Nextcloud on ubuntu 22.04

Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive

Or for longer, use three backticks above and below the code snippet:

SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version (eg, 20.0.5): 23.0.4
Operating system and version (eg, Ubuntu 20.04): Ubuntu 22.04
Apache or nginx version (eg, Apache 2.4.25): Nginx 1.18.0
PHP version (eg, 7.4): 7.4
openssl version: 3.0.2

The issue you are facing:
I ran nextcloud on a raspberry pi with ubuntu 20.04
I decided to upgrade to ubuntu 22.04.
php 7.4 was replaced by php 8.1
I downgraded php to 7.4 but I still have an error in the server log which says:

SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive

The output of config.php file in /path/to/nextcloud

<?php
$CONFIG = array (
  'instanceid' => 'ocezquzpiyo6',
  'passwordsalt' => 'XXXXXXX',
  'secret' => 'XXXXXXXX,
  'trusted_domains' => 
  array (
    0 => 'XXXX.XXXX.XXX.XXX',
    1 => 'XXXXX',
  ),
  'datadirectory' => '/media/ubuntu/CloudDisk',
  'dbtype' => 'mysql',
  'version' => '23.0.4.1',
  'overwrite.cli.url' => 'XXXXXXXXX',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'XXXXXXX',
  'dbpassword' => 'XXXXXXXX',
  'installed' => true,
  'mail_from_address' => 'cloudpi',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => 'free.fr',
  'mail_smtpauthtype' => 'LOGIN',
  'mail_smtpauth' => 1,
  'mail_smtphost' => 'XXXXXXXXX',
  'mail_smtpport' => '587',
  'mail_smtpname' => 'XXXXXX@XXXXX.fr',
  'mail_smtppassword' => 'XXXXXXX',
  'mail_smtpsecure' => 'tls',
  'music.lastfm_api_key' => 'XXXXXXXX',
  'trashbin_retention_obligation' => 'auto, 2',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'filelocking.enabled' => true,
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' => 
  array (
    'host' => 'localhost',
    'port' => 6379,
    'timeout' => 0.0,
  ),
  'loglevel' => 2,
  'logtimezone' => 'Europe/Paris',
  'logfile' => '/media/ubuntu/CouldDisk/nextcloud.log',
  'log_rotate_size' => 104857600,
  'updater.release.channel' => 'stable',
  'maintenance' => false,
  'theme' => '',
  'default_phone_region' => 'FR',
  'updater.secret' => 'XXXXXXXXXXXXXX',
);

Output errors in nextcloud.log in /var/www/

2022/04/24 00:15:48 [crit] 7382#7382: *253 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 192.168.0.254, server: 0.0.0.0:8443
2022/04/24 00:16:50 [crit] 7382#7382: *255 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 192.168.0.254, server: 0.0.0.0:8443
2022/04/24 00:17:52 [crit] 7382#7382: *257 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 192.168.0.254, server: 0.0.0.0:8443
2022/04/24 00:18:54 [crit] 7382#7382: *259 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 192.168.0.254, server: 0.0.0.0:8443
2022/04/24 00:19:56 [crit] 7382#7382: *261 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 192.168.0.254, server: 0.0.0.0:8443
2022/04/24 00:20:58 [crit] 7382#7382: *263 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 192.168.0.254, server: 0.0.0.0:8443

my nginx configuration file:

upstream php-handler {
    server                        unix:/var/run/nextcloud.sock;
}

server {
    listen                        80 default_server;
    listen                        [::]:80 default_server;
    server_name                   192.168.0.39 cloudpi.tk www.cloudpi.tk;
    return                        301 https://cloudpi.tk:8443$request_uri;
}

server {
    listen                        8443 ssl http2;
    listen                        [::]:8443 ssl http2;
    server_name                   192.168.0.39 cloudpi.tk www.cloudpi.tk cloudpi.ga www.cloudpi.ga;

    # Path to the root of your installation
    root                          /var/www/nextcloud/;
    error_log                     /media/ubuntu/CloudDisk/error.log;

    ssl                           on;
    ssl_certificate               /etc/ssl/certs/nginx-selfsigned.crt;
    ssl_certificate_key           /etc/ssl/private/nginx-selfsigned.key;
   # ssl_trusted_certificate       /etc/letsencrypt/live/cloud.mondomaine.com/chain.pem;
    ssl_dhparam                   /etc/nginx/dhparam.pem;

    ssl_session_cache             shared:SSL:1m;
    ssl_session_timeout           1440m;
    ssl_buffer_size               8k;
    ssl_protocols                 TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers                   TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_AES_128_CCM_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
    ssl_prefer_server_ciphers     on;
    ssl_stapling                  on;
    ssl_stapling_verify           on;

