[SOLVED] Update - Security & setup warnings

Nextcloud version: 22.1.0
Operating system and version: Linux 5.10.28
Operating System: DOCKER
Webserver: Nginx
PHP version 8.0.18

The issue you are facing:
Cannot remove the Security & setup warnings error.
attempted NC documentation steps without success

Is this the first time you’ve seen this error? (Y):

Steps to replicate it:

  1. Attempted to use NC documentation,
    General troubleshooting — Nextcloud latest Administration Manual latest documentation

Reddit, forums, unable to find a clear resolution, as users post to change .htaccess and others discuss changing the swag config or proxy configs, etc

The output of your Nextcloud log in Admin > Logging:

[no app in context] Error: in_array(): Argument #2 ($haystack) must be of type array, null given

GET /ocs/v2.php/apps/files_sharing/api/v1/sharees?format=json&itemType=file&search=&perPage=20&lookup=false
at 2022-10-23T13:14:50+00:00

/config/www/nextcloud/lib/private/AppFramework/App.php - line 156:

OC\AppFramework\Http\Dispatcher->dispatch()

/config/www/nextcloud/lib/private/Route/Router.php - line 301:

OC\AppFramework\App::main()

/config/www/nextcloud/ocs/v1.php - line 62:

OC\Route\Router->match()

/config/www/nextcloud/ocs/v2.php - line 23:

require_once("/config/www ... p")

Caused by TypeError: in_array(): Argument #2 ($haystack) must be of type array, null given
/config/www/nextcloud/apps/circles/lib/Collaboration/v2/CollaboratorSearchPlugin.php - line 101:

in_array()

/config/www/nextcloud/lib/private/Collaboration/Collaborators/Search.php - line 72:

OCA\Circles\Collaboration\v2\CollaboratorSearchPlugin->search()

/config/www/nextcloud/apps/files_sharing/lib/Controller/ShareesAPIController.php - line 228:

OC\Collaboration\Collaborators\Search->search()

/config/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php - line 217:

OCA\Files_Sharing\Controller\ShareesAPIController->search()

/config/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php - line 126:

OC\AppFramework\Http\Dispatcher->executeController()

/config/www/nextcloud/lib/private/AppFramework/App.php - line 156:

OC\AppFramework\Http\Dispatcher->dispatch()

/config/www/nextcloud/lib/private/Route/Router.php - line 301:

OC\AppFramework\App::main()

/config/www/nextcloud/ocs/v1.php - line 62:

OC\Route\Router->match()

/config/www/nextcloud/ocs/v2.php - line 23:

require_once("/config/www ... p")

Added the following lines as per documentation, did not resolve the concern

at:
/nextcloud/www/nextcloud

IfModule mod_rewrite.c

RewriteEngine on

RewriteRule ^.well-known/carddav nextcloud/remote.php/dav [R=301,L]
RewriteRule ^.well-known/caldav /nextcloud/remote.php/dav [R=301,L]
RewriteRule ^.well-known/webfinger /nextcloud/index.php/.well-known/webfinger [R=301,L]
RewriteRule ^.well-known/nodeinfo /nextcloud/index.php/.well-known/nodeinfo [R=301,L]

You’ll need to post the actual warning you’re trying to clear, and your Nextcloud and Apache configurations.

Hello here are the errors reported from
Settings > Overview

The “Strict-Transport-Security” HTTP header is not set to at least “15552000” seconds. For enhanced security, it is recommended to enable HSTS
https://docs.nextcloud.com/server/22/admin_manual/installation/harden_server.html

Your web server is not properly set up to resolve “/.well-known/webfinger”.
Your web server is not properly set up to resolve “/.well-known/nodeinfo”.
Your web server is not properly set up to resolve “/.well-known/caldav”.
Your web server is not properly set up to resolve “/.well-known/carddav”.

^^ all 4 point to this document ^^
https://docs.nextcloud.com/server/22/admin_manual/issues/general_troubleshooting.html#service-discovery

I have been attempting every different method that is posted. Some say edit
default.conf > nginx
or
.htaccess > nextcloud/www/nextcloud

I have tried many different methods with no success

as far as I know, I am using nginx (swag revproxy)

Ok. Maybe someone who uses nginx will chime in. The documentation has always resolved this for me in Apache.

