Nextcloud installed - but how to share files and use https?

Nextcloud installed - but how to share files and use https ?

I have successfully installed Nextcloud on my Ubuntu server but I am struggling to share files outside of my home network and use https.

Nextcloud version: 12.0.4
Operating system and version: Ubuntu 16.04
Apache or nginx version: Apache/2.4.18
PHP version: 7.0.22
Is this the first time you’ve seen this error?: yes

Can you reliably replicate it? (If so, please outline steps): see points 1 and 2 below

The issue you are facing:

1. I can successfully login using my IP address (192.168.1.136) but I would like to be able to share files with friends and family outside of my home network. How can I do this ? I have a free dynamic DNS with Dynu so I tried replacing my internal IP address (192.168.1.136) with my Dynu address but this didn’t work. I am also unsure if I need to open any ports on my router and Ubuntu firewall.

2. When I login to my Nextcloud account, I have the message “You are accessing this site via HTTP. We strongly suggest you configure your server to require using HTTPS instead”. I added the following to /etc/apache2/sites-available/nextcloud.conf but it didn’t work.

<VirtualHost *:80>
ServerName cloud.nextcloud.com
Redirect permanent / https://cloud.nextcloud.com/

The output of your Nextcloud log in Admin > Logging: No server logs - Everything is working fine

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php $CONFIG = array ( 'instanceid' => 'ocnby917z3po', 'passwordsalt' => '********', 'secret' => '********', 'trusted_domains' => array ( 0 => '192.168.1.136', ), 'datadirectory' => '/var/www/html/nextcloud/data', 'overwrite.cli.url' => 'http://192.168.1.136', 'dbtype' => 'mysql', 'version' => '12.0.4.3', 'dbname' => 'nextcloud', 'dbhost' => 'localhost', 'dbport' => '', 'dbtableprefix' => 'oc_', 'mysql.utf8mb4' => true, 'dbuser' => 'nextcloud', 'dbpassword' => '*********', 'installed' => true, ); The output of your Apache/nginx/system log in /var/log/____: Which file is this (there are various files in /var/log/apache2) ?

You need to follow at least two tutorials

1. In a nutshell, you have to set up two NAT (network address translation) rules on your firewall. One to translate incoming requests on port 80 to your cloud server’s internal IP on port 80, and another to translate requests on port 443 the same way. The exact steps to make this happen vary from one firewall to another, but the concept is the same. I can explain it to you in detail for pfSense Or maybe you have DD-WRT or similar. Just Google for how to add NAT rules for whatever firewall you’re using. Don’t mess with Ubuntu’s firewall.

2. For https, you basically need to learn how to enable SSL in Apache which requires a bit more than simply redirecting to https. Two options here, self signed or obtained through a certificate authority such as Let’s Encrypt. I strongly recommend skipping self signed certificates and instead using the free Let’s Encrypt, but get ready for a little bit of a learning curve With self signed, users will have to click through warnings that your site is insecure, and in some cases especially mobile browsers, won’t be able to download any files.
   https://letsencrypt.org/getting-started/

I almost forgot, this guy keeps up to date tutorials on setting all this stuff up.

And since you mentioned dynamic DNS, don’t forget to configure a client of some sort to keep the DNS record updated unless you want to manually update your IP every time it changes

Thanks very much linucksrox,

I tried to find tutorials but couldnt find anything and Nextcloud seems to be immensely complicated (I am new to Linux).

So if I open ports 443 and 80 on my router, then if I replace my internal IP address (192.168.1.136) with my dynamic DNS (e.g. myhostname.dynu.net) then it will work ? Is it ok to open these ports on my router ?

Ill take a look at enabling SSL in Apache and how to use letsencrypt for https, this is all new to me.

I have already configured ddclient to keep the DNS record updated so thats all good. Its just Nextcloud I am struggling with.

Out of interest, where are the files stored which are shared with Nextcloud ? I would like to change the driver where the shared files are stored.

I wouldn’t say it’s complicated, but just several different pieces that you have to understand to get them to work together.

Not quite. Don’t change your internal IP address, 192.168.1.136 seems reasonable (although that would ideally be static and not set via DHCP).