    # Add headers to serve security related headers
    add_header                    X-Frame-Options "SAMEORIGIN";
    add_header                    X-Content-Type-Options nosniff;
    add_header                    X-XSS-Protection "1; mode=block";
    add_header                    X-Robots-Tag none;
    add_header                    X-Download-Options noopen;
    add_header                    X-Permitted-Cross-Domain-Policies none;
    add_header                    Strict-Transport-Security 'max-age=31536000; includeSubDomains;';
    add_header                    Referrer-Policy no-referrer always;

    location = /robots.txt {
        allow                     all;
        log_not_found             off;
        access_log                off;
    }

    rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;

    location = /.well-known/carddav {
      return                      301 https://cloudpi.tk:8443/remote.php/dav;
    }

    location = /.well-known/caldav {
      return                      301 https://cloudpi.tk:8443/remote.php/dav;
    }
     # Anything else is dynamically handled by Nextcloud
    location ^~ /.well-known            { return 301 /index.php$uri; }

    # set max upload size
    client_max_body_size          10000M;
    fastcgi_buffers               64 4K;

    # Enable gzip but do not remove ETag headers
    gzip                          on;
    gzip_vary                     on;
    gzip_comp_level               4;
    gzip_min_length               256;
    gzip_proxied                  expired no-cache no-store private no_last_modified no_etag auth;
    gzip_types                    application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;

    location / {
        rewrite                   ^ /index.php$uri;
    }

    location ~ ^/.well-known/acme-challenge/* {
        allow                     all;
    }

    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
        deny                      all;
    }

    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
        deny                      all;
    }

    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+).php(?:$|/) {
        fastcgi_split_path_info   ^(.+.php)(/.*)$;
        include                   fastcgi_params;
        fastcgi_param             SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param             PATH_INFO $fastcgi_path_info;
	fastcgi_param             HTTPS on;
        fastcgi_param             modHeadersAvailable true;
        fastcgi_param             front_controller_active true;
        fastcgi_pass              php-handler;
        fastcgi_intercept_errors  on;
        fastcgi_request_buffering off;
	fastcgi_read_timeout      3000;
    }

    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
        try_files                 $uri/ =404;
        index                     index.php;
    }

    # Adding the cache control header for js and css files
    # Make sure it is BELOW the PHP block
    location ~* .(?:css|js|woff|svg|gif)$ {
        try_files                 $uri /index.php$uri$is_args$args;
        add_header                Cache-Control "public, max-age=15778463";
        add_header                X-Content-Type-Options nosniff;
        add_header                X-XSS-Protection "1; mode=block";
        add_header                X-Robots-Tag none;
        add_header                X-Download-Options noopen;
        add_header                X-Permitted-Cross-Domain-Policies none;
        # Optional: Don't log access to assets
        access_log                off;
    }

    location ~* .(?:png|html|ttf|ico|jpg|jpeg)$ {
        try_files                 $uri /index.php$uri$is_args$args;
        # Optional: Don't log access to other assets
        access_log                off;
    }
}

OK,
I upgraded to NC 24.0.0 RC1 and php8.1

I still have the same error message

2022/04/24 00:56:06 [crit] 7382#7382: *350 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 192.168.0.254, server: 0.0.0.0:8443
2022/04/24 00:57:08 [crit] 7382#7382: *352 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 192.168.0.254, server: 0.0.0.0:8443

but now and the web interface I aso have this message

Internal Server Error

The server encountered an internal error and was unable to complete your request.
Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.
More details can be found in the server log.

hello again, the second error message was due to acpu module missing.

NC is know back but I still have the ssl error

Php 8.1 is not supported yet. You’ll want to downgrade to 8.0

The latest beta of 24 is working on support for 8.1 and bugs are to be expected.

22.04 is a whole other can of worms since it was released yesterday. A stable point release is estimated for mid to late June.

You’ll want to file bug reports to nextcloud server git. That is where they are addressed.

hi could i ask are you still running ubuntu 22.04, because i updated ubuntu to 22.04 not thinking about my nextcloud, and now nextcloud server is given error about php 8.0 so i downgraded to php 7.4 but still getting same error on nextcloud version 23, ( This version of Nextcloud is not compatible with > PHP 8.0.
You are currently running 8.1.5. ) thanks john

Hi @john7103

either uninstall PHP 8.1 and install only PHP7.4…

sudo apt remove php*

sudo apt install php7.4-modulname php7.4-othermodule etc...

…or tell nginx what version it should use:

https://www.interserver.net/tips/kb/multiple-php-versions-nginx-ubuntu/

…or tell Ubuntu which version to use:

https://github.com/oerdnj/deb.sury.org/wiki/Managing-Multiple-Versions

thanks for the reply but that is exactly what ive done but keep getting the same error its like nextcloud thinks I’m still using php 8.0 i do think its something to do with ubuntu 22.04 also im using apache 2

For NC 24, there are updated instructions for the documentation in the review process: Update example Ubuntu instructions for Ubuntu 22.04 LTS by nathanhaines · Pull Request #8186 · nextcloud/documentation · GitHub

NC 24 should work with php 8.1. Your error is not related to ssl at all. What about the keys, can you read the content in a text editor? Did you follow a tutorial how to create them? Permissions are correct?

Hi Bertrand,

I could settle the issue by upgrading from Nginx v1.18 to mainline Nginx, see:

Seems like v1.18 is not compatible with the openssl version supplied by Ubuntu 22.04.