Hello,

I have resolved the errors so far and now attempting to finally use the updater to update to the latest build

Each instance I tried failed
first time it failed, I could not return and access the webGUI would get update in process

So I restored my backup and was able to get back into the webGUI again. Checked over permissions on the file shares and attempted to re-run the updater.

Again stuck on the same spot

Updater.log

2022-10-24T18:43:39-0400 y6idqqe5TB [info] getChangelogURL()
2022-10-24T18:43:39-0400 y6idqqe5TB [info] end of checkForUpdate() Update to Nextcloud 22.2.10 available. (channel: “stable”)
Following file will be downloaded automatically: https://download.nextcloud.com/server/releases/nextcloud-22.2.10.zip
Open changelog :arrow_upper_right:
2022-10-24T18:43:43-0400 NDelhfX8WX [info] request to updater
2022-10-24T18:43:43-0400 NDelhfX8WX [info] currentStep()
2022-10-24T18:43:43-0400 NDelhfX8WX [info] Step 6 is in state “end”.
2022-10-24T18:43:43-0400 NDelhfX8WX [info] POST request for step “7”
2022-10-24T18:43:43-0400 NDelhfX8WX [info] startStep(“7”)
2022-10-24T18:43:43-0400 NDelhfX8WX [info] setMaintenanceMode(“true”)
2022-10-24T18:43:43-0400 NDelhfX8WX [info] configFileName /config/www/nextcloud/updater/…/config/config.php
2022-10-24T18:43:43-0400 NDelhfX8WX [info] end of setMaintenanceMode()
2022-10-24T18:43:43-0400 NDelhfX8WX [info] endStep(“7”)
2022-10-24T18:43:43-0400 7XB7Xnsqf0 [info] request to updater
2022-10-24T18:43:43-0400 7XB7Xnsqf0 [info] currentStep()
2022-10-24T18:43:43-0400 7XB7Xnsqf0 [info] Step 7 is in state “end”.
2022-10-24T18:43:43-0400 7XB7Xnsqf0 [info] POST request for step “8”
2022-10-24T18:43:43-0400 7XB7Xnsqf0 [info] startStep(“8”)
2022-10-24T18:43:43-0400 7XB7Xnsqf0 [info] replaceEntryPoints()
2022-10-24T18:43:43-0400 7XB7Xnsqf0 [info] replace index.php
2022-10-24T18:43:43-0400 7XB7Xnsqf0 [info] replace status.php
2022-10-24T18:43:43-0400 7XB7Xnsqf0 [info] replace remote.php
2022-10-24T18:43:43-0400 7XB7Xnsqf0 [info] replace public.php
2022-10-24T18:43:43-0400 7XB7Xnsqf0 [info] replace ocs/v1.php
2022-10-24T18:43:43-0400 7XB7Xnsqf0 [info] replace ocs/v2.php
2022-10-24T18:43:43-0400 7XB7Xnsqf0 [info] end of replaceEntryPoints()
2022-10-24T18:43:43-0400 7XB7Xnsqf0 [info] endStep(“8”)
2022-10-24T18:43:43-0400 ERNBf8jteu [info] request to updater
2022-10-24T18:43:43-0400 ERNBf8jteu [info] currentStep()
2022-10-24T18:43:43-0400 ERNBf8jteu [info] Step 8 is in state “end”.
2022-10-24T18:43:43-0400 ERNBf8jteu [info] POST request for step “9”
2022-10-24T18:43:43-0400 ERNBf8jteu [info] startStep(“9”)
2022-10-24T18:43:43-0400 ERNBf8jteu [info] deleteOldFiles()
2022-10-24T18:44:01-0400 ERNBf8jteu [info] config sample exists
2022-10-24T18:44:01-0400 ERNBf8jteu [info] themes README exists
2022-10-24T18:44:22-0400 ERNBf8jteu [info] end of deleteOldFiles()
2022-10-24T18:44:22-0400 ERNBf8jteu [info] endStep(“9”)
2022-10-24T18:44:23-0400 8XQgXLhapB [info] request to updater
2022-10-24T18:44:23-0400 8XQgXLhapB [info] currentStep()
2022-10-24T18:44:23-0400 8XQgXLhapB [info] Step 9 is in state “end”.
2022-10-24T18:44:23-0400 8XQgXLhapB [info] POST request for step “10”
2022-10-24T18:44:23-0400 8XQgXLhapB [info] startStep(“10”)
2022-10-24T18:44:23-0400 8XQgXLhapB [info] moveNewVersionInPlace()
2022-10-24T18:44:23-0400 8XQgXLhapB [info] storage location: /data/updater-oc63ccqttjzf/downloads/nextcloud/
2022-10-24T18:44:25-0400 8XQgXLhapB [error] POST request failed with other exception
2022-10-24T18:44:25-0400 8XQgXLhapB [error] Exception: Exception
Message: Could not rmdir /data/updater-oc63ccqttjzf/downloads/nextcloud/lib/l10n
Code:0
Trace:
#0 /config/www/nextcloud/updater/index.php(1088): Updater->moveWithExclusions()
#1 /config/www/nextcloud/updater/index.php(1388): Updater->moveNewVersionInPlace()
#2 {main}
File:/config/www/nextcloud/updater/index.php
Line:1062

