Version and Port Problem with Nextcloud

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP)
#1

Hello,

I ran my nextcloud on port 63222 and everything was working great.
I now switched (or wanted to at least) to 443 so I can make use of Let’s Encrypt and don’t need manually get my cert working.

Im facing the issue that I now have 2 instances of nextcloud and cannot get the one which has all my configuration to show up at port 443.

Unter port 63222 I get my install on Version 19.0.0 (i just updated today)
On port 443 I get a totally different unconfigured version 18.0.4 however…

Can anyone tell me how to get rif of the unconfigured instance and have my standard instance run on 443 instead of 63222?

I took a look at /var/www/nextcloud/config/config.php and /var/www/nextcloud/version.php and there it shows the correct 19.0.0 and I dont see other config files for a second instance…

PS: im running apache 2.4.29 and its a VM from https://www.hanssonit.se/nextcloud-vm/

#2

Do you use Apache2 or Nginx? Search in the configuration “63222” and change it to “443”. Deactivate the old 443. Look at the paths in in your virutal webservers. With “certbot” normally the Bot uses the 80-apache2-configuration and add a 443-letsencrypt-apache2-configuration for the same paths. Perhaps you can first use port 80 for your old nextcloud-path and then use “certbot”.

#3

Inside the config there is no port mentioned so I cannot change anything there.
I set up Let’s Encrypt via

  • sudo nextcloud.enable-https lets-encrypt

so no certbot as far as I know (i may be wrong though)

I had the port set in Webmin for apache virtual host but I changed that already.
But then I can only access the unconfigured “fresh” instance on port 443…

#4

Where do you configure 63222 ? Please post configuration entry.

#5

currently nowhere that is why I’m confused…
I have port forwarding in my router (external 63222 to internal 63222 for this VM)
I have forwared 80 & 443 as well so Let’s Encrypt will work.

In Webmin I had the Port for my virutal server inside the Apache configuration set to 63222 but I changed that back to “default”.

#6

Ok in this VM you use the port 63222.
Which software is in the VM installed: apache2?
Please search your apache2-configuration /etc/apache2/sites-available

Look also /etc/apache2/sites-available in the vm.
Post the list of files and search for listen ports.

#7

ok inside /etc/apache2/sites-available/default-ssl.conf
there was the 63222 set which I now changed back to 443
No I cannot access the 63222 instance but only the default 18.0.4 which has no config…

#8

there is a nextcloud_tls_domain_self_signed.conf which seems to be my configuration with the correct directory and such but the default-ssl.conf seems to be the only one working…

#9

If you habe two instances then you must have two different folders like /var/www/html/nextcloud and /var/www/html/nc , different tables in MariaDB and/or different VMs, … Please post details.
I think for using 443 for the old 63222 instance you must configure the port forwarding to your vm new and correct e.g. 443:443 ??? But then you do not use the lets encrypt certificate. you must change it, too perhaps with “certbot”.

#10

the only directory that I know of is /var/www/nextcloud
here is the output of ls -la /var/www/

html/ index.php nextcloud/

There is only 1 VM which I got from https://www.hanssonit.se/nextcloud-vm/

in terms of port forwarding I have 3 ports forwarded right now

  • 80 -> 80
  • 443 -> 443
  • 63222 -> 63222
#11

Ok. Search:
find /var/www -name "config.php"

Post:
ls /etc/apache2/sites-available

1 Like
#12

find /var/www -name “config.php”

/var/www/nextcloud/apps/files_external/lib/config.php
/var/www/nextcloud/config/config.php

ls /etc/apache2/sites-available

000-default.conf
default-ssl.conf
nextcloud_http_domain_self_signed.conf
nextcloud_tls_domain_self_signed.conf

I found that inside of /etc/apache2/ports.conf 63222 was used instead of 443 but when I change those back apache service will not start up becuase of

Unit apache2.service has begun starting up.
nextcloud apachectl[2600]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
nextcloud apachectl[2600]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
nextcloud apachectl[2600]: no listening sockets available, shutting down
nextcloud apachectl[2600]: AH00015: Unable to open logs
nextcloud apachectl[2600]: Action ‘start’ failed.
nextcloud apachectl[2600]: The Apache error log may have more information.
nextcloud systemd[1]: apache2.service: Control process exited, code=exited status=1
nextcloud systemd[1]: apache2.service: Failed with result ‘exit-code’.
nextcloud systemd[1]: Failed to start The Apache HTTP Server.

