You can solve that by adding https://192.168.0.72:444/nextcloud/ to your trusted domains to the nextcloud config.php file.
Sorry for replying late, but i wasnt here for quite a while.
You can solve that by adding https://192.168.0.72:444/nextcloud/ to your trusted domains to the nextcloud config.php file.
Sorry for replying late, but i wasnt here for quite a while.
Sorry for replying late, but i wasnt here for quite a while.
No problem, it's a forum after all
You can solve that by adding https://192.168.0.72:444/nextcloud/ to your trusted domains to the nextcloud config.php file.
Thanks! I allready tried it. I also added '192.168.0.*' to the trusted domains. Now I don't get the "Access throug untrusted domain" message any more. But the page doesn't load either.
But obviously something happens because the adress bar changes to https://192.168.0.72/nextcloud/login.
I guess the problem has something to do with the swag container or witch the config.php. Maybe I'll try to reup the container without den swag part.
Hello team I followed the tutorial to install nextcloud. I have access to the first nextcloud configuration page But I still get this error :
"Error while trying to create admin user: Failed to connect to the database: An exception occurred in the driver: SQLSTATE[HY000] [1045] Access denied for user 'root'@'nextcloud.nextcloudapp_default' (using password: YES) "
I tried to do @gett's solution:
sudo docker exec -it nextclouddb bash
mysql -u root -p
MariaDB [(none)]> CREATE USER 'user' IDENTIFIED BY 'password';
CREATE DATABASE IF NOT EXISTS nextcloud;
GRANT ALL PRIVILEGES ON nextcloud.* TO 'user' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
exit
But I'm stuck after line 2 which asks me for the password of "root". Would someone be kind enough to tell me how to do it?
Hello.
I didn't experience such an issue...
But, to be sure, in the How-To is write:
Database password --> password which has been specified in the docker-compose file with MYSQL_ROOT_PASSWORD
so I think the password is the one you set in the docker-compose file.
so I think the password is the one you set in the docker-compose file.
It is but you can't use special character's like @% and sort. They won't be parsed properly.
By following the solution to bash the mariaDb and set the password there, you can use whatever character's you want.
But I'm stuck after line 2 which asks me for the password of "root". Would someone be kind enough to tell me how to do it?
As mentioned above, the root password needed when bashed to the mysql, is the one used on the YML but you can't have it with special characters.
Simplest way is to use a alpha-numeric password on the YML (aka, no special character's).
For eg:
- MYSQL_ROOT_PASSWORD=4lph4num3r1c
DO NOT USE:
- MYSQL_ROOT_PASSWORD=@£?pa$$w0r*
I am not using Nextcloud very often, but today it shows "This Nextcloud instance is currently in maintenance mode"
Most likely an update is currently running or it has failed. Check the log of the Nextcloud container.
I am not using Nextcloud very often, but today it shows "This Nextcloud instance is currently in maintenance mode"
Maybe a bad update?!?
How are you running NC? Linuxserver container?
If yes, you can either bash to it and run a occ command to set it to off.
occ maintenance:mode --off
Using the occ command — Nextcloud latest Administration Manual latest documentation
Or, edit the config.php since it's a line there.
maintenance=true or similar.
If NC is AIO or any other different install method, then I don't know the proper steps.
You will also need to figure out why it stayed on maintenance mode.
Alles anzeigenHello team I followed the tutorial to install nextcloud. I have access to the first nextcloud configuration page But I still get this error :
"Error while trying to create admin user: Failed to connect to the database: An exception occurred in the driver: SQLSTATE[HY000] [1045] Access denied for user 'root'@'nextcloud.nextcloudapp_default' (using password: YES) "
I tried to do @gett's solution:
sudo docker exec -it nextclouddb bash
mysql -u root -p
MariaDB [(none)]> CREATE USER 'user' IDENTIFIED BY 'password';
CREATE DATABASE IF NOT EXISTS nextcloud;
GRANT ALL PRIVILEGES ON nextcloud.* TO 'user' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
exit
But I'm stuck after line 2 which asks me for the password of "root". Would someone be kind enough to tell me how to do it?
There should be absolutely no reason to do this if you follow the various guides.
Or, edit the config.php since it's a line there.
maintenance=true or similar.
This worked perfect now how to update Nextcloud itself, I did update the app it also the log says?
