reinernippes / nextcloud_on_docker Goto Github PK
View Code? Open in Web Editor NEWRun Nextcloud in Docker Container on various Linux Hosts
License: MIT License
Run Nextcloud in Docker Container on various Linux Hosts
License: MIT License
It seems that let's encrypt is not working with the default configuration provided here. I only changed some fields in the inventory file according to my domain and needed configuration and I cannot get certificates. In the logs is written that let's encrypt always gets a 400 error because it cannot access the .well-known site. When I wget the site it takes a long time and finally I get a 404. It seems that traefik is blocking too much but with my limited traefik and docker knowledge I could not reconfigure traefik.
My configuration: Ubuntu 18.04.3 with a freenom domain which has only an A record which points to my static ip.
Another issue I found which might be related to the to strong blocking of traefik it that as soon as I change my dns from freenom to cloudflare I cannot access my site anymore. I always get a 512 error at a cloudflare site when I try to access my domain. This may also comes from a too strict traefik blocking?
Here is the my inventory file (with my personal data changed):
[nextcloud]
localhost ansible_connection=local
[nextcloud:vars]
### Preliminary variables ###
# The domain name for your Nextcloud instance. You'll get a Let's Encrypt certificate for this domain.
nextcloud_server_fqdn = mydomain.tk
# Your email address (for Let's Encrypt).
ssl_cert_email = [email protected]
### Nextcloud variables ###
# Choose a directory for your Nextcloud data.
nextcloud_base_dir = /opt/nextcloud
# Choose a username and password for your Nextcloud admin user.
nextcloud_admin = 'user'
nextcloud_passwd = 'userpwd' # If empty the playbook will generate a random password.
# You must choose one database management system.
# Choose between 'pgsql' (PostgreSQL), 'mysql' (MariaDB) and 'sqlite' (SQLite).
nextcloud_db_type = 'pgsql'
# Options for Mariadb and PostgreSQL.
nextcloud_db_host = 'localhost'
nextcloud_db_name = 'nextcloud'
nextcloud_db_user = 'nextcloud'
nextcloud_db_passwd = '' # If empty the playbook will generate a random password (stored in {{ nextcloud_base_dir }}/secrets ).
nextcloud_db_prefix = 'oc_'
### Optional variables ###
# Setup the Nextcloud mail server.
nextcloud_configure_mail = false
nextcloud_mail_from =
nextcloud_mail_smtpmode = smtp
nextcloud_mail_smtpauthtype = LOGIN
nextcloud_mail_domain =
nextcloud_mail_smtpname =
nextcloud_mail_smtpsecure = tls
nextcloud_mail_smtpauth = 1
nextcloud_mail_smtphost =
nextcloud_mail_smtpport = 587
nextcloud_mail_smtpname =
nextcloud_mail_smtppwd =
# Use S3 Bucket as primary storage
aws_s3_key = ''
aws_s3_secret = ''
# aws_s3_bucket_name = ''
# aws_s3_hostname = 's3.amazonaws.com'
# aws_s3_port = '443'
# aws_s3_use_ssl = 'true'
# aws_s3_region = 'us-east-1'
# aws_s3_use_path_style = 'true'
# Install restic backup tool if backup_folder is not empty
restic_repo = '' # e.g. /var/nc-backup
# crontab settings restic for restic
backup_day = *
backup_hour = 12
backup_minute = 0
# Choose an online office suite to integrate with your Nextcloud. Your options are (without quotation marks): 'none', 'collabora' and 'onlyoffice'.
online_office = onlyoffice
# When using Collabora, you're able to install dictionaries alongside with it. Collabora's default is German (de).
collabora_dictionaries = 'en' # Separate ISO 639-1 codes with a space.
# Set to true to install TURN server for Nextcloud Talk.
talk_install = true
# Set to true to enable access to your database with Adminer at https://nextcloud_server_fqdn/adminer . The password will be stored in {{ nextcloud_base_dir }}/secrets .
adminer_enabled = true
# Set to true to install Portainer webgui for Docker.
portainer_enabled = true
portainer_passwd = '' # If empty the playbook will generate a random password.
# Uncomment 'traefik_api_user' to get access to your Traefik dashboard at https://nextcloud_server_fqdn/traefik .
traefik_api_user = traefik
Here the error which comes from the logs of the traefik container (also changed my personal data):
time="2020-01-22T10:35:43Z" level=error msg="Unable to obtain ACME certificate for domains \"mydomain.tk\" detected thanks to rule \"Host:mydomain.tk; PathPrefixStrip:/portainer\" : unable to generate a certificate for the domains [mydomain.tk]: acme: Error -> One or more domains had a problem:\n[mydomain.tk] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Fetching http://mydomain.tk/.well-known/acme-challenge/LzGbdsFsKcsJZdfsHVvds75dsdhds9m4PpEHtH7l533c: Connection refused, url: \n"
I wanted to configure the SMTP server. But this didn't work. The problem is not with the credentials I used, because I used the same with Firefox.