#13

Yes. you must stop the other service on port 443:

Search the service. Perhaps you must install “lsof” if not installed.

lsof -i | fgrep https
lsof -Pnl +M -i4
1 Like
#14

I get the same error for port 80 as well but here is the output for https

lsof -i | fgrep https

httpd 3401 root 6u IPv6 227651 0t0 TCP *:https (LISTEN)
httpd 3402 root 6u IPv6 227651 0t0 TCP *:https (LISTEN)
httpd 3403 root 6u IPv6 227651 0t0 TCP *:https (LISTEN)
httpd 3404 root 6u IPv6 227651 0t0 TCP *:https (LISTEN)
httpd 4778 root 6u IPv6 227651 0t0 TCP *:https (LISTEN)

lsof -Pnl +M -i4

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
systemd-r 1464 101 12u IPv4 21022 0t0 UDP 127.0.0.53:53
systemd-r 1464 101 13u IPv4 21023 0t0 TCP 127.0.0.53:53 (LISTEN)
postgres 1977 111 7u IPv4 27522 0t0 TCP 127.0.0.1:5432 (LISTEN)
postgres 1977 111 12u IPv4 28775 0t0 UDP 127.0.0.1:53040->127.0.0.1:53040
postgres 2305 111 12u IPv4 28775 0t0 UDP 127.0.0.1:53040->127.0.0.1:53040
postgres 2306 111 12u IPv4 28775 0t0 UDP 127.0.0.1:53040->127.0.0.1:53040
postgres 2307 111 12u IPv4 28775 0t0 UDP 127.0.0.1:53040->127.0.0.1:53040
postgres 2308 111 12u IPv4 28775 0t0 UDP 127.0.0.1:53040->127.0.0.1:53040
postgres 2309 111 12u IPv4 28775 0t0 UDP 127.0.0.1:53040->127.0.0.1:53040
postgres 2310 111 12u IPv4 28775 0t0 UDP 127.0.0.1:53040->127.0.0.1:53040
mdns-publ 2396 0 5u IPv4 58356 0t0 UDP *:5353
nmbd 4115 0 15u IPv4 1813909 0t0 UDP *:137
nmbd 4115 0 16u IPv4 1813910 0t0 UDP *:138
nmbd 4115 0 17u IPv4 1813921 0t0 UDP 192.168.1.8:137
nmbd 4115 0 18u IPv4 1813922 0t0 UDP 192.168.1.255:137
nmbd 4115 0 19u IPv4 1813923 0t0 UDP 192.168.1.8:138
nmbd 4115 0 20u IPv4 1813924 0t0 UDP 192.168.1.255:138
smbd 4215 0 34u IPv4 1834814 0t0 TCP *:445 (LISTEN)
smbd 4215 0 35u IPv4 1834815 0t0 TCP *:139 (LISTEN)
sshd 4234 0 3u IPv4 1818750 0t0 TCP *:22 (LISTEN)
netdata 4297 999 4u IPv4 1842784 0t0 TCP *:19999 (LISTEN)
netdata 4297 999 42u IPv4 1891026 0t0 UDP 127.0.0.1:8125
netdata 4297 999 54u IPv4 1891031 0t0 TCP 127.0.0.1:8125 (LISTEN)
miniserv. 4442 0 7u IPv4 1842896 0t0 TCP *:10000 (LISTEN)
miniserv. 4442 0 8u IPv4 1842897 0t0 UDP *:10000
smbd 4866 33 37u IPv4 1905520 0t0 TCP 192.168.1.8:445->192.168.1.2:53289 (ESTABLISHED)
smbd 4918 0 37u IPv4 1906751 0t0 TCP 192.168.1.8:445->192.168.143.104:65112 (ESTABLISHED)
sshd 5130 0 3u IPv4 1907765 0t0 TCP 192.168.1.8:22->192.168.143.104:65139 (ESTABLISHED)
sshd 5301 1000 3u IPv4 1907765 0t0 TCP 192.168.1.8:22->192.168.143.104:65139 (ESTABLISHED)

#15

Please post details in
/proc/3401/cmdline
/proc/3402/cmdline
/proc/3403/cmdline
/proc/4778/cmdline

1 Like
#16

cat /proc/3401/cmdline

httpd-d/snap/nextcloud/21026-DEnableHTTPS-DEnableHSTS-kstart-DFOREGROUNDroot@nextcloud:/proc/3401#

cat /proc/3402/cmdline

httpd-d/snap/nextcloud/21026-DEnableHTTPS-DEnableHSTS-kstart-DFOREGROUNDroot@nextcloud:/proc/3401#

cat /proc/3403/cmdline

httpd-d/snap/nextcloud/21026-DEnableHTTPS-DEnableHSTS-kstart-DFOREGROUNDroot@nextcloud:/proc/3401#

cat /proc/4778/cmdline

httpd-d/snap/nextcloud/21026-DEnableHTTPS-DEnableHSTS-kstart-DFOREGROUNDroot@nextcloud:/proc/3401#

as I am seeing “snap” in there could there be a second install of nextcloud on this VM? the one that comes preloaded from the VM and a “snap Version” that got installed somehow? Maybe as I used nextcloud.enable-https lets-encrypt to setup Let’s encrypt? (I think there are 2 ways to get nextcloud to install)