───────────────────────────────────────
using keys found in /config/keys
**** The following active confs have different version dates than the samples that are shipped. ****
**** This may be due to user customization or an update to the samples. ****
**** You should compare the following files to the samples in the same folder and update them. ****
**** Use the link at the top of the file to view the changelog. ****
┌────────────┬────────────┬────────────────────────────────────────────────────────────────────────┐
│ old date │ new date │ path │
├────────────┼────────────┼────────────────────────────────────────────────────────────────────────┤
│ 2021-10-24 │ 2023-04-13 │ /config/nginx/nginx.conf │
│ │ 2024-01-03 │ /config/nginx/site-confs/default.conf │
│ 2022-08-20 │ 2023-08-13 │ /config/nginx/ssl.conf │
└────────────┴────────────┴────────────────────────────────────────────────────────────────────────┘
[custom-init] No custom files found, skipping...
[ls.io-init] done.
Alles anzeigen
I'll try my luck and add my issue here too...
I lately deployed Nextcloud based on the guide found here(on that forum), using the SWAG container.
When I deploy the nextcloud instance it get's a wrong certificate.
To deploy Nextcloud, I used the following config.
version: "2"
services:
nextcloud:
image: ghcr.io/linuxserver/nextcloud
container_name: nextcloud2
environment:
- PUID=1000 #change PUID if needed
- PGID=100 #change PGID if needed
- TZ=Europe/Berlin #change Time Zone if needed
volumes:
- /srv/dev-disk-by-uuid-d64bb55b-f232-4780-b261-77311ca2d8e3/DMS/next/config:/config
- /srv/dev-disk-by-uuid-d64bb55b-f232-4780-b261-77311ca2d8e3/DMS/next/data:/data
depends_on:
- mariadb
ports: # uncomment this and the next line if you want to bypass the proxy
- 8143:443
restart: unless-stopped
mariadb:
image: ghcr.io/linuxserver/mariadb
container_name: nextclouddb2
environment:
- PUID=1000 #change PUID if needed
- PGID=100 #change PGID if needed
- MYSQL_ROOT_PASSWORD=#password #change password
- TZ=Europe/Berlin #Change Time Zone if needed
volumes:
- /srv/dev-disk-by-uuid-d64bb55b-f232-4780-b261-77311ca2d8e3/DMS/next/db:/config
restart: unless-stopped
swag:
image: linuxserver/swag #swag is the replacement for letsencrypt (see link below)
container_name: swag2
cap_add:
- NET_ADMIN
environment:
- PUID=1000 #change PUID if needed
- PGID=100 #change PGID if needed
- TZ=Europe/Berlin # change Time Zone if needed
- URL=dms.thbcloud.de #insert your domain name - yourdomain.url
- SUBDOMAINS=www,
- VALIDATION=http
- EMAIL=xxx.yyy@provider.com # define email; required to renew certificate
volumes:
- /srv/dev-disk-by-uuid-d64bb55b-f232-4780-b261-77311ca2d8e3/DMS/next/swag:/config
ports:
- 447:443
- 82:80
restart: unless-stopped
Alles anzeigen
Now I like to replace that certificate(see attached pictures) against a one with the correct public dns name.
I tried look into the swag container and trying to change the certificate there but using "CERTBOT" does seem to know that certificate that has been enrolled...
I already tried reading through all the existing articles... for now couldn't really find a proper solution...
So I hope somebody can help me on that.
Thanks!
- URL=dms.thbcloud.de #insert your domain name - yourdomain.url
- SUBDOMAINS=www,
Is thbcloud.de your domain? THen it should be
Thanks macom.
that helped somewhat already.
I also found that letsencrypt looks for the DNS A entry for that domain... so I had to solve that issue too
Account registered.
Requesting a certificate for thbcloud.de and dms.thbcloud.de
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/thbcloud.de/fullchain.pem
Key is saved at: /etc/letsencrypt/live/thbcloud.de/privkey.pem
This certificate expires on 2024-04-15.
These files will be updated when the certificate renews.
So that now looks good.
But if I now access my Nextcloud server(and I really connect to the nextcloud container) it still has the wrong certificate.
I read somewhere that there is an reverse proxy on that SWAG container that I maybe would have to use to connect to nextcloud... but do I still have to configure that or does it work out of the box...?
Thanks!
But if I now access my Nextcloud server(and I really connect to the nextcloud container) it still has the wrong certificate.
I read somewhere that there is an reverse proxy on that SWAG container that I maybe would have to use to connect to nextcloud... but do I still have to configure that or does it work out of the box...?
Add nextcloud to the SUBDOMAINS
Make sure you create an DNS A entry on your domain for nextcloud.
Hi Soma,
okay, but container do I need to access the swag container or the nextcloud?
And are "www" and "nextcloud" mandatory subdomains to make it work?
