Over the past week we have seen a huge slow-down and can’t see what is causing it. Originally it was on NC v21 and slowed down, so some users were seeing 50+ seconds to get to the password list.
Today I upgraded to NC v23 and after a restart of the container set it performed well to begin with. Then it got gradually slower. If I look in dev tools on Chrome I can see the call to
/apps/passwords/api/1.0/session/open taking 26s and a further 26s to
You are missing the required support template. Please fill this form out and edit into your post.
This will give us the technical info and logs needed to help you! Thanks.
What are your actual server specs? What kind of hardware?
- arm64 or x86-64
- are you using a Raspberry Pi? If so, it supplies only the bare minimum specs as of Model 4.
- How much RAM
- If less than 4gb ram by itself, that is horrible.
- How fast is your network speed?
- If only xx mb/s of speed, you are hurting.
- Please do not run your server over wifi. Very very slow.
- Upgrade your network to wired gigabit if you can. Will greatly increase speeds.
- External networking speeds will be hampered by your actual ISP speeds.
- What kind of disks?
Spinning sata is fair
USB 2.0 external spinning drive garbage
Micro-SD card garbage
eMMC is not good
USB 3.0 external drive is fair for light usage
- How many users?
- Are you using one of the office suites?
- Collabora CODE, OnlyOffice, etc?
- If so, less than an additional two cores and additional 4gb ram is horrible.
- Are you running other services on the same machine?
- Matrix, Jellyfin, Jitsi, ?
- If yes, you’ll need even more ram, etc.
Nextcloud version (eg, 20.0.5):
Nextcloud Hub II (23.0.5)
Operating system and version (eg, Ubuntu 20.04):
Debian (buster) 4.19.0-10-amd64 x86_64
Apache or nginx version (eg, Apache 2.4.25):
PHP version (eg, 7.4):
The issue you are facing:
Is this the first time you’ve seen this error? Yes:
Steps to replicate it:
Just use Nextcloud.
This is strange. Whilst gathering this information, the system is performing normally??? This is how end users feel when they ask me a question
I think it’s best I close this an revisit after monitoring it some more.
Don´t blame the user first shot. Take a look at the DevTools in Chromium. Seems something in NextCloud uses a depricated jQuery function:
jQuery is deprecated: The global jQuery is deprecated. It will be removed in a later versions without another warning. Please ship your own.
Seems to have something to do with fonts:
"Refused to load the font 'https://fonts.gstatic.com/s/mulish/v11/1Ptvg83HX_SGhgqk3wot.woff2' because it violates the following Content Security Policy directive: "font-src 'self' data:"."
Rest of Nextcloud apps runs smooth and fast, except Passwords … just saying
p.s I use NC 24.0.2
@DeRaafMedia do you need to start your own topic? This one is solved and was not started by you.
No I’m saying you went straight to blaming user hardware and config as the problem. But the comment clearly had the line:
Pretty sure the hardware isn’t at fault is got 96GB ram and 48 shows free. load average: 0.91, 1.06, 1.33
Not the fastest on the street
CPU: 2x 6-Core Intel Xeon E5649 (-MT MCP SMP-) speed/min/max: 2486/1600/2533 MHz Kernel: 4.19.0-10-amd64 x86_64
Up: 649d 21h 35m Mem: 47034.1/96667.4 MiB (48.7%) Storage: 4.91 TiB (10.2% used) Procs: 932 Shell: zsh 5.7.1 inxi: 3.0.32
I’ll put together a proper support form, but this isn’t a nextcloud issue. Many of the other features are fine, group folders, deck etc. It’s just passwords that seem very laggy.
If that happens again, check the bruteforce table of Nextcloud. If the NC bruteforce protection has been triggered, all requests to the passwords api will be slowed down.
If you Nc can’t differentiate between individual users (e.g. when all requests come from a proxy and NC isn’t configured to trust the forwarded ip header), any client with invalid credentials can trigger the bruteforce protection for all users.
Refused to load the font 'https://fonts.gstatic.com/s/ibmplexsans/v8/zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2' because it violates the following Content Security Policy directive: "font-src 'self' data:".
NcMultiselect.js:2 Refused to load the font 'https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdP3pBms.woff2' because it violates the following Content Security Policy directive: "font-src 'self' data:".
NC writes its own CSP now. That could conflict with CSP that is added to apache or nginx.
Latest stable 25.0.2 has this error also:
default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-c3RwRVZUbDkxdlkzRDJTajJtUUNkdENMNkQ4a0NFRkdPUmN1TGU4SjdDbz06dzRNS0Yyb3R0WkZjUUFyUGxnWkRUN0drbzMxQmV5MG5kVU4wYnRsOTNtOD0=' blob:;style-src 'self' 'unsafe-inline';img-src 'self' data: blob: https://*.tile.openstreetmap.org;font-src 'self' data:;connect-src 'self' blob: turn7.XXXXXX.eu:443 turn7.XXXXXX.eu;media-src 'self' blob:;frame-src 'self';child-src blob: 'self';frame-ancestors 'self';worker-src blob: 'self';form-action 'self'
You can see: font-src ‘self’ data: https://fonts.gstatic.com is missing.
And there are still very much script warnings.
“$ is deprecated: The global jQuery is deprecated. It will be removed in a later versions without another warning. Please ship your own.”
The passwords app does not load fonts from google. It also doesn’t add openstreetmap to the CSP.
If you’re experiencing slowdowns while using the maps app, take a look at these tickets:
The maps app apparently tries to load a huge amount of photos with no limits. That can bring any browser and server down