#17

I found this as well:

snap info nextcloud

name: nextcloud
summary: Nextcloud Server - A safe home for all your data
publisher: Nextcloudâ
store-url: https://snapcraft.io/nextcloud
contact: https://github.com/nextcloud/nextcloud-snap
license: unset
description: |
Where are your photos and documents? With Nextcloud you pick a server of your choice, at home, in
a data center or at a provider. And that is where your files will be. Nextcloud runs on that
server, protecting your data and giving you access from your desktop or mobile devices. Through
Nextcloud you also access, sync and share your existing data on that FTP drive at school, a
Dropbox or a NAS you have at home.
commands:

  • nextcloud.disable-https
  • nextcloud.enable-https
  • nextcloud.export
  • nextcloud.import
  • nextcloud.manual-install
  • nextcloud.mysql-client
  • nextcloud.mysqldump
  • nextcloud.occ
    services:
    nextcloud.apache: simple, enabled, active
    nextcloud.mdns-publisher: simple, enabled, active
    nextcloud.mysql: simple, enabled, active
    nextcloud.nextcloud-cron: simple, enabled, active
    nextcloud.nextcloud-fixer: simple, enabled, inactive
    nextcloud.php-fpm: simple, enabled, active
    nextcloud.redis-server: simple, enabled, active
    nextcloud.renew-certs: simple, enabled, active
    snap-id: njObIbGQEaVx1H4nyWxchk1i8opy4h54
    tracking: latest/stable
    refresh-date: 7 days ago, at 01:24 CEST
    channels:
    latest/stable: 18.0.4snap2 2020-05-26 (21026) 244MB -
    latest/candidate: â
    latest/beta: 18.0.4snap2+git2.ecd53ef 2020-05-27 (21161) 244MB -
    latest/edge: master-2020-06-03 2020-06-03 (21290) 247MB -
    18/stable: 18.0.4snap2 2020-05-26 (21026) 244MB -
    18/candidate: â
    18/beta: â
    18/edge: 18-2020-06-03 2020-06-03 (21289) 245MB -
    17/stable: 17.0.6snap1 2020-05-03 (20616) 229MB -
    17/candidate: â
    17/beta: â
    17/edge: 17-2020-06-03 2020-06-03 (21293) 229MB -
    16/stable: 16.0.9snap1 2020-05-03 (20623) 225MB -
    16/candidate: â
    16/beta: â
    16/edge: 16-2020-06-03 2020-06-03 (21288) 226MB -
    15/stable: 15.0.14snap1 2020-01-20 (18374) 216MB -
    15/candidate: â
    15/beta: â
    15/edge: â
    14/stable: 14.0.10snap1 2019-05-04 (13208) 202MB -
    14/candidate: â
    14/beta: â
    14/edge: â
    13/stable: 13.0.12snap1 2019-05-03 (13155) 193MB -
    13/candidate: â
    13/beta: â
    13/edge: â
    12/stable: 12.0.13snap1 2019-01-07 (10632) 206MB -
    12/candidate: â
    12/beta: â
    12/edge: â
    11/stable: 11.0.8snap1 2018-05-10 (6942) 202MB -
    11/candidate: â
    11/beta: â
    11/edge: â
    installed: 18.0.4snap2 (21026) 244MB -
#18

Deactivate or delete the snap-version of your apache2/php/mariadb/nextcloud … (uses port 443). Then start your normal apache2 again with port 443.

I hate SNAP.
I like Debian without SNAP.

1 Like
#19

ok I ran “snap disable nextcloud”

nextcloud disabled

we are getting there I think :wink:
Next chrome & firefox tell me there is HSTS enabled and I cannot access the site since the certificate is back to the old one which is expired.

but I checked and

nano nextcloud_tls_domain_self_signed.conf

shows

<VirtualHost *:443>
#Header always add Strict-Transport-Security “max-age=15768000; includeSubDomains; preload”
SSLEngine on

so why does it say HSTS is still on?

#20

Perhaps you can configure apache2 to use first with http and not with https.
Does it work with http ? Delete or rename/deactivate/backup https configuration in apache2. Restart apache2.

If all fine and only http works, read the part for Lets Encrypt: