Fairly recently certbot has gained the ability to do wildcard SSL certs (thereby allowing two SSL certs for the same Nextcloud server, the coturn server using a domain name like âturn.yournextcloudserver.comâ), however this doesnât seem to be packaged nicely for Debian 9 yet. A second SSL cert for the coturn server could perhaps be generated using this obscure howto (but Iâve never tried it).
You can as well simply duplicate the certs from certbot. Just needs to be redone, when they are renewed.
AFAIK, self-signed certificates work as well. But not 100% sure if all browsers and such connect well then without complaining about the non-trusted cert.
Iâm in Gallery Slideshow/Preview Generator app trouble on my Nextcloud 14/stable server. Please see here for more info.
In summary, I canât figure out how to properly run the âPreview Generatorâ appâs â/snap/bin/nextcloud.occ preview:generate-allâ on the command lineâŚ
Edit: I merely rebooted the server, and it all seems to work OK now.
Request: when Letâs Encrypt generates SSL certificates within the snap, could the actual privkey.pem and cert.pem files be stored outside the snap (say, under /etc/certbot or something like that), in case any other services installed on the same Nextcloud server might also want to use SSL encryption?
Two possible examples of this:
- Running a TURN server (for use in conjunction with Nextcloud Talk)
- Running a mail server (where you want SSL on your IMAP, and SMTP submission ports), say from a docker container like this one.
I installed NC via SNAP/Ubuntu 18.04 yesterday and everything was working as expected. Today my site is throwing an HTTP 500 ERROR, and I cannot figure out why. I did not make any changes, but did upload some files via the mobile app this morning (which I see exist in the data directory).
When I look in the logs and elsewhere by running OCC commands (which arnt working) I see messages like the below. My newb brain thinks it looks like a problem with the database. Running php -m I cannot find mysql or other modules Iâm would expect were included in the SNAP package. Nor sure how it would have worked before without these. Any advice on this matter would be appreciated.
An unhandled exception has been thrown:
Doctrine\DBAL\DBALException: Failed to connect to the database: An exception occured in driver: SQLSTATE[HY000] [2002] No such file or directory in /snap/nextcloud/10791/htdocs/lib/private/DB/Connection.php:64
Files stopped syncing. When checked the web page, it turns out it is a forced update to version 15.0.2 as seen in the ss.
When clicked on to âstart updateâ, it results in error. The last repair step is to âextract the vcard uid and store it in the dbâ.
Then it puts itself into maintenance mode until I restart the snap, in which case it starts over from the âstart updateâ page. How to troubleshoot?
What I could find is that the line in the logs below that repair step is about memory limits.
{âreqIdâ:âXshGdYhMa5PsodOS2q3pâ,âlevelâ:1,âtimeâ:â2019-02-11T08:59:39+00:00â,âremoteAddrâ:ââ,âuserâ:âââ,âappâ:âupdaterâ,âmethodâ:ââ,âurlâ:âââ,âmessageâ:â\OC\Repair::step: Repair step: Extract the vcard uid and store it in the dbâ,âuserAgentâ:âââ,âversionâ:â14.0.6.0â}
{âreqIdâ:âXshGdYhMa5PsodOS2q3pâ,âlevelâ:3,âtimeâ:â2019-02-11T08:59:41+00:00â,âremoteAddrâ:ââ,âuserâ:âââ,âappâ:âPHPâ,âmethodâ:ââ,âurlâ:âââ,âmessageâ:âAllowed memory size of 134217728 bytes exhausted (tried to allocate 217088 bytes) at /snap/nextcloud/11343/htdocs/3rdparty/sabre/vobject/lib/Parser/MimeDir.php#319â,âuserAgentâ:âââ,âversionâ:â14.0.6.0â}
Also, it says âneedsDbUpgrade:trueâ in the nextcloud status. So maybe it is relevant.
A little bit of a ânoobâ here. Have installed nextcloud snap (15 edge currently but have been working on stable version as well) on an old macbook air (1,1) with Ubuntu server (18.04) with an external disk which I have working (although itâs a little moody) and I have figured out how to add files and folders directly (ie. an hour or two) rather than uploading them (days) via the nextcloud client (which anyway seems to have its own issues) but I am having problems working out how to get nextcloud to acknowledge that theyâre there and make them available for clients. I have tried various incarnations of;
sudo -u www-data nextcloud.occ files:scan --all
but it seems to run into folder permission issues - âcannot create user data directory ⌠permission deniedâ.
Reading up a little on this page it would seem that this might be an issue with the snap and to get this working Iâd have to reinstall without using the snap. Is that correct or is there a way around this?
And I did try changing the folder permissions temporarily (to 777) but that didnât work either and changing them (/var/snap/nextcloud/12142) back to 755 seems to have stopped uploads completely.
For now Iâve only added two files both set to 640 (apparently folders should be 750 and files 640). Both of these are not showing up on the client side (but are definitely in the right folder alongside two other files uploaded via the client which are showing up).
