've created it through the let's encrypt plugin but i needed to adapt my nginx conf manually. Enabling it in the webgui did not activate it properlly.
NextCloud Installation Q & A
-
- OMV 3.x
- tinh_x7
-
-
Seems you made a mistake. At least the nginx conf file has errors. If you need to adapt it manually then something is fishy and you should recheck the process.
-
Yes, also my opinion.. I think i've made an error with the servername/domain. This needs to be the same in your nginx conf and let's encrypt plugin i think? Is there something else i need to pay attention to before generating a certificate?
-
You need a domain
That's most important. A dyn one is enough. (If you use the box only in a local network then letsencrypt isn't for you and you should go for a self signed cert [with all its disadvantages] ). -
Yes, I have a domain from no-ip. I've set it in the server_name in nginx and in LE (certificate name and domain. Meybe i've overlooked something.. I'll take another look this rvening
-
In LE the web root is
/var/www/openmediavault/
the domain your noip domainIn nginx extra options the server_name is your noip domain.
The rest as described in this thread. -
In LE the web root is
/var/www/openmediavault/
the domain your noip domainIn nginx extra options the server_name is your noip domain.
The rest as described in this thread.Yes, i've done it in that way. Only other thing i have changed in nginx options is the access permission for the '.well-known' directory otherwise i received a 403 permission denied error.
I added these lines before generating certificate ;
location ^~ /.well-known/ {
[*]allow all;
[*]root /var/www/openmediavault;
[*]try_files $uri =404;
[*]} -
Just to recap on 404 Not Found issue
if you get something like this:
2018/04/11 14:34:03 [error] 2292#0: *1057 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.168.1.100, server: , request: "GET /setup-nextcloud.php HTTP/1.1", upstream: "fastcgi://unix:/run/fpm-32a2476e-7999-4df4-99b9-53432153b9b2.sock:", host: "192.168.1.27:81"
with file name that you are looking for that can be sorted with changing PHP Default seting turning ON and OFF, strangely i had to try few times, and for me it works with setting turned ON.
if you get something like this:
2018/04/10 18:39:24 [error] 29588#0: *4 open() "/srv/dev-disk-by-id-md-name-openmediavault-0/www/nextcloud/robots.txt" failed (13: Permission denied), client: 192.168.1.100, server: , request: "GET /robots.txt HTTP/1.1", host: "192.168.1.27:90"
or
2018/04/11 07:26:17 [crit] 23485#0: *4 stat() "/srv/dev-disk-by-id-md-name-openmediavault-0/www/nextcloud/favicon.ico" failed (13: Permission denied), client: 192.168.1.100, server: , request: "GET /favicon.ico HTTP/1.1", host: "192.168.1.27:81"20
that is permission issue, www-data:www-data has to have permission on entire path to Nextcloud folder. you can chek that by issiuing:
sudo -g www-data stat /path/to/your/nextcloud
for group and
sudo -u www-data stat /path/to/your/nextcloud
for user
I had
root@openmediavault:~# sudo -u www-data stat /srv/dev-disk-by-id-md-name-openmediavault-0/www/nextcloudstat: cannot stat '/srv/dev-disk-by-id-md-name-openmediavault-0/www/nextcloud': Permission denied
for user
and
root@openmediavault:~# sudo -g www-data stat /srv/dev-disk-by-id-md-name-openmediavault-0/www/nextcloud
File: /srv/dev-disk-by-id-md-name-openmediavault-0/www/nextcloudSize: 432 Blocks: 0 IO Block: 4096 directory
Device: 2ch/44d Inode: 319444 Links: 1
Access: (2775/drwxrwsr-x) Uid: ( 33/www-data) Gid: ( 33/www-data)
Access: 2018-04-15 20:27:24.195046030 +0200
Modify: 2018-03-31 19:52:47.175290573 +0200
Change: 2018-04-15 21:47:41.786165039 +0200
Birth: -
for group
the solution is to change permission for each folder in the path:
chmod +x /path
chmod +x /path/to
chmod +x /path/to/your
chmod +x /path/to/your/nextcloud
you can use g+x for group and u+x for user
unfortunately for me none of those worked and i have created new place for nextcloud, it doesnt have to be in www folder. -
You don't need to do all that.
As long you have www-data:ww-data, and chmod 755 for Nextcloud directory, it should work fine.
