Fairly recently certbot has gained the ability to do wildcard SSL certs (thereby allowing two SSL certs for the same Nextcloud server, the coturn server using a domain name like “turn.yournextcloudserver.com”), however this doesn’t seem to be packaged nicely for Debian 9 yet. A second SSL cert for the coturn server could perhaps be generated using this obscure howto (but I’ve never tried it).

You can as well simply duplicate the certs from certbot. Just needs to be redone, when they are renewed.
AFAIK, self-signed certificates work as well. But not 100% sure if all browsers and such connect well then without complaining about the non-trusted cert.

I’m in Gallery Slideshow/Preview Generator app trouble on my Nextcloud 14/stable server. Please see here for more info.

In summary, I can’t figure out how to properly run the “Preview Generator” app’s “/snap/bin/nextcloud.occ preview:generate-all” on the command line…

Edit: I merely rebooted the server, and it all seems to work OK now.

Request: when Let’s Encrypt generates SSL certificates within the snap, could the actual privkey.pem and cert.pem files be stored outside the snap (say, under /etc/certbot or something like that), in case any other services installed on the same Nextcloud server might also want to use SSL encryption?

Two possible examples of this:

• Running a TURN server (for use in conjunction with Nextcloud Talk)
• Running a mail server (where you want SSL on your IMAP, and SMTP submission ports), say from a docker container like this one.

I installed NC via SNAP/Ubuntu 18.04 yesterday and everything was working as expected. Today my site is throwing an HTTP 500 ERROR, and I cannot figure out why. I did not make any changes, but did upload some files via the mobile app this morning (which I see exist in the data directory).

When I look in the logs and elsewhere by running OCC commands (which arnt working) I see messages like the below. My newb brain thinks it looks like a problem with the database. Running php -m I cannot find mysql or other modules I’m would expect were included in the SNAP package. Nor sure how it would have worked before without these. Any advice on this matter would be appreciated.

An unhandled exception has been thrown:
Doctrine\DBAL\DBALException: Failed to connect to the database: An exception occured in driver: SQLSTATE[HY000] [2002] No such file or directory in /snap/nextcloud/10791/htdocs/lib/private/DB/Connection.php:64

Files stopped syncing. When checked the web page, it turns out it is a forced update to version 15.0.2 as seen in the ss.

When clicked on to “start update”, it results in error. The last repair step is to “extract the vcard uid and store it in the db”.

Then it puts itself into maintenance mode until I restart the snap, in which case it starts over from the “start update” page. How to troubleshoot?

What I could find is that the line in the logs below that repair step is about memory limits.

{“reqId”:“XshGdYhMa5PsodOS2q3p”,“level”:1,“time”:“2019-02-11T08:59:39+00:00”,“remoteAddr”:“”,“user”:“–”,“app”:“updater”,“method”:“”,“url”:“–”,“message”:“\OC\Repair::step: Repair step: Extract the vcard uid and store it in the db”,“userAgent”:“–”,“version”:“14.0.6.0”}
{“reqId”:“XshGdYhMa5PsodOS2q3p”,“level”:3,“time”:“2019-02-11T08:59:41+00:00”,“remoteAddr”:“”,“user”:“–”,“app”:“PHP”,“method”:“”,“url”:“–”,“message”:“Allowed memory size of 134217728 bytes exhausted (tried to allocate 217088 bytes) at /snap/nextcloud/11343/htdocs/3rdparty/sabre/vobject/lib/Parser/MimeDir.php#319”,“userAgent”:“–”,“version”:“14.0.6.0”}

Also, it says “needsDbUpgrade:true” in the nextcloud status. So maybe it is relevant.

A little bit of a ‘noob’ here. Have installed nextcloud snap (15 edge currently but have been working on stable version as well) on an old macbook air (1,1) with Ubuntu server (18.04) with an external disk which I have working (although it’s a little moody) and I have figured out how to add files and folders directly (ie. an hour or two) rather than uploading them (days) via the nextcloud client (which anyway seems to have its own issues) but I am having problems working out how to get nextcloud to acknowledge that they’re there and make them available for clients. I have tried various incarnations of;
sudo -u www-data nextcloud.occ files:scan --all

but it seems to run into folder permission issues - “cannot create user data directory … permission denied”.

Reading up a little on this page it would seem that this might be an issue with the snap and to get this working I’d have to reinstall without using the snap. Is that correct or is there a way around this?

And I did try changing the folder permissions temporarily (to 777) but that didn’t work either and changing them (/var/snap/nextcloud/12142) back to 755 seems to have stopped uploads completely.

For now I’ve only added two files both set to 640 (apparently folders should be 750 and files 640). Both of these are not showing up on the client side (but are definitely in the right folder alongside two other files uploaded via the client which are showing up).

For me, it installs fine and I can reach the http site. But when I “snap Nextcloud.enable-https custom -s cert.crt key.csr chain.ca-bundle”. it successfully installs the ssl cert files but there is an error when restarting apache. Apache shows as inactive. I have then disabled https but apache remains inactive. I also tried enable https with each ssl file renamed to .pem

A message I get is that the is a syntax error at line 69 of ssl.conf. cert.pem is either missing or empty.