Honestly, I would start with getting Apache set up with SSL. Maybe it would be easier to do a self signed cert, then worry about getting a signed cert later and automating the renewal. Start here: How To Create a Self-Signed SSL Certificate for Apache in Ubuntu 16.04 | DigitalOcean
Regarding the Apache configuration itself, don’t forget about the excellent Nextcloud admin manual, particularly Apache Configuration and enabling SSL: Installation on Linux — Nextcloud 12 Server Administration Manual 12 documentation

Once you can connect using https (you’ll have to click through the warning page since it’s a self signed cert), I would work on the firewall routing. Let me know what you have for a firewall, and I can try to give you more specific details from there.

This is a completely new topic. Most importantly, decide where your files will be stored now, before you start using Nextcloud. Once you start using it and sharing files, etc, it becomes very complicated (and frustrating) to change the data location, and it is not technically supported so it’s at your own risk.
By default they are stored inside the nextcloud directory, under a folder called data. You can simply change this location in the config file to point to a different location before you set up Nextcloud for the first time.

Thanks again linucksrox

In response to your previous reply where you suggested Lets Encrypt, it recommend that most people with shell access use the Certbot ACME client so I visited the Certbot site and performed the following steps:

1. sudo nano /etc/apache2/sites-available/nextcloud.conf
2. Add ServerName and Redirect permanent to nextcloud.conf
3. sudo apt-get update
4. sudo apt-get install software-properties-common
5. sudo add-apt-repository ppa:certbot/certbot
6. sudo apt-get update
7. sudo apt-get install python-certbot-apache
8. sudo certbot --apache
9. sudo certbot renew --dry-run
10. certbot renew

I then saw your latest reply, so I followed the steps given in the digital ocean link you suggested and have successfully set up Apache with SSL.

Using my Dynu server domain name with HTTPS takes me to the certificate, but for some reason the redirect HTTP to HTTPS does not take me to the certificate.

I assume that because I was on my internal LAN, my Dynu server domain name (both HTTP and HTTPS) takes me to my BT Home Hub 5 router configuration. When I briefly opened ports 443 and 80 on my BT router, my my Dynu server domain name took me to my Nextcloud login.

The firewall is on the BT Home Hub 5 - how do you recommend I set this up ? Do I simply open ports 80 and 443 or is this a security risk ?

I have uploaded a small test file to Nextcloud but I would like to change the data location. Would I need to remove the test file before changing the location in the config file ?

I’m not familiar with the BT Home Hub, but if you can’t create a NAT rule, then maybe you can do a port forward. I’m not sure about just “opening ports,” but maybe you’re referring to port forwarding which I think is what you’ll want to do. If you forward both ports 80 and 443 to the IP address of your nextcloud server, it’s not a security risk (assuming you follow the security recommendations when you set up Nextcloud).

Routing from the LAN is different than routing from outside. Instead of using Redirect in Apache, I would suggest using this method for redirection, that way you can access nextcloud by the internal IP address from devices on your LAN, and from the hostname from outside. This requires the apache mod_rewrite module to be enabled:

RewriteEngine On
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(/(.*))?$ https://%{HTTP_HOST}/$1 [R=301,L]

It won’t be simple to change the data location now that you’ve already set it up, and don’t count on symlinks.

Thanks linucksrox,

With the BT hub firewall, you enter the port numbers in ‘Port Range’ and ‘Translate To’ - refer to the screenshot below:

Is this the correct way to configure the BT Hub firewall and will it be secure ?

I don’t really understand the difference between port opening and port forwarding.

I get the impression that with port forwarding you can map one port number to a different port number ?

For security reasons I have already changed the default SSH port of 22 in sshd_config and my firewall. Using an SSH port number of 1234 for example, I configured the BT Hub firewall as:

Port Range
1234 - 1234

Translate to
1234 - 1234

But maybe I could have left the port number in sshd_config as the default of 22 and configured the fire wall as:

Port Range
1234 - 1234

Translate to
22 - 22

In the BT Hub firewall, there is only the option for port forwarding. There is no option I can find for port opening.

As I have only just installed Nextcloud, I am happy to uninstall and do a fresh install to change my data location so it looks like this is my best option ?

