Hey everyone, I’ve just setup nextcloud on my new VPS and I’m getting an error that does not exist on my other vps with the same configuration.
The issue is the following:
[appstoreFetcher] Warning: GuzzleHttp\Exception\RequestException: cURL error 49: Couldn't parse CURLOPT_RESOLVE entry 'apps.nextcloud.com:80:' (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://apps.nextcloud.com/api/v1/apps.json at <<closure>>
0. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlFactory.php line 158
GuzzleHttp\Handler\CurlFactory::createRejection(GuzzleHttp\Handl ... l}, [49,"Couldn't pa ... "])
1. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlFactory.php line 110
GuzzleHttp\Handler\CurlFactory::finishError(GuzzleHttp\Handler\CurlHandler {}, GuzzleHttp\Handl ... l}, GuzzleHttp\Handler\CurlFactory {})
2. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlHandler.php line 47
GuzzleHttp\Handler\CurlFactory::finish(GuzzleHttp\Handler\CurlHandler {}, GuzzleHttp\Handl ... l}, GuzzleHttp\Handler\CurlFactory {})
3. /var/www/html/lib/private/Http/Client/DnsPinMiddleware.php line 146
GuzzleHttp\Handler\CurlHandler->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
4. /var/www/html/3rdparty/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php line 35
OC\Http\Client\DnsPinMiddleware->OC\Http\Client\{closure}("*** sensitive parameters replaced ***")
5. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 31
GuzzleHttp\PrepareBodyMiddleware->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
6. /var/www/html/3rdparty/guzzlehttp/guzzle/src/RedirectMiddleware.php line 71
GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
7. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 63
GuzzleHttp\RedirectMiddleware->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
8. /var/www/html/3rdparty/guzzlehttp/guzzle/src/HandlerStack.php line 75
GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
9. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 331
GuzzleHttp\HandlerStack->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
10. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 168
GuzzleHttp\Client->transfer("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
11. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 187
GuzzleHttp\Client->requestAsync("get", GuzzleHttp\Psr7\Uri {}, ["/var/www/html/ ... "])
12. /var/www/html/lib/private/Http/Client/Client.php line 218
GuzzleHttp\Client->request("get", "https://apps.ne ... n", ["/var/www/html/ ... "])
13. /var/www/html/lib/private/App/AppStore/Fetcher/Fetcher.php line 120
OC\Http\Client\Client->get("https://apps.ne ... n", [60])
14. /var/www/html/lib/private/App/AppStore/Fetcher/AppFetcher.php line 87
OC\App\AppStore\Fetcher\Fetcher->fetch("", "")
15. /var/www/html/lib/private/App/AppStore/Fetcher/Fetcher.php line 192
OC\App\AppStore\Fetcher\AppFetcher->fetch("", "", false)
16. /var/www/html/lib/private/App/AppStore/Fetcher/AppFetcher.php line 188
OC\App\AppStore\Fetcher\Fetcher->get(false)
17. /var/www/html/lib/private/Installer.php line 422
OC\App\AppStore\Fetcher\AppFetcher->get(false)
18. /var/www/html/apps/settings/lib/Controller/AppSettingsController.php line 259
OC\Installer->isUpdateAvailable("sharebymail")
19. <<closure>>
OCA\Settings\Controller\AppSettingsController->OCA\Settings\Controller\{closure}("*** sensitive parameters replaced ***")
20. /var/www/html/apps/settings/lib/Controller/AppSettingsController.php line 251
array_map(Closure {}, ["*** sensitive ... "])
21. /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 225
OCA\Settings\Controller\AppSettingsController->listApps()
22. /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 133
OC\AppFramework\Http\Dispatcher->executeController(OCA\Settings\Con ... {}, "listApps")
23. /var/www/html/lib/private/AppFramework/App.php line 172
OC\AppFramework\Http\Dispatcher->dispatch(OCA\Settings\Con ... {}, "listApps")
24. /var/www/html/lib/private/Route/Router.php line 298
OC\AppFramework\App::main("OCA\\Settings\\ ... r", "listApps", OC\AppFramework\ ... {}, ["settings.AppSettings.listApps"])
25. /var/www/html/lib/base.php line 1030
OC\Route\Router->match("/settings/apps/list")
26. /var/www/html/index.php line 36
OC::handleRequest()
GET /index.php/settings/apps/list
[PHP] Error: Error: dns_get_record(): A temporary server error occurred. at /var/www/html/lib/private/Http/Client/DnsPinMiddleware.php#83 at <<closure>>