-
I've followed your guide and I can access nextcloud locally via http How do I get it to work with lets encrypt (Https) - Have a domain :)? Can not find it anywhere in the guide besides you say it easily
-
I've followed your guide and I can access nextcloud locally via http How do I get it to work with lets encrypt (Https) - Have a domain :)? Can not find it anywhere in the guide besides you say it easily
I think it's easier to troubleshoot if you would describe the problem you are facing a little bit more. Did you activate SSL and created a certificate like it's written in chapter 1f?
-
Yes, i've done it in that way. Only other thing i have changed in nginx options is the access permission for the '.well-known' directory otherwise i received a 403 permission denied error.I added these lines before generating certificate ;
location ^~ /.well-known/ {
allow all;
root /var/www/openmediavault;
try_files $uri =404;
}Okay, I had made a stupid error. The root of my nextcloud was not /var/www/openmediavault but /srv/XXXX (my external drive pool).
Anyway, to sum things up: I changed openmediavault to another port and put nextcloud on 80 (no need anyway for openmediavault to be externally available or not through https anyway). So I followed the guidelines for letsencrypt and everything works now with ssl certificate :-).
-
Yesterday I upgraded to OMV4. Everything works fine except for nextcloud. When I try to open the nextcloud page I get
CodeInternal Server Error The server encountered an internal error and was unable to complete your request. Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report. More details can be found in the server log.
Does anybody has the same issue or a clue how I can troubleshoot this?
-
Check your Nextcloud dir permissions, and vhost config.
-
Check your Nextcloud dir permissions, and vhost config.
My permissions are
drwxrwsr-x+ 14 www-data www-data 4.0K May 7 20:22 nextcloudand the Extra Options of nginx
Code
Alles anzeigenadd_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; # add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; location = /robots.txt { log_not_found off; allow all; access_log off; } # The following 2 rules are only needed for the user_webfinger app. # Uncomment it if you're planning to use this app. #rewrite ^/.well-known/host-meta /public.php?service=host-meta last; #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json # last; location = /.well-known/carddav { return 301 $scheme://$host/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host/remote.php/dav; } location ^~ /.well-known/acme-challenge/ { } # set max upload size client_max_body_size 50G; fastcgi_buffers 64 4K; # Disable gzip to avoid the removal of the ETag header gzip off; # Uncomment if your server is build with the ngx_pagespeed module # This module is currently not supported. #pagespeed off; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location / { rewrite ^ /index.php$uri; } location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { deny all; } location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { deny all; } location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) { fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param HTTPS on; #Avoid sending the security headers twice fastcgi_param modHeadersAvailable true; fastcgi_param front_controller_active true; fastcgi_pass $socket; fastcgi_intercept_errors on; } location ~ ^/(?:updater|ocs-provider)(?:$|/) { try_files $uri/ =404; index index.php; } # Adding the cache control header for js and css files # Make sure it is BELOW the PHP block location ~* \.(?:css|js|woff|svg|gif)$ { try_files $uri /index.php$uri$is_args$args; add_header Cache-Control "public, max-age=7200"; add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; # add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; # Optional: Don't log access to assets access_log off; } location ~* \.(?:png|html|ttf|ico|jpg|jpeg)$ { try_files $uri /index.php$uri$is_args$args; # Optional: Don't log access to other assets access_log off; }
Sorry. I just saw that this tutorial doesn't work with php7. Maybe I should try the nextcloud docker image.
I really appreciate your work here but I don't want to spend hours maintaining a private cloud in my free time. -
This tutorial does work with PHP7.
It slightly different between OMV3 and OMV4. -
Hallo,
where you can customize the configuration for mywebsql so that files larger than 25 MB can be uploaded.
Thanks for your help
-
-
Hey!
Which user is used to write in the data path? Nextcloud tells me :
Your data directory is not writable
I tried www-data and my own user as owner and gave it full permission on the data folder.
edit: error log shows this:
"remoteAddr":"[IP-adress]","user":"--"... tried to connect...
It seems no user is used to try to access the site.
Please help me!
-
Hey!
Which user is used to write in the data path? Nextcloud tells me :
I tried www-data and my own user as owner and gave it full permission on the data folder.
edit: error log shows this:
It telling you that the owner of the Nextcloud dir doesn't have write permission.Double check it.
Or you can start a clean installation.
Jetzt mitmachen!
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!