When I fill in the credential is the Nextxloud GUI I get the following error:
Connection could not be established with host smtp.domain.tld [Operation timed out #110])
TASK [prep_os : selinux targets] *********************************************************************************************************************
Wednesday 10 October 2018 16:03:39 -0400 (0:00:00.631) 0:01:35.899 *****
failed: [localhost] (item=/opt/nextcloud(/.)?) => {"changed": false, "item": "/opt/nextcloud(/.)?", "msg": "This module requires policycoreutils-python"}
After
yum install policycoreutils-python
everything worked quite well.
Hello,
Does this container need to stay running once the setup is complete?
I think it may be causing issues as I keep having to accept the self-signed certificate in my browser, indicating that it is dumping a new cert?
Thanks.
When executing:
curl -s https://raw.githubusercontent.com/ReinerNippes/nextcloud_on_docker/master/prepare_system.sh | /bin/bash
ERROR: Command errored out with exit status 1:
command: /usr/bin/python -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-B4srK6/python-apt/setup.py'"'"'; __file__='"'"'/tmp/pip-install-B4srK6/python-apt/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' egg_info --egg-base /tmp/pip-install-B4srK6/python-apt/pip-egg-info
cwd: /tmp/pip-install-B4srK6/python-apt/
Complete output (5 lines):
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/tmp/pip-install-B4srK6/python-apt/setup.py", line 6, in <module>
from DistUtilsExtra.command import *
ImportError: No module named DistUtilsExtra.command
----------------------------------------
ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.
When using the latest apache image for nextcloud, the following error occurs ONLYOFFICE cannot be reached. Please contact admin
.
How would I go about solving this?
where can I modify or change this? There is no place to do this in the inventory file.
What is the best approach to updating my Nextcloud container in this setup?
Thanks.
What's currently blocking support of Talk on arm(64) architectures? Is the current TURN server incompatible?
Hey
Having run the playbook... which I thank you for! A lot of work done there!
At the end, I get this error
TASK [docker_container : Create the traefik container] ******************************************************************************************************
Thursday 28 May 2020 07:52:22 +0000 (0:00:04.250) 0:01:50.347 **********
fatal: [localhost]: FAILED! => changed=false
msg: 'Error starting container 2693b444d151a93b08409f5983ce1e0dd1e1ca2abc64941c6d45f05f89dd6757: 400 Client Error: Bad Request ("OCI runtime create failed:49: starting container process caused "process_linux.go:449: container init caused \"rootfs_linux.go:58: mounting \\\"/media/storage/nextcloud/traefik/acme.j"/var/lib/docker/overlay2/737b1fce39f9d534ace825cb4f066549f53594c3d816c08add6b241b09f00365/merged\\\" at \\\"/var/lib/docker/overlay2/737b1fce39f9d534ace825cc08add6b241b09f00365/merged/acme.json\\\" caused \\\"not a directory\\\"\"": unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check path exists and is the expected type")'
PLAY RECAP **************************************************************************************************************************************************
localhost : ok=38 changed=3 unreachable=0 failed=1 skipped=3 rescued=0 ignored=0
Thursday 28 May 2020 07:52:25 +0000 (0:00:03.351) 0:01:53.699 **********
===============================================================================
Gathering Facts ---------------------------------------------------------------------------------------------------------------------------------------------
prep_ufw : Configuring port/protocol/network rules ----------------------------------------------------------------------------------------------------------
prep_ufw : Installing ufw package ---------------------------------------------------------------------------------------------------------------------------
prep_docker : add docker key --------------------------------------------------------------------------------------------------------------------------------
prep_os : apt dist-upgrade ----------------------------------------------------------------------------------------------------------------------------------
prep_docker : install needed packages -----------------------------------------------------------------------------------------------------------------------
prep_os : install additional packages -----------------------------------------------------------------------------------------------------------------------
prep_docker : install docker --------------------------------------------------------------------------------------------------------------------------------
docker_container : adding traefik.toml file -----------------------------------------------------------------------------------------------------------------
prep_ufw : Configuring service ------------------------------------------------------------------------------------------------------------------------------
docker_container : Create watchtower container for auto update ----------------------------------------------------------------------------------------------
prep_ufw : Configuring firewall -----------------------------------------------------------------------------------------------------------------------------
prep_docker : add additional docker repo --------------------------------------------------------------------------------------------------------------------
prep_docker : remove ubuntu repo docker ---------------------------------------------------------------------------------------------------------------------
prep_ufw : start ufw ----------------------------------------------------------------------------------------------------------------------------------------
docker_container : Create the traefik container -------------------------------------------------------------------------------------------------------------
prep_os : make sure nextcloud directoies are present --------------------------------------------------------------------------------------------------------
prep_ufw : Enabling firewall --------------------------------------------------------------------------------------------------------------------------------
docker_container : Create frontend network ------------------------------------------------------------------------------------------------------------------
prep_docker : enable docker --
Anyone know how I fix this.. there is a folder in that location with that name but I cannot see whats inside it
This may be of use:
TASK [docker_container : docker watchtower] *****************************************************************************************************************
Thursday 28 May 2020 07:52:11 +0000 (0:00:02.129) 0:01:39.297 **********
included: /home/konradwalsh/nextcloud_on_docker/roles/docker_container/tasks/watchtower.yml for localhost
TASK [docker_container : Create watchtower container for auto update] ***************************************************************************************
Thursday 28 May 2020 07:52:11 +0000 (0:00:00.459) 0:01:39.757 **********
ok: [localhost]
TASK [docker_container : docker traefik] ********************************************************************************************************************
Thursday 28 May 2020 07:52:15 +0000 (0:00:03.502) 0:01:43.260 **********
included: /home/konradwalsh/nextcloud_on_docker/roles/docker_container/tasks/traefik.yml for localhost
TASK [docker_container : ensures traefik dir exists] ********************************************************************************************************
Thursday 28 May 2020 07:52:15 +0000 (0:00:00.505) 0:01:43.766 **********
ok: [localhost]
TASK [docker_container : ensures acme.json file exists] *****************************************************************************************************
Thursday 28 May 2020 07:52:16 +0000 (0:00:01.162) 0:01:44.929 **********
changed: [localhost]
TASK [docker_container : adding traefik.toml file] **********************************************************************************************************
Thursday 28 May 2020 07:52:18 +0000 (0:00:01.168) 0:01:46.097 **********
/usr/lib/python3/dist-packages/passlib/handlers/bcrypt.py:237: PasslibHashWarning: encountered a bcrypt salt with incorrectly set padding bits; you may want h() to fix this; this will be an error under Passlib 2.0
PasslibHashWarning)
changed: [localhost]
Out put of docker -ps and ps -a
`konradwalsh@nextcloud-server:/media/storage/nextcloud/traefik$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5adea4b396e3 collabora/code:latest "/bin/sh -c 'bash st…" 8 hours ago Up 29 minutes 9980/tcp collabora_online
19f150790691 adminer:latest "entrypoint.sh docke…" 8 hours ago Up 29 minutes 8080/tcp adminer
c35f70bc89a4 redis:4-alpine "docker-entrypoint.s…" 8 hours ago Up 29 minutes 6379/tcp redis
9b634a85333c postgres:10-alpine "docker-entrypoint.s…" 8 hours ago Up 29 minutes 5432/tcp nextcloud-db
056c990a40fd portainer/portainer:latest "/portainer --host u…" 8 hours ago Up 29 minutes 9000/tcp portainer
40b7c98a5986 svendowideit/traefik-certdumper:latest "/run.sh" 8 hours ago Restarting (2) About a minute ago certdumper
54ec3efdde90 containrrr/watchtower:latest "/watchtower --clean…" 8 hours ago Up 29 minutes 8080/tcp watchtower
konradwalsh@nextcloud-server:/media/storage/nextcloud/traefik$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5adea4b396e3 collabora/code:latest "/bin/sh -c 'bash st…" 8 hours ago Up 30 minutes 9980/tcp collabora_online
db65380d898d nginx:alpine "nginx -g 'daemon of…" 8 hours ago Exited (127) About an hour ago 80/tcp nginx
979866488fe4 nextcloud:fpm-alpine "/entrypoint.sh php-…" 8 hours ago Exited (127) About an hour ago 9000/tcp nextcloud
19f150790691 adminer:latest "entrypoint.sh docke…" 8 hours ago Up 30 minutes 8080/tcp adminer
c35f70bc89a4 redis:4-alpine "docker-entrypoint.s…" 8 hours ago Up 30 minutes 6379/tcp redis
9b634a85333c postgres:10-alpine "docker-entrypoint.s…" 8 hours ago Up 30 minutes 5432/tcp nextcloud-db
056c990a40fd portainer/portainer:latest "/portainer --host u…" 8 hours ago Up 30 minutes 9000/tcp portainer
40b7c98a5986 svendowideit/traefik-certdumper:latest "/run.sh" 8 hours ago Restarting (2) 42 seconds ago certdumper
2693b444d151 traefik:1.7-alpine "/entrypoint.sh trae…" 8 hours ago Exited (127) About an hour ago 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp traefik
54ec3efdde90 containrrr/watchtower:latest "/watchtower --clean…" 8 hours ago Up 30 minutes 8080/tcp watchtower
`
When I run the playbook as shown in the README I get a network.yml error:
included: /root/nextcloud_on_docker/roles/docker_container/tasks/network.yml for localhost
TASK [docker_container : Create frontend network] ************************************************************************************************
Thursday 09 January 2020 13:30:54 +0000 (0:00:00.063) 0:01:05.746 ******
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: AttributeError: 'module' object has no attribute 'SSL_ST_INIT'
fatal: [localhost]: FAILED! => changed=false
module_stderr: |-
Traceback (most recent call last):
File "/root/.ansible/tmp/ansible-tmp-1578576654.19-46880396426708/AnsiballZ_docker_network.py", line 102, in
_ansiballz_main()
File "/root/.ansible/tmp/ansible-tmp-1578576654.19-46880396426708/AnsiballZ_docker_network.py", line 94, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/root/.ansible/tmp/ansible-tmp-1578576654.19-46880396426708/AnsiballZ_docker_network.py", line 40, in invoke_module
runpy.run_module(mod_name='ansible.modules.cloud.docker.docker_network', init_globals=None, run_name='main', alter_sys=True)
File "/usr/lib/python2.7/runpy.py", line 188, in run_module
fname, loader, pkg_name)
File "/usr/lib/python2.7/runpy.py", line 82, in _run_module_code
mod_name, mod_fname, mod_loader, pkg_name)
File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/tmp/ansible_docker_network_payload_oS5W1p/ansible_docker_network_payload.zip/ansible/modules/cloud/docker/docker_network.py", line 285, in
File "/tmp/ansible_docker_network_payload_oS5W1p/ansible_docker_network_payload.zip/ansible/module_utils/docker/common.py", line 43, in
File "/usr/lib/python2.7/dist-packages/requests/init.py", line 53, in
from .packages.urllib3.contrib import pyopenssl
File "/usr/lib/python2.7/dist-packages/urllib3/contrib/pyopenssl.py", line 54, in
import OpenSSL.SSL
File "/usr/lib/python2.7/dist-packages/OpenSSL/init.py", line 8, in
from OpenSSL import rand, crypto, SSL
File "/usr/lib/python2.7/dist-packages/OpenSSL/SSL.py", line 118, in
SSL_ST_INIT = _lib.SSL_ST_INIT
AttributeError: 'module' object has no attribute 'SSL_ST_INIT'
module_stdout: ''
msg: |-
MODULE FAILURE
See stdout/stderr for the exact error
rc: 1
Newbie here so excuse the question if it's obvious.
If docker is installed (via ansible playbook etc.) this could be mentioned in the Readme.
If docker is not installed but is a prerequisite this could be mentioned in the Readme - and a pointer to installation given (would be useful)
Where to execute e.g.:
Install Ansible and some needed tools by running the following command with a user that can sudo or is root.
curl -s https://raw.githubusercontent.com/ReinerNippes/nextcloud_on_docker/master/prepare_system.sh | /bin/bash
in the docker instance(?) or on the "containing" physical machine...
Context: I came here from https://help.nextcloud.com/t/how-to-migrate-from-existing-ubuntu-16-04-installation-to-docker/46664
My situation is "similar" I am trying to move a "traditional" non-container installation from ubuntu 16.04 to be "contained" (in this case on the same physical machine). Other existing software/services on the ubuntu machine should continue to function - e.g. there is an old Drupal installation on the machine etc. I am a docker newbie. I will not be using S3 or any other external storage.
System: Debian 9 linode vm
Description:
I tried to remove and reinstall with this playbook when I was debugging an issue that I was seeing with certbot docker.
Note: The certbot issue is unrelated to this current issue, and was in my DNS configuration, as I forgot to add www A record.
When I fixed that DNS issue, I tried reinstalling from scratch, I ran into some issues with the database.
Steps:
ansible-playbook nextdocker.yml -e state=absent
docker stop $(docker ps -a -q) && docker rm $(docker ps -a -q) && rm -rf /opt/nextcloud/
ssl_cert_email
and nextcloud_server_fqdn
and all the passwords were blank because I wanted random generated.fatal: [localhost]: FAILED! => changed=true
cmd: |-
docker exec --user www-data nextcloud php occ maintenance:install --database pgsql --database-host nextcloud-db --database-name nextcloud --database-table-prefix oc_ --database-user nextcloud --database-pass xxx --admin-user admin --admin-pass xxx --data-dir /var/nc-data
delta: '0:00:00.345130'
end: '2019-12-25 10:02:10.559402'
msg: non-zero return code
rc: 1
start: '2019-12-25 10:02:10.214272'
stderr: ''
stderr_lines: <omitted>
stdout: |-
Error while trying to create admin user: Failed to connect to the database: An exception occurred in driver: SQLSTATE[08006] [7] FATAL: password authentication failed for user "nextcloud"
->
stdout_lines: <omitted>
Also the web interface at https://nextcloud.<my-domain.tld> is up but tells me:
Error
It looks like you are trying to reinstall your Nextcloud. However the file CAN_INSTALL is missing from your config directory. Please create the file CAN_INSTALL in your config folder to continue.
I think the root cause is that I needed to remove the users and passwords before installing again as when I rebuilt my vm and installed with same settings it works perfectly and the only things left on the previous debian9 vm relating to nextcloud config were the username and passwords.
I didn't look too far into where the playbook was getting the passwords or if it was overwriting them.
Hi, nice playbook, it's easy to use and understand for someone new-ish to ansible, I noticed a small issue for debian 9 install:
./nextcloud.yml
First install on debian 9:
fatal: [localhost]: FAILED! => changed=false
msg: 'Error: Docker SDK for Python version is 1.9.0 (localhost''s Python /usr/bin/python). Minimum version required is 1.10.0.Use `pip install --upgrade docker-py` to upgrade. Hint: if you do not need Python 2.6 support, try `pip uninstall docker-py` instead, followed by `pip install docker`.'
Run:
pip install --upgrade docker-py && ./nextcloud.yml
It works.
Hallo Reiner,
I have everything up and running on a test droplet - and had great fun on the way. I even have traefik passing certain other fqdns to the host to be served there. Full imagemagick and facerecognition is compiled in too.
A "set" of containers are all working together to provide "nextcloud" (nginx,redis,nextcloud, nextcloud-db...).
My next question is - based on using your setup - how would you recommend hosting multiple nextclouds? (each reached by different sub-domains: nc1.example.com, nc2.example.com etc. ).
BTW I am just hoping for some tips and pointers here and not a full blown solution(!)
It looks (from a docker newbie point of view) that docker-compose would be useful here(?)
To reuse the containers I'd need to ensure state is made extrinsic in Volumes.
My goal is on the one hand to get going quite quickly in production.
On the other hand I'd like in an ideal world to be able e.g. to vary the nextcloud version from
nc1.example.com to nc2.example.com etc. and also be free to add/not add additional compiled in "abilities" such as full imagemagick, facerecognition (pdlib,dlib) (i.e. some nextcloud containers would have less reuse)
On the other hand still(!) I have no idea about the memory/resource implications of this approach.
Hi,
It seems that videos and PDFs are not producing preview thumbnails.
Any idea how to solve this?
Thanks.
Some problem here:
https://github.com/ReinerNippes/nextcloud_on_docker/blob/master/roles/prep_backup/tasks/main.yml
TASK [prep_backup : install restic] *********************************************************************
Friday 03 May 2019 03:38:55 +0200 (0:00:00.442) 0:00:19.230 ************
fatal: [localhost]: FAILED! => {"msg": "The conditional check 'restic_repo != ''' failed. The error was: error while evaluating conditional (restic_repo != ''): 'restic_repo' is undefined\n\nThe error appears to have been in '/home/amarinde/nextcloud_on_docker/roles/prep_backup/tasks/main.yml': line 4, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: install restic\n ^ here\n"}
I did not choose to use rclone. Filed in backup_folder = /var/nc-backup
in inventory
.
I might be missing something but please help me understand this. I am trying to use this script to install nextcloud and it works just fine for the first time. Now, I want to use the same script, on the same VM and install another docker for nextcloud. My questions -
Please help me here!
Does not create a config.php file when you change the all.yml from nextcloud:fpm-alpine to nextcloud-18.0.3-fpm. I believe it maybe a permission issue in the script. Alpine linux does not support the smbclient files that need to loaded for external storage capabilities.
fatal: [localhost]: FAILED! => changed=false
elapsed: 31
msg: Timeout when waiting for 172.21.0.3:3306
I just tried switching to mysql. Now having another issue... Looks like the DB doesn't come up quick enough?
docker network ls -q
would print only network ID's so all the greps won't work;grep -v bridge
won't work in some docker environments, you can see that 'aaa' also an 'bridge'docker network create aaa
d18883a4353849ab35f188d20953d1e00a9cd103c506570871a26d0648af21c1
unic at staging-control in ~
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
d18883a43538 aaa bridge local
6937dd8b8e29 bridge bridge local
741825a49226 docker_gwbridge bridge local
168818ce6586 host host local
qz5shud88elk ingress overlay swarm
977a250b23bb none null local
docker network rm $(docker network ls | awk '{print $2}' | grep -v "ID" | grep -v ingress | grep -v bridge | grep -v host | grep -v none)
The following command:
sudo docker exec nextcloud-db mysqldump --single-transaction -h localhost -u root -p password_here nextcloud > {{nextcloud_dir}}database-dump/db_dump_mysql_nextcloud.sql
within /usr/local/bin/backup_nextcloud.sh
doesn't seem to be working. Neither the secret generated /nextcloudir/secrets
in mysql_root_secret or database_user_secret work.
Installing Onlyoffice causes the following error. All group_vars are default.
cmd: docker exec --user www-data nextcloud php occ app:install onlyoffice
delta: '0:00:00.624761'
end: '2020-02-03 18:44:54.904508'
msg: non-zero return code
rc: 1
start: '2020-02-03 18:44:54.279747'
stderr: |2-
Command "app:install" is not defined.
Did you mean one of these?
app:check-code
maintenance:install
stderr_lines: <omitted>
stdout: Nextcloud is not installed - only a limited number of commands are available
stdout_lines: <omitted>
Hi Reiner,
In the past day something auto-updated and it stopped my nextcloud from being accessible. Looking into it it seemed to have to with and certdumper. Regardless, it had been a while since I synced to the current version of this repository. In doing so I get an error about "nextcloud, The data directory was initialized by PostgreSQL version 10, which is not compatible with this version 11.8.". I see it was updated in the group vars. Upgrading from v10 to v11 seems convoluted to say the least.
Did I miss something?
Trying to roll back the docker image to v10.13 causes more problems. I have a year of restic backups if that's of any help.
How to you recommend I best proceed?
Hi,
Maybe I don't understand it correctly, but it looks like Traefik and Nginx are both deployed in the default configuration.