Thanks.
but container do I need to access the swag container
It's explained on the guide: SWAG part.
And are "www" and "nextcloud" mandatory subdomains to make it work?
Nextcloud, yes
www no
Alles anzeigenHi Soma,
okay, but container do I need to access the swag container or the nextcloud?
And are "www" and "nextcloud" mandatory subdomains to make it work?
Thanks.
You could just set your subdomain to wildcard, and it shouldn't be an issue any longer
Not sure if I'm right here, please just move this post if it doesn't belong.
I've Nextcloud + Swag set up and so far I was on NC 25.0.13. Since it's officially unsupported (and I was maybe too update-eager) I wanted to upgrade to NC 28.
I followed this approach, i.e. I pulled the latest NC image and re-deployed the container with it. Obviously I forgot that NC cannot skip major versions
So the new container was not working and my idea was now to go back to the old version and then go through the major releases iteratively. However, after deploying the copy of my backup image and overwriting the config folder with my backup config folder, I receive the following backend error:
nginx: [emerg] duplicate upstream "php-handler" in /config/nginx/site-confs/default.conf:1
On the front end this is a "502 bad gateway". When I comment out the respective lines in default.conf, the container starts, gives me some warnings ("nginx: [warn] conflicting server name "_" on 0.0.0.0:80, ignored"), but the front end shows 404.
The question is now: How to proceed? Does it make sense to fix the container at all and if yes, how can it be fixed? Or would it be simpler to switch to NC AIO?
Looking forward to your ideas and opinions, thanks
Ok since I need to find a solution rather quickly I went ahead with trying to install NC AIO by following this, deciding for the "with proxy" variant and ultimately using that.
What a mess....! If I had realized that installing the docker-compose plugin would destroy Portainer, I would've never done it. So Portainer is gone and it seems I can't bring it back (this does not work, there is no Portainer container running anymore and I don't have a directory with the Portainer data).
Anyway, also going ahead does not work, because NPM just gives me an "internal error" without any explanation when I try to create a proxy host:
Container log:
[1/22/2024] [12:01:44 PM] [Global ] › ⬤ debug CMD: /usr/sbin/nginx -t -g "error_log off;"
[1/22/2024] [12:01:44 PM] [Nginx ] › ℹ info Reloading Nginx
[1/22/2024] [12:01:44 PM] [Global ] › ⬤ debug CMD: /usr/sbin/nginx -s reload
[1/22/2024] [12:01:50 PM] [SSL ] › ℹ info Requesting Let'sEncrypt certificates for Cert #4: <DOMAIN_ANONYMIZED>
[1/22/2024] [12:01:50 PM] [SSL ] › ℹ info Command: certbot certonly --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-4" --agree-tos --authenticator webroot --email "<MAIL_ANONYMIZED>" --preferred-challenges "dns,http" --domains "<DOMAIN_ANONYMIZED>"
[1/22/2024] [12:01:50 PM] [Global ] › ⬤ debug CMD: certbot certonly --config "/etc/letsencrypt.ini" --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-4" --agree-tos --authenticator webroot --email "<MAIL_ANONYMIZED>" --preferred-challenges "dns,http" --domains "<DOMAIN_ANONYMIZED>"
[1/22/2024] [12:01:54 PM] [Nginx ] › ⬤ debug Deleting file: /data/nginx/temp/letsencrypt_4.conf
[1/22/2024] [12:01:54 PM] [Global ] › ⬤ debug CMD: /usr/sbin/nginx -t -g "error_log off;"
[1/22/2024] [12:01:54 PM] [Nginx ] › ℹ info Reloading Nginx
[1/22/2024] [12:01:54 PM] [Global ] › ⬤ debug CMD: /usr/sbin/nginx -s reload
[1/22/2024] [12:01:54 PM] [Express ] › ⚠ warning Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.
Alles anzeigen
And the letsencrypt.log:
[...]
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/306890539026/dlPRLA",
"token": "_RzIMOQR1rrp3OSVoBK1iPb5xiuSBvRz_N7wMfPoKA0"
}
2024-01-22 12:01:52,664:DEBUG:acme.client:Storing nonce: WjH7rlvslZcZaQ-Ksp2_gjHSbF47ZWxlM67SiyNMhSlNLJlQXjI
2024-01-22 12:01:52,665:INFO:certbot._internal.auth_handler:Waiting for verification...