Port opening is a vague way to say port forwarding or NAT. Traffic flows in two directions, in and out. So saying to open a port is meaningless without the context of the source and destination. When setting up a server like nextcloud, generally you forward incoming requests on port 80 to your internal web server on port 80. Those requests would be someone on the internet going to your dynu hostname on http, which comes in on port 80 to the firewall. Then the firewall has to decide what to do with that request, which should be nothing by default. That’s where port forwarding comes in, you tell the firewall what to do with that request, forward it to your nextcloud server’s internal IP on port 80.

What you set in the screenshot looks correct, but you also need to specify the IP address to send the request to on that port. The documentation explains how to do that. See steps 8-12 for your model. http://bt.custhelp.com/app/answers/detail/a_id/8790/~/how-do-i-set-up-port-forwarding-on-my-bt-hub%3F

As far as port translation, it doesn’t matter if you forward to the same port or a different port. From the outside it will just look like you are connected on the original port. So with your ssh configuration it’s not important, just do it however you feel like. Probably a good idea not to have port 22 open from the outside though, so using a random port is good for that (next level is to close that port and run a VPN that you can connect to).

Once you sort out the routing, definitely go with a fresh install.

Thanks linucksrox,

Regarding the need to specify the IP address to send the request to on that port, I have already done this (including for Plex and SSH)…

So now I am ready to do a fresh install of Nextcloud, but how do I uninstall my existing installation ?

I’ve googled “uninstall nextcloud from ubuntu” but can’t find anything that makes sense.

Are there any instructions on how to uninstall Nextcloud ?

When I reinstall Nextcloud, can the data location be on a different drive to the installation files ?

I used the following guide when I installed Nextcloud:

https://www.youtube.com/watch?v=nXr_muYB6xI

I missed out step 1 (login as root using #su -) because I don’t know the password for root. I had to add sudo for some of the steps below. I’m not sure why step 1 was to login as root, I thought root was suppose to be off limits for security reasons which is why the password is unknown ?

Step 2: Update the System
#sudo apt-get update

Step 3: Install LAMP Server + PHP Extension
#sudo apt-get install lamp-server^
#sudo apt-get install libapache2-mod-php7.0 php7.0-mbstring php7.0-curl php7.0-zip php7.0-gd php7.0-mysql php7.0-mcrypt
#sudo apt-get install php-xml

Step 4: Download NextCloud
#wget https://download.nextcloud.com/server/releases/nextcloud-12.0.4.zip

Step 5: Unzip + Permissions
#unzip nextcloud-12.0.4.zip
#sudo mv nextcloud /var/www/html
#sudo chown -R www-data:www-data /var/www/html/nextcloud

Step 6: Configuring MariaDB for NextCloud
#mysql_secure_installation
Type Y for all except root password

CREATE DATABASE nextcloud;
GRANT ALL PRIVILEGES ON nextcloud.* TO ‘nextcloud’@‘localhost’ IDENTIFIED BY ‘anand’;
FLUSH PRIVILEGES;
exit;

Step 7: Disable MariaDB binary logging

#sudo nano /etc/mysql/my.cnf

Add the following three lines at the end:

log-bin = /var/log/mysql/mariadb-bin
log-bin-index = /var/log/mysql/mariadb-bin.index
binlog_format = mixed

Step 8: Configuring Apache Web Server
#sudo a2enmod rewrite
#sudo touch /etc/apache2/sites-available/nextcloud.conf
#sudo ln -s /etc/apache2/sites-available/nextcloud.conf /etc/apache2/sites-enabled/nextcloud.conf
#sudo nano /etc/apache2/sites-available/nextcloud.conf

Add the following:

<VirtualHost *:80>
ServerAdmin admin@ubuntu
DocumentRoot “/var/www/html/nextcloud/”
ServerName ipaddress
ServerAlias ubuntu
<Directory “/var/www/html/nextcloud/”>
Options FollowSymLinks
AllowOverride All
Order allow,deny
allow from all

ErrorLog /var/log/apache2/your-domain.com-error_log
CustomLog /var/log/apache2/your-domain.com-access_log common

Restart the Apache web server
#/etc/init.d/apache2 restart

Cool, it sounds like the routing is all set then.

