Problems in setting up ncp - ports closed

Hello!

This is not the first attempt to setup ncp on my raspberry pi, the other ones failed as well. So I hope to find some support here. So thanks in advance.

I set up a new ncp image on the SD card, entered the webUI and aktivated ncp. Then skipped the wizard to imidately change the IP to a static one.

System info says internet check is OK, port check: ports are closed, thats OK as the ports arent forewardet yet.

After setting the static IP, system info says that the internet check is OK and ports 80 and 443 are open, because of the port forwardings on my router I suppose. But the IP is still 192.168.0.15 (that’s the IP from the DHCP Server, Range: 1 - 24). On the routers interface there is no device shown with the IP xxx.15 but the static IP xxx.30 is shown.

https://www.yougetsignal.com/tools/open-ports/ says that the ports on xxx.30 are closed. I’m getting confused…

Trying to do the portforwarding by the webUI after enabling UPnP: this is trying to foreward the ports from xxx.15 and certainly fails.

And: Update ends with Something went wrong. Try refreshing the page. After refreshing 192.168.0.15:4443 isn’t accessible any more and there is no access to the webUI on 192.168.0.30:4443 as well.

Tryed to finish the update via the console sudo ncp-update. There is an error saying E: dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem.

So I did so and started the update again. As far as I can evaluate it worked.

So back to the console. First I adjusted the locale settings, expanded the filesystem and rebooted.

Since the reboot there is no more access to the pi via putty on xxx.15 which is good I think as it prooves, that the static IP is working. There is no access to the webUI with xxx.30 or xxx.30:4443.

Then I tried to configure the ncp via the console: Changed the userpassword, forwarded the ports (nc-forward-ports, UPnP on the router enabled) - Done. Press any key...

Checked the ports via yougetsignal and noted that all common ports on 192.168.0.30 are closed, ping is not possible.

Next attempt: access to the webUI via the no-ip-URL. So I adjusted the entries in DDNS_no-ip:

noip DDNS enabled
Done. Press any key...

Superb! But: Still no access, all ports closed except 22, ping to google.com works.

As the port 22 is open I activated fail2ban.

As letsencrypt isn’t activated yet I deactivated nc-httpsonly which was active by default. yougetsignal says port 80 is closed on my no-ip-URL and on the static IP.

I run out of ideas… What could be the next step?

yours

SMichel

Found out that there is a new image on github, so I flashed the new 11-4-2018-img on the SD-card.

Everything fine and activadted nextcloudpi. Set the static IP to 192.168.0.30 an rebooted. Everything fine. System info says that the internet check is ok and that the ports 80 and 443 are open (forwarded).

Adjusted the no-ip settings and activated fail2ban. Refreshed the site and get no more access to the webUI. Nore on xxx.30 or xxx.30:4443 or no-ip-URL or nextcloudpi.local or nextcloudpi.local:4443.

As I still have access via putty and the static IP I logged in and started the update. OK

As I don’t know what to do now and what is closing all the ports (https://www.yougetsignal.com/tools/open-ports/) I finish for today, whish my raspi to hell and will use it as a nice black thing in a rack.

yours

SMichel

Clearly something went wrong here, if everything worked before this.

Maybe a typo or your account with no-ip is not set up correctly?

What is the output of

sudo noip2 -S

Did you follow this how to?

Take it step by step, don’t try a next configuration step before checking the last one is still allowing you access. You want to start fail2ban last of all, only after everything else is configured and working properly.

Many thanks for you answer!

In my next attempt everything worked so far, what means that the ports for the static IP are open. No-ip seems to be configured correctly:

pi@nextcloudpi:~ $ sudo noip2 -S
1 noip2 process active.

Process 3259, started as noip2, (version 2.1.9)
Using configuration from /usr/local/etc/no-ip2.conf
Last IP Address set xx.xx.xxx.xxx
Account xxx@xxx.org
configured for:
        host  xxx.ddns.net
Updating every 30 minutes via /dev/eth0 with NAT enabled.

But letsencrypt seems to cause problems now:

Launching letsencrypt
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for xxx.ddns.net
Using the webroot path /var/www/nextcloud for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. xxx.ddns.net (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://xxx.ddns.net/.well-known/acme-challenge/4TXCvpgOIfxqeSMO0Nqil3Zh6CDtnSb24WHxJSirl9M: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>403 Forbidden</title>\n</head><body>\n<h1>Forbidden</h1>\n<p"
IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: xxx.ddns.net
   Type:   unauthorized
   Detail: Invalid response from
   http://xxx.ddns.net/.well-known/acme-challenge/4TXCvpgOIfxqeSMO0Nqil3Zh6CDtnSb24WHxJSirl9M:
   "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
   2.0//EN\">\n<html><head>\n<title>403
   Forbidden</title>\n</head><body>\n<h1>Forbidden</h1>\n<p"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address.
Done. Press any key...

I’ve checked the domain name. It’s correct. But where can I find the DNS A record(s)???

I’ve tried you “how to” as well with the following result:

-bash: ./installer.sh: Datei oder Verzeichnis nicht gefunden

But the output of sudo noip2 -S makes me hope that everything is fine.

Yours

SMichel

I think I’ve found it and all entries are correct:

https://viewdns.info/dnsrecord/?domain=xxx.ddns.net

OK, finally I got access to the webUI, don’t really now why. But I entered not at the ncp startpage where I can print the login data so I’ve never seen the login data so the access isn’t worth anything.

So I’ll make another attempt.

Flashing the image…

The login data is stored (and can be reset) in nc-admin and nc-passwd, available from ncp-config, so no need to start over.

Ouuups - too late…

But: It worked so far. Rebooting the Pi after steps like changing IP address, etc. was the only differenze I made in this attempt. And even letsencrypt worked without errors.

Next step will be to add a 2. storage to have the possivility to backup the whole nextcloud and its settings.

I umounted the storage with the datadir, inserted the backup storage, formatted it, labeled it and reentered the datadir. Then reboot and then:

An no access to the nextcloud instance via xxx.dns.net:

Internal Server Error

The server encountered an internal error and was unable to complete your request.
Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.
More details can be found in the server log.

What went wrong? I was so close!

pi@nextcloudpi:/media $ ls -la
insgesamt 40
drwxr-xr-x  4 root root 4096 Nov 23 06:08 .
drwxr-xr-x 22 root root 4096 Nov 22 21:22 ..
drwxr-xr-x  1 root root    0 Nov 23 05:54 backup
drwxr-xr-x  1 root root   12 Nov 22 21:58 myCloudDrive
lrwxrwxrwx  1 root root   13 Nov 23 06:08 USBdrive -> /media/backup
lrwxrwxrwx  1 root root   19 Nov 23 06:08 USBdrive1 -> /media/myCloudDrive

yours

SMichel

When using nc-automount.
Use LABELs to make sure they get mounted correctly.
When formatting you can label a drive. when labeled myCloudDrive it will get mounted /media/myCloudDrive.

I labeled my ncdata drive seag7 and my backupdrive seag8
Here is my output of ls -lh /media

ls -lh /media
total 32K
lrwxrwxrwx 1 root root 12 Nov 14 14:11 USBdrive → /media/seag7
lrwxrwxrwx 1 root root 12 Nov 14 14:11 USBdrive1 → /media/seag8
drwxr-xr-x 1 root root 34 Oct 3 12:19 seag7
drwxr-xr-x 1 root root 40 Oct 20 12:55 seag8

The first 2 are symbolic links created by nc-automount, the last 2 are the actual mount points.

The wiki might need some editing/clarification.(Edit: noop, its quit clear)

You can just edit your config and point it to your /media/myCloudDrive

I think my output is quite similar and seems to be cofigured correctly:

pi@nextcloudpi:/media $ ls -la
insgesamt 40
drwxr-xr-x  4 root root 4096 Nov 23 17:52 .
drwxr-xr-x 22 root root 4096 Nov 23 17:12 ..
drwxr-xr-x  1 root root    0 Nov 23 17:47 backup
drwxr-xr-x  1 root root   32 Nov 23 17:55 mopetcloud
lrwxrwxrwx  1 root root   13 Nov 23 17:52 USBdrive -> /media/backup
lrwxrwxrwx  1 root root   17 Nov 23 17:52 USBdrive1 -> /media/mopetcloud

First I formatted the datadir-drive, then removed it and formatted the backup-drive. Then I acitvated the automount function, moved the datadir to the datadir-drive with the wizard, then I rebootet the pi.

