Trying to set up a server (FreeBSD)

Hello,
I’ve been trying to set up a Nextcloud server in a Freenas 11.1 jail using Apache and MariaDB for several days, and I’ve been experiencing issues.
At first, I’ve managed to set it up (with http), yet as soon as I enabled memory caching (with php apcu) the server stopped working, only showing a blank screen.
At my next attempt I’ve managed to get it running without the cache, yet as soon as I tried encrypting it with a self-certificate SSL it stopped working again.
At my third attempt I’ve managed to use SSL without the cache, and the cache without SSL, but enabling both does not work…
I’m new to this, and have not quite managed to figure out what went wrong. I’d appreciate your help!
I’m using apache2.4, php 7.2 and mariaDB 10.2 with FreeBSD 11.1 and Nextcloud 13

Hi dkd,

I wrote (for myself) a little memo about pretty much the same environment.
Considering Apache/PHP/DB is already installed and working, here is the excerpt relevant to your question :

PART 6 : NEXTCLOUD INSTALL

First, install nextcloud from ports (portmaster or another tool you like) :
portmaster www/nextcloud

Adjust the permissions :
chown -R www:www /usr/local/www/nextcloud

Restart Apache :
apachectl graceful

Redirect http to https to force SSL :
vim /usr/local/etc/apache24/extra/httpd-vhosts.conf

<VirtualHost :80>
ServerName nextcloud.domain.fr
DocumentRoot "/usr/local/www/nextcloud"
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.
) https://%{SERVER_NAME}/$1 [R=301,L]
< /VirtualHost>

Add a VirtualHost/SSL :
vim /usr/local/etc/apache24/extra/httpd-ssl.conf

<VirtualHost *:443>
ServerName nextcloud.domain.fr
DocumentRoot "/usr/local/www/nextcloud"
SSLEngine on
SSLCertificateFile "/usr/local/etc/letsencrypt/…/cert.pem"
SSLCertificateKeyFile "/usr/local/etc/letsencrypt/…/privkey.pem"
SSLCertificateChainFile “/usr/local/etc/letsencrypt/…/fullchain.pem”
<FilesMatch “.(cgi|shtml|phtml|php)$”>
SSLOptions +StdEnvVars
< /FilesMatch>
BrowserMatch “MSIE [2-5]”
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
<Directory “/usr/local/www/nextcloud/”>
Options -Indexes
AllowOverride All
Require all granted
< /Directory>
< /VirtualHost>

Then take care about nextcloud database :
This will create a database called nextcloud and a MySQL user called nextcloud with password…well password, so replace the values to suit your needs :
mysql -u root -p

CREATE DATABASE nextcloud;
CREATE USER ‘nextcloud’@‘localhost’ IDENTIFIED BY ‘yourpassword’;
GRANT ALL ON nextcloud.* TO ‘nextcloud’@‘localhost’;
FLUSH PRIVILEGES;
exit

Restart Apache :
apachectl graceful

Go to URL :
https://nextcloud.domain.fr/
You should reach Nextcloud’s config page.
Fill the fields, pretty easy.

And, after that, don’t forget :
The nextcloud 13.0.1 package changes the location of the bundled apps.
After updating to 13.0.1 you MUST adapt your configuration. You MUST
add an additional entry to the “apps-paths” array in config/config.php :

cd /usr/local/www/nextcloud
su -m www -c “php ./occ config:import < /usr/local/share/nextcloud/fix-apps_paths.json”

For better performances, Nextcloud recommends to adapt the php.ini file :
vim /usr/local/etc/php.ini

opcache.enable=1
opcache.enable_cli=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.revalidate_freq=1
opcache.save_comments=1

Restart Apache :
apachectl graceful
And you’re done :slight_smile:


Léo.

Hello Léo, and thank you for your response!
First, I was able to get the server up and running - installing from ports rather than a zip file seems to have done it. Thank you!
However, memory cache is still not working (I have changed the settings in php.ini) and the site only works in http, despite setting up https (I used a self signed certificate using OpenSSL) - it refuses to connect with https.
I’ve tried searching logs for any error (/var/log/httpd-access/error.log and nextcloud.log - which is empty) and could not find any error message. The only error message I’ve seen is “kldload: can’t load accf_http: Operation not permitted” when running apachectl status.
EDIT: managed to access the server using https, but it now says I don’t have permission to access the directory ( [Forbidden You don’t have permission to access / on this server]) .
The only error I’ve found is in /var/log/httpd-error.log - AH01630: client denied by server configuration: /usr/local/www/nextcloud/favicon.ico
I’d really appreciate your help in setting up SSL and the memory cache.

Hi dkd,

Sorry for my late answer.
If you didn’t figure it out by now, please tell me what’s the output of :
kldload accf_http

Regarding the permissions and https, I would say that’s a VirtualHost problem. How did you setup them (http and https virtual hosts) ?

Finally, for memcache, I recommend to fix the first two problems, and leave that one for after :slight_smile:


Léo.

Hello Léo,
I’ve reverted to a previous snapshot as I had made a lot of configuration errors, and now the ‘kldload accf_http’ stopped showing.
Currently, apache works on http (I’ve tested before setting up redirection) but adding /nextcloud after the IP did not lead me to the setup screen…
as to https, redirection works but I’ve been getting a ‘connection refused’ in the web browsers, and the only error I could find is ‘AH00094: Command line: ‘/usr/local/sbin/httpd -D NOHTTPACCEPT’’ in /var/log/httpd-error.log I’ve set the VirtualHost configurations in /usr/local/etc/apache24/extra/httpd-vhosts.conf for http and in /usr/local/etc/apache24/extra/httpd-ssl.conf for https rather than a seperate host file ( I also uncommented them in /usr/local/etc/apache24/httpd.conf).
My httpd-vhosts.conf:
<VirtualHost *:80>
DocumentRoot "/usr/local/www/nextcloud"
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.) https://%{SERVER_NAME}/$1 [R=301,L]
ServerName 192.168.1.20
ErrorLog "/var/log/http-error_log"
CustomLog “/var/log/http-access_log” common

And my httpd-ssl.conf:

<VirtualHost *:443>
ServerName 192.168.1.20
DocumentRoot "/usr/local/www/nextcloud"
SSLEngine on
SSLCertificateFile "[my path to SSL crt file]"
SSLCertificateKeyFile “[my path to SSL key file]”

<FilesMatch .(cgi|shtml|phtml|php)$>
SSLOptions +StdEnvVars

BrowserMatch MSIE [2-5]
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
<Directory /usr/local/www/nextcloud/>
Options -Indexes
AllowOverride All
Require all granted

When starting apache, it also complains about not finding the nokeepalive command (‘Invalid command ‘nokeepalive’, perhaps misspelled or defined by a module not included in the server configuration’)

I’d really appreciate your help!