The nextcloud state is all stored in the database. So if you reset the database you will be starting new. You don’t need to do anything else to “uninstall” but if you were done with nextcloud entirely you would just remove/var/www/html/nextcloud and probably remove the Apache virtual host that points to it.

I haven’t used this command, but it should be possible to drop all the nextcloud database tables like this:
mysql -Nse ‘show tables’ DATABASE_NAME | while read table; do mysql -e “drop table $table” DATABASE_NAME; done

Then run through the install wizard and make sure to set your data directory before clicking finish.
https://docs.nextcloud.com/server/12/admin_manual/installation/installation_wizard.html

Do you want your Nextcloud to be accessible through internet? Then you have to open the ports, and of course there is a risk. You didn’t choose good passwords on your Nextcloud, the system is not up to date, there is a security issue in the Nextcloud code, …

With the dyndns-stuff can be a bit of a problem in your local network because mydomain.example.com points to your public IP. If you open your public IP, it depends a bit on your router, it could redirect you to your nextcloud server but it seems that it does not do so. How to work around this? Perhaps there is an option in your router how to do that, you can manually modify your hosts file saying that mydomain.example.com points to 192.168.1.136 (ignoring the DNS setting). This works great on a local desktop system but will be a nightmare on a mobile device which is sometimes in the home network and sometimes it isn’t. Instead of changing the hosts-file manually, some routers allow to modify the DNS responses manually (or use your own dns resolver on a Raspberry Pi).

Sorry, that is all a bit complicated, but these are networking issues and especially NAT, they have nothing to do with Nextcloud itself. With ipv6, this could be easier but in most countries it hasn’t been rolled out enough to actually use it (excepts for Belgium).

Thanks linucksrox

When I first tried to drop all the nextcloud database tables using…

mysql -Nse ‘show tables’ nextcloud | while read table; do mysql -e “drop table $table” nextcloud; done

…I got the following error…

mysql: [ERROR] Found option without preceding group in config file /etc/mysql/my.cnf at line 24!
mysql: [ERROR] Fatal error in defaults handling. Program aborted!

I googled the error and someone suggested that [mysqld] was missing from the top of /etc/mysql/my.cnf.

So I added the missing [mysqld] to the top of my.cnf and tried to drop all the nextcloud database tables again, but this just gave me pages and pages and pages of the following…