2022-10-24T18:44:25-0400 8XQgXLhapB [info] rollbackChanges(“10”)
2022-10-24T18:44:25-0400 8XQgXLhapB [info] unlink .step
2022-10-24T18:44:25-0400 8XQgXLhapB [info] rollbackChanges - step >= 7
2022-10-24T18:44:25-0400 8XQgXLhapB [info] end of rollbackChanges()
2022-10-24T19:08:38-0400 y1EHQFlaCl [info] request to updater
2022-10-24T19:08:38-0400 y1EHQFlaCl [info] currentStep()
2022-10-24T19:08:38-0400 y1EHQFlaCl [info] POST request for step “10”
2022-10-24T19:08:38-0400 y1EHQFlaCl [info] startStep(“10”)
2022-10-24T19:08:38-0400 y1EHQFlaCl [info] moveNewVersionInPlace()
2022-10-24T19:08:38-0400 y1EHQFlaCl [info] storage location: /data/updater-oc63ccqttjzf/downloads/nextcloud/
2022-10-24T19:08:54-0400 y1EHQFlaCl [error] POST request failed with other exception
2022-10-24T19:08:54-0400 y1EHQFlaCl [error] Exception: Exception
Message: Could not rmdir /data/updater-oc63ccqttjzf/downloads/nextcloud/lib/private
Code:0
Trace:
#0 /config/www/nextcloud/updater/index.php(1088): Updater->moveWithExclusions()
#1 /config/www/nextcloud/updater/index.php(1388): Updater->moveNewVersionInPlace()
#2 {main}
File:/config/www/nextcloud/updater/index.php
Line:1062

2022-10-24T19:08:54-0400 y1EHQFlaCl [info] rollbackChanges(“10”)
2022-10-24T19:08:54-0400 y1EHQFlaCl [info] unlink .step
2022-10-24T19:08:54-0400 y1EHQFlaCl [info] rollbackChanges - step >= 7
2022-10-24T19:08:54-0400 y1EHQFlaCl [info] end of rollbackChanges()

I am not sure why it’s getting stuck here… any ideas?

Thanks,

Normally with Docker you don’t need to run the updater. It starts the update in the background when you load the new image.

What’s your Docker config?

Docker images are pulled. You should not ever be using the built-in Nextcloud updater if you are using Docker containers.

If you are worried about being on an older version you’ll want to pull the 23 image, then 24 then 25.

1 Like

Hello,

That’s what I thought. The docker image pulls do not update to the latest CU, and NC was telling me I was out of date and on a unsupported version.

Hello,

I pull docker image containers quite regularly, and the NC version stays on the same release regardless of the docker container I noticed. I thought the same thing, updating the container would grab the most recent version of NC which it was not.