Something went wrong. On calling up nextcloud via the no-ip-URL I get a “Internal server error”. Can’t move the database because it is already moved. I think nextcloud can’t find the datadir.

On running nc-datadir I get the following output:

Launching nc-datadir
Cannot load Zend OPcache - it was already loaded
PHP Warning:  fileperms(): stat failed for /media/USBdrive/ncdata/nextcloud.log in /var/www/nextcloud/lib/private/Log/File.php on line 137
{"reqId":"R41g0XWvYlLxrTJuydjX","level":3,"time":"2018-11-23T17:08:25+00:00","remoteAddr":"","user":"--","app":"PHP","method":"","url":"--","message":"fileperms(): stat failed for \/media\/USBdrive\/ncdata\/nextcloud.log at \/var\/www\/nextcloud\/lib\/private\/Log\/File.php#137","userAgent":"--","version":"14.0.3.0"}
{"reqId":"R41g0XWvYlLxrTJuydjX","level":2,"time":"2018-11-23T17:08:25+00:00","remoteAddr":"","user":"--","app":"no app in context","method":"","url":"--","message":"Temporary directory \/media\/USBdrive\/ncdata\/tmp is not present or writable","userAgent":"--","version":"14.0.3.0"}
PHP Warning:  fileperms(): stat failed for /media/USBdrive/ncdata/nextcloud.log in /var/www/nextcloud/lib/private/Log/File.php on line 137
{"reqId":"R41g0XWvYlLxrTJuydjX","level":3,"time":"2018-11-23T17:08:25+00:00","remoteAddr":"","user":"--","app":"PHP","method":"","url":"--","message":"file_get_contents(\/media\/USBdrive\/ncdata\/news\/config\/config.ini): failed to open stream: No such file or directory at \/var\/www\/nextcloud\/lib\/private\/Files\/Storage\/Local.php#216","userAgent":"--","version":"14.0.3.0"}
PHP Warning:  fileperms(): stat failed for /media/USBdrive/ncdata/nextcloud.log in /var/www/nextcloud/lib/private/Log/File.php on line 137
{"reqId":"R41g0XWvYlLxrTJuydjX","level":3,"time":"2018-11-23T17:08:25+00:00","remoteAddr":"","user":"--","app":"PHP","method":"","url":"--","message":"fileperms(): stat failed for \/media\/USBdrive\/ncdata\/nextcloud.log at \/var\/www\/nextcloud\/lib\/private\/Log\/File.php#137","userAgent":"--","version":"14.0.3.0"}
{"reqId":"R41g0XWvYlLxrTJuydjX","level":2,"time":"2018-11-23T17:08:25+00:00","remoteAddr":"","user":"--","app":"news","method":"","url":"--","message":"Configuration invalid. Ignoring values.","userAgent":"--","version":"14.0.3.0"}
PHP Warning:  fileperms(): stat failed for /media/USBdrive/ncdata/nextcloud.log in /var/www/nextcloud/lib/private/Log/File.php on line 137
{"reqId":"R41g0XWvYlLxrTJuydjX","level":3,"time":"2018-11-23T17:08:26+00:00","remoteAddr":"","user":"--","app":"PHP","method":"","url":"--","message":"mkdir(): Permission denied at \/var\/www\/nextcloud\/apps\/news\/lib\/AppInfo\/Application.php#143","userAgent":"--","version":"14.0.3.0"}
PHP Warning:  fileperms(): stat failed for /media/USBdrive/ncdata/nextcloud.log in /var/www/nextcloud/lib/private/Log/File.php on line 137
{"reqId":"R41g0XWvYlLxrTJuydjX","level":3,"time":"2018-11-23T17:08:26+00:00","remoteAddr":"","user":"--","app":"PHP","method":"","url":"--","message":"fileperms(): stat failed for \/media\/USBdrive\/ncdata\/nextcloud.log at \/var\/www\/nextcloud\/lib\/private\/Log\/File.php#137","userAgent":"--","version":"14.0.3.0"}
{"reqId":"R41g0XWvYlLxrTJuydjX","level":3,"time":"2018-11-23T17:08:26+00:00","remoteAddr":"","user":"--","app":"PHP","method":"","url":"--","message":"chmod(): No such file or directory at \/var\/www\/nextcloud\/lib\/private\/Log\/File.php#138","userAgent":"--","version":"14.0.3.0"}
Error reading data directory. Is NextCloud running and configured?
Done. Press any key...