Here contains the include_tasks for Traefik and then here in the groups_vars the image is set to fpm-alpine
and the when statement checks if fpm
is present which it always will be (unless changed)
This confuses me because I thought Traefik and Nginx are both reverse proxies. So why are they both deployed if they perform the same task?
Thanks.
As of Traefik 2.0, the script used as the basis for the certdumper is no longer supported/maintained as per traefik/traefik#4783. This playbook should be modified to use an alternative such as the mentioned ldez/traefik-certs-dumper
Hello, and thanks for your amazing work.
In the README and in the inventory
file, you write :
# The restic backup tool will be installed when 'backup_folder' is not empty.
restic_repo = '' # e.g. '/var/nc-backup' .
Is it in fact the restic_repo
property ?
I can see in the nextdocker.yml
file your following condition :
- { role: prep_backup, when: restic_repo != '' }
So I presume backup_folder
is in fact restic_repo
?
If it's the case, I can make a PR if needed.
I left the passwords to be generated for me (ie blank), all defaults in group_vars/all.yml
and now having the following error:
fatal: [localhost]: FAILED! => changed=true
cmd: |-
docker exec --user www-data nextcloud php occ maintenance:install --database pgsql --database-host nextcloud-db --database-name nextcloud --database-table-prefix oc_ --database-user nextcloud --database-pass somepassword --admin-user some-user --admin-pass someotherpassword --data-dir /var/nc-data
delta: '0:00:00.505204'
end: '2020-02-03 18:54:33.770242'
msg: non-zero return code
rc: 1
start: '2020-02-03 18:54:33.265038'
stderr: ''
stderr_lines: <omitted>
stdout: |-
Error while trying to create admin user: Failed to connect to the database: An exception occurred in driver: SQLSTATE[08006] [7] FATAL: password authentication failed for user "nextcloud"
->
stdout_lines: <omitted>
Looks like this might be related to #15 which was resolved?
Hi, how can I change the "Header X-Frame-Options" from SAMEORIGIN to ALLOW-FROM? I have installed Traefik, but it's not possible change anything on it.
I tried adding the line add_header X-Frame-Options "allow-from https://*.domain.tld" always;
in /opt/nextcloud/config/nginx.conf
and change settings in /opt/nextcloud/www/lib/public/AppFramework/Http/ContentSecurityPolicy.php
but the changes are not reflected in the Traefik dashboard, so I guess I have to configure something related to Traefik.
[modified] guide: https://help.nextcloud.com/t/solved-nextcloud-16-how-to-allow-iframe-usage/52278/5
Thanks in advance!
Hi,
great script, took a lot of work off me, so this is great. Recently I run into the ERR_TOO_MANY_REDIRECTS error.
This happens on a fresh Ubuntu 18.04 as well as Debian 10 install, and is the message I am greeted with right after the playbook finishes. I was able to recreate this behaviour with Traefik v2 and a current git pull from 6. June 2020.
Choosing a self signed certificate doesn't make a difference. The error remains in all major browsers with current updates. Deleting cookies desn't help.
All containers are up and running, even after reboot. Since the structure with Traefik and let's encrypt is a bit complicated, any ideas where I can narrow the error down?
Thanks for any help and kind regards
Is it possible to offer/integrate ZeroTier into the docker build as an alternative to Let's Encrypt Certificate or Self-Signed? This a P2PVPN that might be a great secure alternative.
Hi 👋🏻
Thanks for the awesome playbook.
I have some questions.
Many thanks!
Were you ever able to get a TURN server talking to Nextcloud for Talk?
This post from October 19th highlights a security vulnerability in Nginx
Looking at the NGINX config here I am not sure this has been mitigated?
Can you confirm @ReinerNippes?
Hi,
How come some of the containers such as adminer contain traefik labels and the Nextcloud container does not?
Hi Reiner,
thanks for this nice setup and the efforts on your work.
Unfortunately I don't get it to work, so I kindly ask for some assistance.
After struggling with of problems on the python setup, I finally managed to get 'ansible' working.
It reports:
ansible --version
ansible 2.8.6
config file = /home/xxx/programs/nextcloud_on_docker/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python2.7/dist-packages/ansible
executable location = /usr/local/bin/ansible
python version = 2.7.15+ (default, Oct 7 2019, 17:39:04) [GCC 7.4.0]
Is that correct ?
When running ansible playbook '/nextdocker.yml', it fails with error messages:
PLAY [install nextcloud] ...
TASK [Gathering Facts] *...
Sunday 20 October 2019 16:06:25 +0200 (0:00:00.604) 0:00:00.604 ********
ok: [localhost]
TASK [prep_ufw : include os specific tasks] ***...
Sunday 20 October 2019 16:06:30 +0200 (0:00:04.453) 0:00:05.058 ********
included: /home/gsi/programs/nextcloud_on_docker/roles/prep_ufw/tasks/Ubuntu.yml for localhost
TASK [prep_ufw : Installing ufw package]
*
Sunday 20 October 2019 16:06:30 +0200 (0:00:00.403) 0:00:05.462 ********
ok: [localhost]
TASK [prep_ufw : Configuring port/protocol/network rules]
Sunday 20 October 2019 16:06:37 +0200 (0:00:06.287) 0:00:11.750 ********
failed: [localhost] (item={u'port': 22, u'rule': u'allow'}) => changed=false
ansible_loop_var: item
commands:
- /usr/sbin/ufw status verbose
item:
port: 22
rule: allow
msg: |-
ERROR: problem running iptables: iptables v1.6.1: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
failed: [localhost] (item={u'port': 80, u'rule': u'allow'}) => changed=false
ansible_loop_var: item
commands:
- /usr/sbin/ufw status verbose
item:
port: 80
rule: allow
msg: |-
ERROR: problem running iptables: iptables v1.6.1: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
failed: [localhost] (item={u'port': 443, u'rule': u'allow'}) => changed=false
ansible_loop_var: item
commands:
- /usr/sbin/ufw status verbose
item:
port: 443
rule: allow
msg: |-
ERROR: problem running iptables: iptables v1.6.1: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
I do not have iptables installed. I'm running a bare blank server edition of:
NAME=Ubuntu
++ VERSION='18.04.3 LTS (Bionic Beaver)'
++ ID=ubuntu
++ ID_LIKE=debian
++ PRETTY_NAME='Ubuntu 18.04.3 LTS'
++ VERSION_ID=18.04
on an ODROID C2 which reports its hardware
Linux server 3.16.72-46 #1 SMP PREEMPT Tue Aug 13 18:09:58 -03 2019 aarch64 aarch64 aarch64
BTW, does your setup need 'docker-compose' as an executable as this is not present in the official docker repositories for arm64/aarch64 ?
Thanks for any help !
Gerd
Under Background Jobs, the message in the title is displayed. Nothing in the admin panel for the nextcloud instance show any errors are produced. Do you know how I should begin troubleshooting this?
Hello
First i want to congratulate you on this project.
When i try to execute the ./nextdocker.yml i got:
<<<<<<<<<<<<<<<<<<
TASK [nextcloud_config : first setup nextcloud] **********************************************************************************************
Saturday 28 September 2019 09:09:34 -0400 (0:00:01.487) 0:02:13.144 ****
fatal: [localhost]: FAILED! => changed=true
cmd: |-
docker exec --user www-data nextcloud php occ maintenance:install --database mysql --database-host nextcloud-db --database-name nextcloud --database-table-prefix oc_ --database-user nextcloud --database-pass FvIYw4cQaaMJ1aDqTlBKuuhZEMKbYbbe --admin-user admin --admin-pass lgMFOVcKMzbZx7fedDMLD8jOl8DxA1R6 --data-dir /var/nc-data
delta: '0:00:00.421351'
end: '2019-09-28 09:09:34.756379'
msg: non-zero return code
rc: 1
start: '2019-09-28 09:09:34.335028'
stderr: ''
stderr_lines:
stdout: |-
Error while trying to create admin user: Failed to connect to the database: An exception occurred in driver: SQLSTATE[HY000] [2002] Connection refused
->
stdout_lines:
PLAY RECAP ***********************************************************************************************************************************
localhost : ok=63 changed=22 unreachable=0 failed=1 skipped=20 rescued=0 ignored=0
All docker containers are up and running.
<<<<<<<<<<<<<<<<<<
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8f9bb1bb35b9 nginx:alpine "nginx -g 'daemon of…" 6 minutes ago Up 6 minutes 80/tcp nginx
348f7054226f nextcloud:fpm-alpine "/entrypoint.sh php-…" 6 minutes ago Up 6 minutes 9000/tcp nextcloud
6c1013357082 redis:4-alpine "docker-entrypoint.s…" 7 minutes ago Up 6 minutes 6379/tcp redis
b67a68befd22 mariadb:latest "docker-entrypoint.s…" 7 minutes ago Up 7 minutes 3306/tcp nextcloud-db
52fbe6e598ef portainer/portainer:latest "/portainer --host u…" 7 minutes ago Up 7 minutes 9000/tcp portainer
4fd889644f29 svendowideit/traefik-certdumper:latest "/run.sh" 7 minutes ago Up 7 minutes certdumper
aee0a6fa352c traefik:1.7-alpine "/entrypoint.sh trae…" 7 minutes ago Up 7 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp traefik
4681983967bd containrrr/watchtower:latest "/watchtower --clean…" 7 minutes ago Up 7 minutes watchtower
So , i tried to run manually that docker command:
<<<<<<<<<<<<<<<<<<
root@debian:~/nextcloud_on_docker# docker exec -ti --user www-data nextcloud /bin/sh
/var/www/html $ php occ status
Nextcloud is not installed - only a limited number of commands are available
Running again the ./nextdocker.yml :
<<<<<<<<<<<<<<<<<<
PLAY RECAP ***********************************************************************************************************************************
localhost : ok=68 changed=7 unreachable=0 failed=0 skipped=30 rescued=0 ignored=0
:D success.
But, i don't know why it didn't succeed in the first run.
Please help me understand this .