admin@server:~$ mysql -Nse ‘show tables’ nextcloud | while read table; do mysql -e “drop table $table” nextcloud; done
mysql Ver 14.14 Distrib 5.7.20, for Linux (x86_64) using EditLine wrapper
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Usage: mysql [OPTIONS] [database]
-?, --help Display this help and exit.
-I, --help Synonym for -?
–auto-rehash Enable automatic rehashing. One doesn’t need to use
‘rehash’ to get table and field completion, but startup
and reconnecting may take a longer time. Disable with
–disable-auto-rehash.
(Defaults to on; use --skip-auto-rehash to disable.)
-A, --no-auto-rehash
No automatic rehashing. One has to use ‘rehash’ to get
table and field completion. This gives a quicker start of
mysql and disables rehashing on reconnect.
–auto-vertical-output
Automatically switch to vertical output mode if the
result is wider than the terminal width.
-B, --batch Don’t use history file. Disable interactive behavior.
(Enables --silent.)
–bind-address=name IP address to bind to.
-b, --binary-as-hex Print binary data as hex
–character-sets-dir=name
Directory for character set files.
–column-type-info Display column type information.
-c, --comments Preserve comments. Send comments to the server. The
default is --skip-comments (discard comments), enable
with --comments.
-C, --compress Use compression in server/client protocol.
-#, --debug[=#] This is a non-debug version. Catch this and exit.
–debug-check This is a non-debug version. Catch this and exit.
-T, --debug-info This is a non-debug version. Catch this and exit.
-D, --database=name Database to use.
–default-character-set=name
Set the default character set.
–delimiter=name Delimiter to be used.
–enable-cleartext-plugin
Enable/disable the clear text authentication plugin.
-e, --execute=name Execute command and quit. (Disables --force and history
file.)
-E, --vertical Print the output of a query (rows) vertically.
-f, --force Continue even if we get an SQL error.
–histignore=name A colon-separated list of patterns to keep statements
from getting logged into syslog and mysql history.
-G, --named-commands
Enable named commands. Named commands mean this program’s
internal commands; see mysql> help . When enabled, the
named commands can be used from any line of the query,
otherwise only from the first line, before an enter.
Disable with --disable-named-commands. This option is
disabled by default.
-i, --ignore-spaces Ignore space after function names.
–init-command=name SQL Command to execute when connecting to MySQL server.
Will automatically be re-executed when reconnecting.
–local-infile Enable/disable LOAD DATA LOCAL INFILE.
-b, --no-beep Turn off beep on error.
-h, --host=name Connect to host.
-H, --html Produce HTML output.
-X, --xml Produce XML output.
–line-numbers Write line numbers for errors.
(Defaults to on; use --skip-line-numbers to disable.)
-L, --skip-line-numbers
Don’t write line number for errors.
-n, --unbuffered Flush buffer after each query.
–column-names Write column names in results.
(Defaults to on; use --skip-column-names to disable.)
-N, --skip-column-names
Don’t write column names in results.
–sigint-ignore Ignore SIGINT (CTRL-C).
-o, --one-database Ignore statements except those that occur while the
default database is the one named at the command line.
–pager[=name] Pager to use to display results. If you don’t supply an
option, the default pager is taken from your ENV variable
PAGER. Valid pagers are less, more, cat [> filename],
etc. See interactive help (\h) also. This option does not
work in batch mode. Disable with --disable-pager. This
option is disabled by default.
-p, --password[=name]
Password to use when connecting to server. If password is
not given it’s asked from the tty.
-P, --port=# Port number to use for connection or 0 for default to, in
order of preference, my.cnf, $MYSQL_TCP_PORT,
/etc/services, built-in default (3306).
–prompt=name Set the mysql prompt to this value.
–protocol=name The protocol to use for connection (tcp, socket, pipe,
memory).
-q, --quick Don’t cache result, print it row by row. This may slow
down the server if the output is suspended. Doesn’t use
history file.
-r, --raw Write fields without conversion. Used with --batch.
–reconnect Reconnect if the connection is lost. Disable with
–disable-reconnect. This option is enabled by default.
(Defaults to on; use --skip-reconnect to disable.)
-s, --silent Be more silent. Print results with a tab as separator,
each row on new line.
-S, --socket=name The socket file to use for connection.
–ssl-mode=name SSL connection mode.
–ssl Deprecated. Use --ssl-mode instead.
(Defaults to on; use --skip-ssl to disable.)
–ssl-verify-server-cert
Deprecated. Use --ssl-mode=VERIFY_IDENTITY instead.
–ssl-ca=name CA file in PEM format.
–ssl-capath=name CA directory.
–ssl-cert=name X509 cert in PEM format.
–ssl-cipher=name SSL cipher to use.
–ssl-key=name X509 key in PEM format.
–ssl-crl=name Certificate revocation list.
–ssl-crlpath=name Certificate revocation list path.
–tls-version=name TLS version to use, permitted values are: TLSv1, TLSv1.1
-t, --table Output in table format.
–tee=name Append everything into outfile. See interactive help (\h)
also. Does not work in batch mode. Disable with
–disable-tee. This option is disabled by default.
-u, --user=name User for login if not current user.
-U, --safe-updates Only allow UPDATE and DELETE that uses keys.
-U, --i-am-a-dummy Synonym for option --safe-updates, -U.
-v, --verbose Write more. (-v -v -v gives the table output format).
-V, --version Output version information and exit.
-w, --wait Wait and retry if connection is down.
–connect-timeout=# Number of seconds before connection timeout.
–max-allowed-packet=#
The maximum packet length to send to or receive from
server.
–net-buffer-length=#
The buffer size for TCP/IP and socket communication.
–select-limit=# Automatic limit for SELECT when using --safe-updates.
–max-join-size=# Automatic limit for rows in a join when using
–safe-updates.
–secure-auth Refuse client connecting to server if it uses old
(pre-4.1.1) protocol. Deprecated. Always TRUE
–server-arg=name Send embedded server this as a parameter.
–show-warnings Show warnings after every statement.
-j, --syslog Log filtered interactive commands to syslog. Filtering of
commands depends on the patterns supplied via histignore
option besides the default patterns.
–plugin-dir=name Directory for client-side plugins.
–default-auth=name Default authentication client-side plugin to use.
–binary-mode By default, ASCII ‘\0’ is disallowed and ‘\r\n’ is
translated to ‘\n’. This switch turns off both features,
and also turns off parsing of all clientcommands except
\C and DELIMITER, in non-interactive mode (for input
piped to mysql or loaded using the ‘source’ command).
This is necessary when processing output from mysqlbinlog
that may contain blobs.
–connect-expired-password
Notify the server that this client is prepared to handle
expired password sandbox mode.