0. <<closure>>
OC\Log\ErrorHandler::onError(2, "dns_get_record( ... .", "/var/www/html/l ... p", 83)
1. /var/www/html/lib/private/Http/Client/DnsPinMiddleware.php line 83
dns_get_record("apps.nextcloud.com", 16)
2. /var/www/html/lib/private/Http/Client/DnsPinMiddleware.php line 128
OC\Http\Client\DnsPinMiddleware->dnsResolve("apps.nextcloud.com", 1)
3. /var/www/html/3rdparty/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php line 35
OC\Http\Client\DnsPinMiddleware->OC\Http\Client\{closure}("*** sensitive parameters replaced ***")
4. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 31
GuzzleHttp\PrepareBodyMiddleware->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
5. /var/www/html/3rdparty/guzzlehttp/guzzle/src/RedirectMiddleware.php line 71
GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
6. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 63
GuzzleHttp\RedirectMiddleware->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
7. /var/www/html/3rdparty/guzzlehttp/guzzle/src/HandlerStack.php line 75
GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
8. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 331
GuzzleHttp\HandlerStack->__invoke("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
9. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 168
GuzzleHttp\Client->transfer("*** sensitive parameters replaced ***", "*** sensitive parameters replaced ***")
10. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 187
GuzzleHttp\Client->requestAsync("get", GuzzleHttp\Psr7\Uri {}, ["/var/www/html/ ... "])
11. /var/www/html/lib/private/Http/Client/Client.php line 218
GuzzleHttp\Client->request("get", "https://apps.ne ... n", ["/var/www/html/ ... "])
12. /var/www/html/lib/private/App/AppStore/Fetcher/Fetcher.php line 120
OC\Http\Client\Client->get("https://apps.ne ... n", [60])
13. /var/www/html/lib/private/App/AppStore/Fetcher/AppFetcher.php line 87
OC\App\AppStore\Fetcher\Fetcher->fetch("", "")
14. /var/www/html/lib/private/App/AppStore/Fetcher/Fetcher.php line 192
OC\App\AppStore\Fetcher\AppFetcher->fetch("", "", false)
15. /var/www/html/lib/private/App/AppStore/Fetcher/AppFetcher.php line 188
OC\App\AppStore\Fetcher\Fetcher->get(false)
16. /var/www/html/lib/private/Installer.php line 422
OC\App\AppStore\Fetcher\AppFetcher->get(false)
17. /var/www/html/apps/settings/lib/Controller/AppSettingsController.php line 259
OC\Installer->isUpdateAvailable("sharebymail")
18. <<closure>>
OCA\Settings\Controller\AppSettingsController->OCA\Settings\Controller\{closure}("*** sensitive parameters replaced ***")
19. /var/www/html/apps/settings/lib/Controller/AppSettingsController.php line 251
array_map(Closure {}, ["*** sensitive ... "])
20. /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 225
OCA\Settings\Controller\AppSettingsController->listApps()
21. /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 133
OC\AppFramework\Http\Dispatcher->executeController(OCA\Settings\Con ... {}, "listApps")
22. /var/www/html/lib/private/AppFramework/App.php line 172
OC\AppFramework\Http\Dispatcher->dispatch(OCA\Settings\Con ... {}, "listApps")
23. /var/www/html/lib/private/Route/Router.php line 298
OC\AppFramework\App::main("OCA\\Settings\\ ... r", "listApps", OC\AppFramework\ ... {}, ["settings.AppSettings.listApps"])
24. /var/www/html/lib/base.php line 1030
OC\Route\Router->match("/settings/apps/list")
25. /var/www/html/index.php line 36
OC::handleRequest()
GET /index.php/settings/apps/list
The setup goes as follow:
Nextcloud docker compose:
version: "3"
services:
cloud_domain_mariadb:
container_name: '${COMPOSE_PROJECT_NAME}-cloud_domain-mariadb'
build:
context: ./bin/cloud_domain/mariadb
args:
TIMEZONE: ${CLOUD_DOMAIN_TIMEZONE}
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
restart: unless-stopped
ports:
- '3306'
volumes:
- ./data/cloud_domain/mariadb:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=${CLOUD_DOMAIN_MYSQL_ROOT_PASSWORD}
- MYSQL_PASSWORD=${CLOUD_DOMAIN_MYSQL_PASSWORD}
- MYSQL_DATABASE=${CLOUD_DOMAIN_MYSQL_DATABASE}
- MYSQL_USER=${CLOUD_DOMAIN_MYSQL_USER}
networks:
- nextcloud-internal
cloud_domain_redis:
container_name: '${COMPOSE_PROJECT_NAME}-cloud_domain-redis'
build:
context: ./bin/cloud_domain/redis
args:
TIMEZONE: ${CLOUD_DOMAIN_TIMEZONE}
restart: unless-stopped
ports:
- '6379'
volumes:
- ./data/cloud_domain/redis:/data
