warning] 'proxies_priv' entry '@% root@77592b35a688' ignored in --skip-name-resolve mode.
db_1 | 2021-06-13 19:51:27 0 [Note] Reading of all Master_info entries succeeded
db_1 | 2021-06-13 19:51:27 0 [Note] Added new Master_info '' to hash table
db_1 | 2021-06-13 19:51:27 0 [Note] mysqld: ready for connections.
db_1 | Version: '10.5.10-MariaDB-1:10.5.10+maria~focal' socket: '/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution
That is it actually, I have tried also to run
sudo docker-compose build --pull
Without any change in the outcome, I still only get 503 Service Temporarily Unavailable (nginx), independend of http or https
db uses an image, skipping
redis uses an image, skipping
app uses an image, skipping
Building web
Step 1/2 : FROM nginx:alpine
alpine: Pulling from library/nginx
Digest: sha256:0f8595aa040ec107821e0409a1dd3f7a5e989501d5c8d5b5ca1f955f33ac81a0
Status: Image is up to date for nginx:alpine
---> 8cf62abdac9f
Step 2/2 : COPY nginx.conf /etc/nginx/nginx.conf
---> Using cache
---> 08d0757c7173
Successfully built 08d0757c7173
Successfully tagged nextcloud_web:latest
cron uses an image, skipping
Building proxy
Step 1/2 : FROM jwilder/nginx-proxy:alpine
alpine: Pulling from jwilder/nginx-proxy
Digest: sha256:d61b33ea0d4203c4685776ca8c21d4b86d710dbe8389f7a6186ed0d7400674e1
Status: Image is up to date for jwilder/nginx-proxy:alpine
---> f5c6b428fce1
Step 2/2 : COPY uploadsize.conf /etc/nginx/conf.d/uploadsize.conf
---> Using cache
---> 5cbafbee737f
Successfully built 5cbafbee737f
Successfully tagged nextcloud_proxy:latest
letsencrypt-companion uses an image, skipping
I hope some of you know the issue, I have already spend half the Sunday to figure it out but don’t get it what kind of issue is blocking me.
Greetings,
Sputnik