Default options are read from the following files in the given order:
/etc/my.cnf /etc/mysql/my.cnf ~/.my.cnf
The following groups are read: mysql client
The following options may be given as the first argument:
–print-defaults Print the program argument list and exit.
–no-defaults Don’t read default options from any option file,
except for login file.
–defaults-file=# Only read default options from the given file #.
–defaults-extra-file=# Read this file after the global files are read.
–defaults-group-suffix=#
Also read groups with concat(group, suffix)
–login-path=# Read this path from the login file.

Variables (–variable-name=value)
and boolean options {FALSE|TRUE} Value (after reading options)

---

auto-rehash TRUE
auto-vertical-output FALSE
bind-address (No default value)
binary-as-hex FALSE
character-sets-dir (No default value)
column-type-info FALSE
comments FALSE
compress FALSE
database (No default value)
default-character-set auto
delimiter ;
enable-cleartext-plugin FALSE
vertical FALSE
force FALSE
histignore (No default value)
named-commands FALSE
ignore-spaces FALSE
init-command (No default value)
local-infile FALSE
no-beep FALSE
host (No default value)
html FALSE
xml FALSE
line-numbers TRUE
unbuffered FALSE
column-names TRUE
sigint-ignore FALSE
port 0
prompt mysql>
quick FALSE
raw FALSE
reconnect FALSE
socket (No default value)
ssl TRUE
ssl-verify-server-cert FALSE
ssl-ca (No default value)
ssl-capath (No default value)
ssl-cert (No default value)
ssl-cipher (No default value)
ssl-key (No default value)
ssl-crl (No default value)
ssl-crlpath (No default value)
tls-version (No default value)
table FALSE
user (No default value)
safe-updates FALSE
i-am-a-dummy FALSE
connect-timeout 0
max-allowed-packet 16777216
net-buffer-length 16384
select-limit 1000
max-join-size 1000000
secure-auth TRUE
show-warnings FALSE
plugin-dir (No default value)
default-auth (No default value)
binary-mode FALSE
connect-expired-password FALSE
mysql Ver 14.14 Distrib 5.7.20, for Linux (x86_64) using EditLine wrapper
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.