I entered /var/snap/nextcloud/11891/certs/live. The cert file is present. I then open it and it has the same key as our custom .crt file. So it is neither missing nor empty. And the path on line 69 of ssl.conf points to the location where cert.pem is located.

You’re more likely to get help logging issues on the project itself.

I am facing a SSL handshake issue from an android 4.4.2 device.

i have a setup where I sync my contancts on Nextcloud with multiple Android devices using Davx5 (davdroid). It used to work fine but now one of my devices stopped syncing. Don’t know for sure but I have a sense that this could be related to the snap update specific to the Android version because my other android device (and thunderbird as well) is continuing to sync properly.

The error I am getting from Davx5 says:

2019-04-16 10:35:50 2 [HttpClient] ← HTTP FAILED: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x5e210c78: Failure in SSL library, usually a protocol error

error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:744 0x5e2b2830:0x00000000)

Full Error Log: --- BEGIN DEBUG INFO ---LOGS:2019-04-16 10:35:50 2 [ui.setup.DavResourceFi - Pastebin.com

From what I read on Davx5 forums, this could be about incompatible ciphers (https://forums.bitfire.at/topic/1091/handshake-error-sl23_get_server_hello/15). But I am not sure what they are, how to test or change them in a nextcloud snap installation setting.

Any idea how to proceed with troubleshooting?

@qweqweqwe please start a new thread or log an issue.

I have external storage mounted to /media/nextcloud. By default apparmor denies access to this folder. Logs looks like this:

May 23 11:06:58 cloud kernel: [255431.083533] audit: type=1400 audit(1558598818.295:5976): apparmor=“DENIED” operation=“open” profile=“snap.nextcloud.php-fpm” name="/media/nextcloud/data/nextcloud.log" pid=26872 comm=“php-fpm” requested_mask=“ac” denied_mask=“ac” fsuid=0 ouid=0

I can change profile /var/lib/snapd/apparmor/profiles/snap.nextcloud.php-fpm
and nextcloud works fine.
But after each update apparmor replaces this profile and my changes are lost.
How to save my fixes in apparmor profiles and prevent them from changes on update?

today I noticed that my nextcloud box i still on version 13 (13.0.12 to be exact) and wondered, since version 16 seems to be out, shouldn’t the snap version in nextcloud box auto update at some point?

Danger alert: if you are running Nextcloud from a ver. 15 snap, don’t upgrade your “Bookmarks” app to 2.1.1! It needs the php-gmp package/library, which is not in the ver. 15 snap! Stay on “Bookmarks” version 1.1.1.

Note: Cross-posted from here.

Also note: a ver. 16 snap seems to work, for the bookmarks app! Problem only exists with ver. 15 snap.

Hello,
I installed Nextcloud snap in an Ubuntu 18.04.3 LTS VPS about a month ago, been using it with no issues accesing through the VPS IP with a self-signed certificate for HTTPS.
Today I pointed a test.domain.com to the VPS IP, redirection was successful.
Then I tried to create new certificates for the domain.com and everything blew up.

Right now I get the default Apache webpage with no access to nextcloud.

Any ideas how to troubleshoot?

Where to begin?

with HTTPS I get

This site can’t be reached

94.158.245.230 unexpectedly closed the connection.

Try:

• Checking the connection
• Checking the proxy and the firewall

ERR_CONNECTION_CLOSED

with HTTP
Default Apache welcome page.

Thanks in advance

HI there,
I’ve just posted an issue as a separate topic:

Not sure whether it’s a snap issue or whether providing a check for the coturn server is all you can do here.
Best regards
Martin

Help! for some Reason nextcloud does not show “DESK” and some users can’t login! What I’ve been doing a day before was “nextcloud.export” and it did not gave me any error. What I think is somebody hit update. Is there some clue how can I fix this?

Hello,

I followed this simple guide on getting Nextcloud setup on a linode server but I cannot get HTTPS enable and only have HTTP which is not a secure connection.

I did everything in the video but I skipped the domain part (Step 4 & 5). I do not want to buy a domain name for my Nextcloud server and I am perfectly fine with remembering an IP address.

How do I get HTTPS to work with the IP address only?

I installed NextCloud via SNAP on my Armbian Buster with Linux 5.4.21

But i can not get https to work, is there any fix?
Only Firefox can display my site.

btw. while reading the trusted domains, i get this error msg:

sudo snap run nextcloud.occ config:system:get trusted_domains 1
2020/03/11 00:28:29.305784 cmd_run.go:884: WARNING: cannot create user data directory: failed to verify SELinux context of /root/snap: exec: "matchpathcon": executable file not found in $PATH`

nextcloud.enable-https lets-encrypt
Command 'nextcloud.enable-https' is available in '/snap/bin/nextcloud.enable-https'
The command could not be located because '/snap/bin' is not included in the PATH environment variable.

UPDATE:
adding /snap/bin to $PATH
and running:

sudo nextcloud.enable-https lets-encrypt

fixed the issue.