networks:
- nextcloud-internal
cloud_domain_nextcloud:
container_name: '${COMPOSE_PROJECT_NAME}-cloud_domain-nextcloud'
build:
context: ./bin/cloud_domain/nextcloud
args:
TIMEZONE: ${CLOUD_DOMAIN_TIMEZONE}
restart: unless-stopped
ports:
- '9000'
volumes:
- ./data/cloud_domain/nextcloud:/var/www/html
- ./config/cloud_domain/nextcloud/config.conf:/usr/local/etc/php-fpm.d/www.conf
#- ./config/cloud_domain/nextcloud/config.php:/var/www/html/nextcloud/config/config.php
environment:
- MYSQL_HOST=cloud_domain_mariadb
- REDIS_HOST=cloud_domain_redis
- MYSQL_PASSWORD=${CLOUD_DOMAIN_MYSQL_PASSWORD}
- MYSQL_DATABASE=${CLOUD_DOMAIN_MYSQL_DATABASE}
- MYSQL_USER=${CLOUD_DOMAIN_MYSQL_USER}
- VIRTUAL_HOST=cloud.domain
depends_on:
- cloud_domain_mariadb
- cloud_domain_redis
networks:
- nextcloud-internal
cloud_domain_nginx:
container_name: '${COMPOSE_PROJECT_NAME}-cloud_domain-nginx'
build:
context: ./bin/cloud_domain/nginx
args:
TIMEZONE: ${CLOUD_DOMAIN_TIMEZONE}
restart: unless-stopped
ports:
- '80'
volumes:
- ./data/cloud_domain/nextcloud:/var/www/html:ro
- ./config/cloud_domain/nginx/config.conf:/etc/nginx/nginx.conf
depends_on:
- cloud_domain_nextcloud
networks:
- nextcloud-internal
- npm-internal
cloud_domain_onlyoffice:
container_name: '${COMPOSE_PROJECT_NAME}-cloud_domain-onlyoffice'
build:
context: ./bin/cloud_domain/onlyoffice
args:
TIMEZONE: ${CLOUD_DOMAIN_TIMEZONE}
restart: unless-stopped
environment:
- JWT_ENABLED=false
ports:
- '80'
- '443'
volumes:
- ./data/cloud_domain/onlyoffice:/var/www/onlyoffice/Data
networks:
- nextcloud-internal
networks:
nextcloud-internal:
name: nextcloud-internal
internal: true
npm-internal:
external:
name: npm-internal
dockerfiles:
bin/cloud_domain/mariadb/Dockerfile
FROM mariadb:latest
bin/cloud_domain/nextcloud/Dockerfile
FROM nextcloud:fpm-alpine
bin/cloud_domain/nginx/Dockerfile
FROM nginx:alpine
bin/cloud_domain/onlyoffice/Dockerfile
FROM onlyoffice/documentserver:latest
bin/cloud_domain/redis/Dockerfile
FROM redis:alpine
configs:
config/cloud_domain/nextcloud/config.conf
[www]
user = www-data
group = www-data
listen = 127.0.0.1:9000
pm = dynamic
pm.max_children = 120
pm.start_servers = 12
pm.min_spare_servers = 6
pm.max_spare_servers = 18
config/cloud_domain/nginx/config.conf
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
upstream backend {
server nextcloud-cloud_domain-nextcloud:9000;
}
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
map $http_host $this_host {
"" $host;
default $http_host;
}
map $http_x_forwarded_proto $the_scheme {
default $http_x_forwarded_proto;
"" $scheme;
}
map $http_x_forwarded_host $the_host {
default $http_x_forwarded_host;
"" $this_host;
}
server {
listen 80;
# The below allows for being behind a reverse proxy and allowing the Nextcloud app to connect
server_tokens off;
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
root /var/www/html;
client_max_body_size 10G; # 0=unlimited - set max upload size
fastcgi_buffers 64 4K;
gzip off;
index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
rewrite ^/.well-known/carddav /remote.php/dav/ permanent;
rewrite ^/.well-known/caldav /remote.php/dav/ permanent;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location / {
rewrite ^/remote/(.*) /remote.php last;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ =404;
}
location ~* ^/ds-vpath/ {
rewrite /ds-vpath/(.*) /$1 break;
proxy_pass http://cloud_domain_onlyoffice;
proxy_redirect off;
client_max_body_size 100m;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $the_host/ds-vpath;
proxy_set_header X-Forwarded-Proto $the_scheme;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS off;
fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
fastcgi_pass backend;
fastcgi_intercept_errors on;
}
# Adding the cache control header for js and css files
# Make sure it is BELOW the location ~ \.php(?:$|/) { block
location ~* \.(?:css|js)$ {
add_header Cache-Control "public, max-age=7200";
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Optional: Don't log access to assets
access_log off;
}
# Optional: Don't log access to other assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
access_log off;
}
}
}
I also use NPM to expose the various services as you can see from the docker compose (npm-internal network). If you are interested in the whole setup let me know and I will publish it somewhere like github/gitlab.