I confirmed the same result with another person with the same setup I often speak with that has NC docker deployed, and that user was also out of date.
They were on a more recent built of NC so they didn’t encounter the concerns I had as of recent, it’s quite the troubleshooting event to update to the latest version of NC I must say, takes some time and digging.

I got past the updater concern tonight, it was a ‘strange fix’ to say the least.

The next concern is regarding the SQL database, but I may have a handle on that, its regarding how NC sets the db schema, which is a known bug in versions of SQL
it uses a COMPRESSED row format which causes NC updates not to process and requires to be changed to DYNAMIC

May break on it for tonight and work some more on it tomorrow.

That’s why I asked to see your Docker config. It should be pulling the new one when you update, unless you have a particular tag set.

You will actually need to change your tag so that you don’t accidentally update more than one major version at a time which is not supported.

Hello,

My apologies I missed responding to that.
NC is pulling from the repository: linuxserver/nextcloud
I hope that’s the information you were looking for?

If you need me to dig down some more, please feel free to ask and I’ll have another peak :slight_smile:

I noticed that when running the updater, it looks like it pulls incremental updates as I couldn’t get to the same one as the other user I was speaking with… on the first pass that is. However I am halted at a db concern to address first before the next CU installs for NC.

Thank you,

Ah… okay, that’s not the official Docker image. It says on hub.docker.com that it’s version 25, but who knows.

Their doc actually does say to use the web GUI updater. You may need to get in touch with them for help. I don’t know how to troubleshoot their modified Docker image.

Hello,

Oh that’s interesting. Thanks for pointing that out
I see that now @ lscr.io/linuxserver/nextcloud:latest

Yes, it was a fluke I found this out as I attempted to log into NC with another device and got a warning prompt, and said the exact same thing (as I update docker images regularly). Then the rabbit hole of concerns began :slight_smile:

I appreciate all the feedback, slowly but surely I hope I can resolve the SQL concern with the NC db and move forward getting this up-to-date.

Thank you

Currently checking against that I am also seeing another ‘official’ repository @ library/nextcloud:latest
lscr.io/linuxserver/nextcloud

another modified one
nextcloud/all-in-one:latest

quite a mix out there!

The official image is just “nextcloud” and the AIO project is “nextcloud/all-in-one”. I’ve never personally heard of lscr.io.

In any case, I wouldn’t try changing the image without doing a full blow migration.

Hey,

Ah gotcha. lscr.io was on that web link you posted earlier, perhaps I misunderstood.

Oh for sure, I am going to be steady as she goes and get up to snuff with this docker image and version of NC and relax once I am good and this is done and out of the way. I ran into many concerns with attempting to fix this update. The nice thing is the backup and restore process of the docker takes seconds if the instance breaks within processing any update changes which is SUPER handy.

Hope I make it past these hiccups and now knowing how the docker container is separate from the NC updates, I will be sure to setup a maintenance schedule for this along with the other tasks.

The updater fix was ridiculous, basically at the step I was stuck at you have to keep hitting ‘retry’ for little bits of data to process. It seemed to be a bug or permission thing that was causing it

/var/www/html/updater/updater.phar/lib/Updater.php on line 871

which equates to in my case
data/updater-xxxxxxxxxx/downloads/nextcloud/lib/l10n

if you keep hitting retry (took me approx. 40x times) and you have that data directory open while doing it, you see files and folders processing (disappearing from the DIR) and eventually the update process’s. so weird!

I thought I was at the finish line, until the db halted me processing the installation of the update, I seem to be in a better spot then I was and at least have some take-aways from this whole update process!

If you are having trouble with Linuxserver.io images you will want to ask them on their Discord or forum. That is what their website recommends…
LinuxServer.io
https://discourse.linuxserver.io/

1 Like

Hello,

Appreciate that good looking out.
Currently using: linuxserver/nextcloud
more work to come to resolve this concern :slight_smile:

going to post this as ‘resolved’ for the time being as this concern itself was not resolved, and moved to another db instance that may work better with NC moving forward