Within this were all these errors (I filtered them in Excel)…

mysql: [ERROR] unknown option ‘–disable-auto-rehash.”’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] unknown option ‘–auto-vertical-output”’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] unknown option ‘–silent.)”’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] unknown option ‘–comments.”’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: Option ‘-#’ used, but is disabled
mysql: [ERROR] mysql: Option ‘debug-check’ used, but is disabled
mysql: [ERROR] mysql: Option ‘-T’ used, but is disabled
mysql: [ERROR] unknown option ‘–enable-cleartext-plugin”’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] unknown option ‘–disable-named-commands.’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] unknown variable ‘pager[=name]’
mysql: [ERROR] unknown option ‘–disable-pager.’
mysql: [ERROR] unknown variable ‘password[=name]”’
mysql: [ERROR] Unknown suffix ‘,’ used for variable ‘port’ (value ‘,’)
mysql: [ERROR] mysql: Error while setting value ‘,’ to ‘port’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] unknown option ‘–disable-reconnect.’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] unknown option ‘–ssl-verify-server-cert”’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] unknown option ‘–disable-tee.’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] Unknown suffix ‘#’ used for variable ‘connect_timeout’ (value ‘#’)
mysql: [ERROR] mysql: Error while setting value ‘#’ to ‘connect_timeout’
mysql: [ERROR] Unknown suffix ‘#’ used for variable ‘max_allowed_packet’ (value ‘#”’)
mysql: [ERROR] mysql: Error while setting value ‘#”’ to ‘max_allowed_packet’
mysql: [ERROR] Unknown suffix ‘#’ used for variable ‘net_buffer_length’ (value ‘#”’)
mysql: [ERROR] mysql: Error while setting value ‘#”’ to ‘net_buffer_length’
mysql: [ERROR] Unknown suffix ‘#’ used for variable ‘select_limit’ (value ‘#’)
mysql: [ERROR] mysql: Error while setting value ‘#’ to ‘select_limit’
mysql: [ERROR] Unknown suffix ‘#’ used for variable ‘max_join_size’ (value ‘#’)
mysql: [ERROR] mysql: Error while setting value ‘#’ to ‘max_join_size’
mysql: [ERROR] unknown option ‘–safe-updates.”’
mysql: [ERROR] mysql: unknown option ‘-,’
mysql: [ERROR] unknown option ‘–connect-expired-password”’
mysql: [ERROR] unknown option ‘–print-defaults’
mysql: [ERROR] unknown option ‘–no-defaults’
mysql: [ERROR] unknown variable ‘defaults-file=#’
mysql: [ERROR] unknown variable ‘defaults-extra-file=#’
mysql: [ERROR] unknown variable ‘defaults-group-suffix=#”’
mysql: [ERROR] unknown variable ‘login-path=#’
mysql: [ERROR] unknown option ‘---------------------------------’

Thanks tflidd,

I do want my Nextcloud to be accessible through the internet so that I can share files with friends and family by sending them a link and I have got this working with https.

The only thing I am not keen on is all the warnings you get due to the certificate and on some machines there is no advanced option to continue (maybe this is a setting in the web browser?).

I am also surprised at the difficulty in changing the data path. I am in the process of slowly building up my server and would eventually like to fit more HDDs and also need to organise how I use the HDDs (in terms of what I store and where).

But changing the path to stored data is not possible or recommended without doing a fresh install of Nextcloud.

Sorry that command didn’t work for you. I would just drop the database and start over. Instead of attempting to give you the command, I suggest you research how to remove a database.

From there, you just need to go through the installation wizard again, making sure to set the data directory and database configuration before finishing.

https://docs.nextcloud.com/server/12/admin_manual/installation/installation_wizard.html#database-choice

Hi there,

You cannot change it(the path) from /data1 to /data2. But you may copy (rsync with timestamps[!]) the datafolder to the new disk, and mount the new disk under the old name /data1 recommendation: allways use /data or similar and not /var/www/nextcloud/data cause the latter is potentially readable from the web.

dropping database:
sudo mysql -p # log onto sql
show databases; #this will show you which one to drop.
drop database DBNAME; #this will drop the database and anything in it.

Thanks Ascendancer

I did the following:

mysql –u root –p
show databases;
drop database nextcloud;
exit;

This seemed to work successfully.

I then created the database again as I did initially:

CREATE DATABASE nextcloud;
GRANT ALL PRIVILEGES ON nextcloud.* TO ‘nextcloud’@‘localhost’ IDENTIFIED BY ’{password}’;
FLUSH PRIVILEGES;
exit;

However, when I enter my IP address (192.168.1.136) it redirects me to the HTTPS, presumably because I followed the instructions in the following link:

And the page now displays:

Internal Server Error
The server encountered an internal error and was unable to complete your request.
Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.
More details can be found in the server log.

I assume I was right to delete the ‘nextcloud’ mysql database and then create it again as I did initially ?

did you redeploy the …/nextcloud folder?

edit: maybe setting installed = true to false in config.php will do the trick also.

Maybe even move your existing config file, since a new Nextcloud install configures a lot of the variables for you including the instance_id. You could copy over specific config directives later after reinstalling.

Just 443, SSL only. No reason to be allowing 80 in on your network.

Yes

For uninstalltion, drop the database entirely (no point messing around)
Then remove the entries for NC in the apache config
Then delete the files.

After that, follow my amazing guide and you’ll be good to go

Thanks for the schooling! That makes sense, just completely blow away what you have and start over. I forgot about your tutorials but I’ll be keeping that in mind.

What’s the problem with using port 80 just for redirects? Otherwise users have to manually type https in the URL.