For me, it installs fine and I can reach the http site. But when I âsnap Nextcloud.enable-https custom -s cert.crt key.csr chain.ca-bundleâ. it successfully installs the ssl cert files but there is an error when restarting apache. Apache shows as inactive. I have then disabled https but apache remains inactive. I also tried enable https with each ssl file renamed to .pem
A message I get is that the is a syntax error at line 69 of ssl.conf. cert.pem is either missing or empty.
I entered /var/snap/nextcloud/11891/certs/live. The cert file is present. I then open it and it has the same key as our custom .crt file. So it is neither missing nor empty. And the path on line 69 of ssl.conf points to the location where cert.pem is located.
I am facing a SSL handshake issue from an android 4.4.2 device.
i have a setup where I sync my contancts on Nextcloud with multiple Android devices using Davx5 (davdroid). It used to work fine but now one of my devices stopped syncing. Donât know for sure but I have a sense that this could be related to the snap update specific to the Android version because my other android device (and thunderbird as well) is continuing to sync properly.
The error I am getting from Davx5 says:
2019-04-16 10:35:50 2 [HttpClient] â HTTP FAILED: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x5e210c78: Failure in SSL library, usually a protocol error
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:744 0x5e2b2830:0x00000000)
Full Error Log: --- BEGIN DEBUG INFO ---LOGS:2019-04-16 10:35:50 2 [ui.setup.DavResourceFi - Pastebin.com
From what I read on Davx5 forums, this could be about incompatible ciphers (https://forums.bitfire.at/topic/1091/handshake-error-sl23_get_server_hello/15). But I am not sure what they are, how to test or change them in a nextcloud snap installation setting.
Any idea how to proceed with troubleshooting?
I have external storage mounted to /media/nextcloud. By default apparmor denies access to this folder. Logs looks like this:
May 23 11:06:58 cloud kernel: [255431.083533] audit: type=1400 audit(1558598818.295:5976): apparmor=âDENIEDâ operation=âopenâ profile=âsnap.nextcloud.php-fpmâ name="/media/nextcloud/data/nextcloud.log" pid=26872 comm=âphp-fpmâ requested_mask=âacâ denied_mask=âacâ fsuid=0 ouid=0
I can change profile /var/lib/snapd/apparmor/profiles/snap.nextcloud.php-fpm
and nextcloud works fine.
But after each update apparmor replaces this profile and my changes are lost.
How to save my fixes in apparmor profiles and prevent them from changes on update?
today I noticed that my nextcloud box i still on version 13 (13.0.12 to be exact) and wondered, since version 16 seems to be out, shouldnât the snap version in nextcloud box auto update at some point?
Danger alert: if you are running Nextcloud from a ver. 15 snap, donât upgrade your âBookmarksâ app to 2.1.1! It needs the php-gmp package/library, which is not in the ver. 15 snap! Stay on âBookmarksâ version 1.1.1.
Note: Cross-posted from here.
Also note: a ver. 16 snap seems to work, for the bookmarks app! Problem only exists with ver. 15 snap.
Hello,
I installed Nextcloud snap in an Ubuntu 18.04.3 LTS VPS about a month ago, been using it with no issues accesing through the VPS IP with a self-signed certificate for HTTPS.
Today I pointed a test.domain.com to the VPS IP, redirection was successful.
Then I tried to create new certificates for the domain.com and everything blew up.
Right now I get the default Apache webpage with no access to nextcloud.
Any ideas how to troubleshoot?
Where to begin?
with HTTPS I get
This site canât be reached
94.158.245.230 unexpectedly closed the connection.
Try:
- Checking the connection
- Checking the proxy and the firewall
ERR_CONNECTION_CLOSED
with HTTP
Default Apache welcome page.
Thanks in advance
HI there,
Iâve just posted an issue as a separate topic:
Not sure whether itâs a snap issue or whether providing a check for the coturn server is all you can do here.
Best regards
Martin
Help! for some Reason nextcloud does not show âDESKâ and some users canât login! What Iâve been doing a day before was ânextcloud.exportâ and it did not gave me any error. What I think is somebody hit update. Is there some clue how can I fix this?
Hello,
I followed this simple guide on getting Nextcloud setup on a linode server but I cannot get HTTPS enable and only have HTTP which is not a secure connection.
I did everything in the video but I skipped the domain part (Step 4 & 5). I do not want to buy a domain name for my Nextcloud server and I am perfectly fine with remembering an IP address.
How do I get HTTPS to work with the IP address only?
I installed NextCloud via SNAP on my Armbian Buster with Linux 5.4.21
But i can not get https to work, is there any fix?
Only Firefox can display my site.
btw. while reading the trusted domains, i get this error msg:
sudo snap run nextcloud.occ config:system:get trusted_domains 1
2020/03/11 00:28:29.305784 cmd_run.go:884: WARNING: cannot create user data directory: failed to verify SELinux context of /root/snap: exec: "matchpathcon": executable file not found in $PATH`
nextcloud.enable-https lets-encrypt
Command 'nextcloud.enable-https' is available in '/snap/bin/nextcloud.enable-https'
The command could not be located because '/snap/bin' is not included in the PATH environment variable.
UPDATE:
adding /snap/bin to $PATH
and running:
sudo nextcloud.enable-https lets-encrypt
fixed the issue.