Nextcloud Logfile Not in /var/log/nextcloud.log

My config.php:

<?php $CONFIG = array ( 'instanceid' => '*', 'passwordsalt' => '*', 'secret' => '*', 'trusted_domains' => array ( 0 => '*', 1 => '192.168.2.2', 2 => '192.168.178.30', ), 'datadirectory' => '/home/*/nextcloud/nextcloud_data', 'overwrite.cli.url' => 'https://*/nextcloud', 'dbtype' => 'mysql', 'version' => '9.1.0.16', 'dbname' => 'nextcloud', 'dbhost' => 'localhost', 'dbport' => '', 'dbtableprefix' => 'oc_', 'dbuser' => 'nextcloud', 'dbpassword' => '*', 'logtimezone' => 'Europe/Berlin', 'log_type' => 'owncloud', 'logfile' => '/var/log/nextcloud.log', 'loglevel' => '2', 'log_rotate_size' => '104857600', 'installed' => true, 'memcache.local' => '\\OC\\Memcache\\APCu', 'appstore.experimental.enabled' => true, 'mail_smtpmode' => 'smtp', 'mail_smtpsecure' => 'tls', 'mail_from_address' => '*', 'mail_domain' => '*', 'mail_smtpauthtype' => 'LOGIN', 'mail_smtpauth' => 1, 'mail_smtphost' => '*', 'mail_smtpname' => '*', 'mail_smtppassword' => '*', 'loglevel' => 1, 'maintenance' => false, ); I can't find the log file in /var/log/nextcloud.log But in my Data Directory. Is there a syntax error? I want to configure fail2ban. Nextcloud 10, Stable, Bananian Linux like Debian, Banana PI 1

www-data probably has not enough permissions to create the file itself.

sudo touch /var/log/nextcloud.log
sudo chown www-data /var/log/nextcloud.log
2 Likes

Thanks! That was the problem.

After a while you will get this error while nextcloud is trying to rotate the logfile:

Error PHP rename(/var/log/nextcloud.log,/var/log/nextcloud.log.1): Permission denied at /srv/nextcloud/lib/public/Log/RotationTrait.php#53

Maybe it’s better to put the Logfile in a subfolder with write permissions for www-data?!

I have log file in a data folder of NC, but added link to /var/log/ folder to be able to check NC logs quickly.

ln -s /var/www/nextcloud/data/nextcloud.log #run under /var/log/

Also added rule for log rotation to the System log rotation daemon, not NC as:

#cat /etc/logrotate.d/nextcloud.log.conf
/var/www/nextcloud/data/nextcloud.log /var/www/nextcloud/data/audit.log {
	compress
	weekly
	size 52428800
	minsize 52428800
	create 640 www-data www-data
}
As result I have this:
# ls -la /var/www/nextcloud/data/*.log*
-rw-r----- 1 www-data www-data  1486900 Oct 29 10:00 /var/www/nextcloud/data/audit.log
-rw-r----- 1 www-data www-data  1821863 Oct 25 11:55 /var/www/nextcloud/data/audit.log.1.gz
-rw-r----- 1 www-data www-data  2487579 Oct 29 10:00 /var/www/nextcloud/data/nextcloud.log
-rw-r----- 1 www-data www-data   782364 Oct 25 11:56 /var/www/nextcloud/data/nextcloud.log.1.gz
-rw-r----- 1 www-data www-data     7632 Oct 23 15:00 /var/www/nextcloud/data/nextcloud.log.2.gz
-rw-r----- 1 www-data www-data 18602427 Oct 19 06:00 /var/www/nextcloud/data/nextcloud.log.3.gz
-rw-r----- 1 www-data www-data 14625408 Oct 12 11:00 /var/www/nextcloud/data/nextcloud.log.4.gz
-rw-r----- 1 www-data www-data   218233 Oct  8 15:46 /var/www/nextcloud/data/updater.log

# ls -la /var/log/nextcloud.log
lrwxrwxrwx 1 root root 33 Aug 21 14:41 /var/log/nextcloud.log -> /var/www/nextcloud/data/nextcloud.log

Thanks for this answer that helped me to gain control over my log files.

I guess that with logrotate we could have created the log file in /var/log/, as logrotate has root permissions to write there ?

Basically you have at lest 2 options:

  1. Move NC logs to /var/log/.
    Set correct user owner for this log and set correct access level chown www-data:www-data /var/log/nextcloud.log && chmod 640 /var/log/nextcloud.log
    Change the NC config to point to /var/log/nextcloud.log
    In this case all logs will be in /var/log/.
    Pro: All logs are in the same place.
    Contra: You could expect errors if e.g. NC will try to do rotation by itself, or if php, or Apache2/ngnix has no rights to access this file under /var/log/, or if php has some rules that forbid to go to other folders then /var/www/.
  1. What I did is the second option.
    I live NC config as it is.
    I linked (as above via command ln) NC logs to /var/log/ folder so that I can access it quickly without changing directory.
    I set logrotation rule to rotate logs under the NC directory with user www-data (seen my config from above).
    Pro: NC config and access rules remains the same.
    PHP and Apache2 granted access to those files.
    NC can rotate logs by itself if it is needed.
    Contra: In /var/log/ I will only see actual log file as link (without info e.g. about size of it), but not rotated files. To see all rotated files, I still need to go to /var/www/nextcloud/data/ instead.

A the end it is up to you what you would prefer.

From now on I chose the 2nd option, except that my data folder is not in /var/www/.

New strange thing : my nextcloud web UI doesn’t see any log entry, whereas www-data is owner of the log file and has correct rights on it.
tail -5 nextcloud.log shows entries.

Any idea ? May I switch to option 1 ?

Check your config, where your LOG file configured:

  1. where is your data directory:

    sudo -u www-data grep datadirectory /NextCloudPath/config/config.php | cut -d "'" -f4

  2. Where is you log file

    sudo -u www-data grep logfile /NextCloudPath/config/config.php | cut -d "'" -f4

If last command gives you simple nextcloud.log or nothing --> this means your logfile is under data directory.

Thank you for your answer.

I confirm that the log file is in data directory (as it always was).
I double-checked permissions.
As far as I can tell, the only thing that changed is the rotation made by logrotate.

My logrotate config file for nextcloud is :

/[datapath]/nextcloud.log /datapath]/audit.log {
    su www-data www-data
    weekly
    rotate 12
    size 52428800
    missingok
    notifempty
    create 644 www-data www-data
} 

I launched logrotate manually to check the syntax, it worked fine.

EDIT : I even changed mysql config value as suggested here

Than if config fits with logfile real location, check if you set filter correctly in you WebUI. Could be that there is nothing in e.g. Info level.
Also if you click download log file and it is there and the same as you did tail command with --> should works.

Yes, I checked that already.
The downloaded log file is the same as tail shows, and has one error entry (level 3).
I checked all levels in web UI of course.

It looks like my problem is solved, seemingly after having renamed nextcloud.log to nextcloud.log.0. Nextcloud created a new file and correctly print it in the web UI.

Thank you for your help!

1 Like