This is driving me mad!

This is sarcasm: Getting an award for not being able to get nextcloud running…

Yours

SMichel

in config.php (or nc-datadir but it’s a bit late now) don’t type USBdrive, type /media/mopetcloud

OK, lets flash again…

I never ever told this f… pi to put the datadir to /media/USBdrive, I’ve told him to put it on /media/mopetcloud. But he put the f… datadir to USBdrive and now wonders why he doesn’t find it anymore. F… sh… f…f…f… And all this f… pi says is “error” datadir doesn’t exist. F… f… f…

And flash again. #80 or #90 I suppose.

I’m patient, I’m calm.

F… f… f…

yours

SMichel

OK, this time everything went fine. Both drives are mounted, the backup worked, I created a user and so on.

Then there was an update to be made (14.0.3 → 14.0.4) and I did it - and got an error message:

1397×609 60.2 KB

Please reload the page - and I did it with the following result:

2855×92 12.4 KB

Now the pi is still accessible via ssh but not via the no-ip-URL. It is also accessible via the IP address. That means, I can reach the ncp but not nextcloud, it ends at the login page but the login is not possible.

You should not use NC’s manual upgrade, just enable nc-autoupdate and nc-autoupdate-nextcloud from ncp-config and let NCP take care of it, Or use nc-update and nc-update-nextcloud from ncp-config.

14.0.4 maybe released, but will only be made available (to NCP users) via nc-autoupdate-nc after it has been tested.
You can use nc-nextcloud to install 14.0.3 back. Then enable nc-autoupdate and nc-autoupdate-nextcloud. Or try re-installing 14.0.4 using nc-update-nextcloud.

Thanks a lot. I’ve started installation of version 14.0.3 with nc-nextcloud, but it lasts now about 20 min. Does it really take this long?

-----> ready! Let’s see…

Everything worked fine so far. I had to wait two days to enable letsencrypt because there where too many requests for certificates for my URL, but finally this worked as well.

Now it’s stuck in maintenance mode, no access via webUI nor putty. This mode lasts now for 12 hours???

Got access with https://192.168.0.30:4443 and ran nc-init. Now datadir is /var/www/nextcloud/data and dbdir is /media/mopetcloud/ncdatabase???

Can’t fix this, chucked the installation in the dustbin again.

Everything new again. Got a new no-ip-URL and in this way I got also a letsencrypt certificate. In the system Info everything is green. This morning I set up one user and uploaded one calendar.

But now I fail at the log in page with the following error:

service%20unavailable871×140 12 KB

The desktop client has synced but most time it says “no connection”. I tried this from the PC an from the Laptop. I know that the pi has low capacity but it should manage the log in (slowly).

Log in to the webURL of ncp is possible.

What can cause these problems? The pi has a LAN connection directly to the router, 10.1 MB of storage is used which should not be too much I suppose!!!

Got access for a short period, clicked on calendar and lost it again - “service unavailable”. Hate it! I rebooted ncp serveral times with no effects.

Yours

SMichel

Here’s the output of speedtest-cli:

But now I wait 1 hour to get a 850 kb .ics-calendarfile uploaded (“import sheduled”) in a moment when I was able to login to my nextcloudaccount on the pi (I dont know if I’m still connected, nothing happens). Last time I’ve tried the upload I got the message "2708 items imported with 2000 errors.

Then testet internet connection again with speedtest and got similar results. Then tried to reload the page, the calendar seems to be imported, but no entry is shown. But: 2708 items imported with 2708 errors.

I downloaded the calendar: 164 bytes anyway…

Shit happens…

Yous

SMichel