2024-01-22 12:01:53,666:DEBUG:acme.client:JWS payload:
b''
2024-01-22 12:01:53,676:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencry…me/authz-v3/306890539026:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTUyOTU0NzM4NiIsICJub25jZSI6ICJXakg3cmx2c2xaY1phUS1Lc3AyX2dqSFNiRjQ3Wld4bE02N1NpeU5NaFNsTkxKbFFYakkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzMwNjg5MDUzOTAyNiJ9",
"signature": "eW8Ctz0FYteRiOrzOXB3HhrxAbg2PzlmRIqOgiUSUkCose_vaoHLdNJxszbD9MAOxPoCLxcWfkMA8_4s4B2vVYOIxnXQ5o3jM6qYglbmcpq-wKvEN7Fuqpkcq_fJ7vOmrCRWwZoEbW8R3uNNwhWBQ8rIliAfiXIlHa1QdIhCxgXfV_aFRlSG-nIzXz0KprcjiP4y_mZF6T-wLwo5HcBzTFuRCVlPahDR7Ia7RqmTUxQfXUjsKuN4qCZrg00Ce_6M59Bv57_eVKKA-PHlbLsaiDWBya9oGNUj3tGlnNdNTSODI64IN9MR2xfTKmOyfpUBfhBEqlhAfsxv0wcMDVM1Yg",
"payload": ""
}
2024-01-22 12:01:53,835:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/306890539026 HTTP/1.1" 200 1036
2024-01-22 12:01:53,836:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 22 Jan 2024 11:01:53 GMT
Content-Type: application/json
Content-Length: 1036
Connection: keep-alive
Boulder-Requester: 1529547386
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: C_JVVWRmhY_ysi6shgz-RQf0tYHNOKTnaFj956qkW3oFiKcM1ks
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "<DOMAIN_ANONYMIZED>"
},
"status": "invalid",
"expires": "2024-01-29T11:01:52Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:connection",
"detail": "84.44.146.11: Fetching http://<DOMAIN_ANONYMIZED>/.well-known/acme-challenge/_RzIMOQR1rrp3OSVoBK1iPb5xiuSBvRz_N7wMfPoKA0: Error getting validation data",
"status": 400
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/306890539026/dlPRLA",
"token": "_RzIMOQR1rrp3OSVoBK1iPb5xiuSBvRz_N7wMfPoKA0",
"validationRecord": [
{
"url": "http://<DOMAIN_ANONYMIZED>/.well-known/acme-challenge/_RzIMOQR1rrp3OSVoBK1iPb5xiuSBvRz_N7wMfPoKA0",
"hostname": "<DOMAIN_ANONYMIZED>",
"port": "80",
"addressesResolved": [
"84.44.146.11"
],
"addressUsed": "84.44.146.11"
}
],
"validated": "2024-01-22T11:01:52Z"
}
]
}
2024-01-22 12:01:53,837:DEBUG:acme.client:Storing nonce: C_JVVWRmhY_ysi6shgz-RQf0tYHNOKTnaFj956qkW3oFiKcM1ks
2024-01-22 12:01:53,838:INFO:certbot._internal.auth_handler:Challenge failed for domain <DOMAIN_ANONYMIZED>
2024-01-22 12:01:53,839:INFO:certbot._internal.auth_handler:http-01 challenge for <DOMAIN_ANONYMIZED>
2024-01-22 12:01:53,839:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: <DOMAIN_ANONYMIZED>
Type: connection
Detail: 84.44.146.11: Fetching http://<DOMAIN_ANONYMIZED>/.well-known/acme-challenge/_RzIMOQR1rrp3OSVoBK1iPb5xiuSBvRz_N7wMfPoKA0: Error getting validation data
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
2024-01-22 12:01:53,842:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2024-01-22 12:01:53,842:DEBUG:certbot._internal.error_handler:Calling registered functions
2024-01-22 12:01:53,843:INFO:certbot._internal.auth_handler:Cleaning up challenges
2024-01-22 12:01:53,843:DEBUG:certbot._internal.plugins.webroot:Removing /data/letsencrypt-acme-challenge/.well-known/acme-challenge/_RzIMOQR1rrp3OSVoBK1iPb5xiuSBvRz_N7wMfPoKA0
2024-01-22 12:01:53,844:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up
2024-01-22 12:01:53,845:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/opt/certbot/bin/certbot", line 8, in <module>
sys.exit(main())
^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/main.py", line 19, in main
return internal_main.main(cli_args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1869, in main
return config.func(config, plugins)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 1600, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/main.py", line 143, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 517, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 428, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
File "/opt/certbot/lib/python3.11/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2024-01-22 12:01:53,853:ERROR:certbot._internal.log:Some challenges have failed.
I'm getting desperate. Could someone please help?
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!