Thank you
Hello! Could You add supporting of extract app by default?
https://apps.nextcloud.com/apps/extract
Hello @ReinerNippes
What steps would I need to take in order to enable Nextcloud talk for my instance where I originally didn't deploy Nextcloud talk and it's dependencies.
I realise the easiest thing to do would be to re-deploy but that's not an option for me currently.
Any steps/advice would be greatly appriciated. 😄
Thanks to you Reiner I now have a working Nextcloud + Collabora instance.
After almost a week of failed attempts.
Even not knowing anything about Docker I'm very grateful for that 🙏🏼
Just one question: Is it possible to update to latest 19.x ?
If yes, how to proceed ?
Thanks again!
Gonzo
Check: https://docs.nextcloud.com/server/16/admin_manual/configuration_database/mysql_4byte_support.html
Note
Also make sure your backup strategy still work. If you use mysqldump make sure to add the --default-character-set=utf8mb4 option. Otherwise your backups are broken and restoring them will result in ? instead of the emojis, making files inaccessible.
So, if the generated nextcloud config.php file contains:
'mysql.utf8mb4' => true,
then the mysqldump command should contain the additional flag:
--default-character-set=utf8mb4
See: \roles\prep_backup\templates\backup_nextcloud.sh.j2
hi,
is it correct that the install script ignore settings like data path, it still be as default /opt/nextcloud instead of /media/1TB/nextcloud. if i choose sqlite i get nextcloud-db doesn't exist i need to choose pgsql then it will install fine.
also traefik ist installed (which i didn't enabled).
what i also don't understand it doesn't use nginx as proxy
pi@docker:~ $ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e6402851e4dd containrrr/watchtower:latest "/watchtower --clean…" 38 hours ago Up 38 hours watchtower
6dab02efcdbf nginx:alpine "nginx -g 'daemon of…" 2 days ago Up 2 days 80/tcp nginx
ab6c7790eebf nextcloud:fpm-alpine "/entrypoint.sh php-…" 2 days ago Up 2 days 9000/tcp nextcloud
2a8a450f629d redis:4-alpine "docker-entrypoint.s…" 2 days ago Up 2 days 6379/tcp redis
d708f9c8cfe9 postgres:10-alpine "docker-entrypoint.s…" 2 days ago Up 2 days 5432/tcp nextcloud-db
831001df43c9 portainer/portainer:latest "/portainer --host u…" 2 days ago Up 2 days 9000/tcp portainer
5248a92f55b2 traefik:alpine "/entrypoint.sh trae…" 2 days ago Up 2 days 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp traefik
my system i try to install on is raspbian on raspberry pi 3 b+
thank you for your support
Hi Reiner,
What is your recommended way to install ImageMagick when using this playbook?
Thanks
Description of Ansible playbook error:
TASK [docker_container : Create mysql container] *********************************************************************************************************************************************
Monday 29 April 2019 02:55:57 +0100 (0:00:00.906) 0:04:21.140 **********
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Error pulling mariadb - code: None message: no matching manifest for unknown in the manifest list entries"}
Hi 😄
Recently, Onlyoffice disabled mobile editing in the document server. In light of this. I am investigating how I can switch my existing installation from Onlyoffice to Collabora.
So far I have worked out:
docker exec --user www-data nextcloud php occ app:disable onlyoffice
{{ nextcloud_www_dir }}/apps/onlyoffice
directory.{{ nextcloud_www_dir }}/apps/richdocuments
.docker exec --user www-data nextcloud php occ app:install/enable richdocuments
docker exec --user www-data nextcloud php occ config:app:set richdocuments wopi_url --value https://{{ nextcloud_server_fqdn }}:443
Have I missed anything? 😄
Thanks!
I succesfully installed Nextcloud using this playbook. But somehow Collabora still doesn't work. When I try to op en a document I get a notification. In the logs the following errors appear:
There is an error with the rich documents app:
GuzzleHttp\Exception\ServerException: Server error: `GET https://nextcloud.domain.tld/hosting/discovery` resulted in a `502 Bad Gateway` response: <html> <head><title>502 Bad Gateway</title></head> <body> <center><h1>502 Bad Gateway</h1></center> <hr><center>ngin (truncated...)
/var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php - line 66:
GuzzleHttp\Exception\RequestException::create(GuzzleHttp\Psr7\Request {}, "*** sensiti ... *")
/var/www/html/3rdparty/guzzlehttp/promises/src/Promise.php - line 203:
GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensiti ... *")
/var/www/html/3rdparty/guzzlehttp/promises/src/Promise.php - line 156:
GuzzleHttp\Promise\Promise::callHandler(1, "*** sensiti ... *", [ GuzzleHttp ... l])
/var/www/html/3rdparty/guzzlehttp/promises/src/TaskQueue.php - line 47:
GuzzleHttp\Promise\Promise::GuzzleHttp\Promise\{closure}("*** sensiti ... *")
/var/www/html/3rdparty/guzzlehttp/promises/src/Promise.php - line 246:
GuzzleHttp\Promise\TaskQueue->run(true)
/var/www/html/3rdparty/guzzlehttp/promises/src/Promise.php - line 223:
GuzzleHttp\Promise\Promise->invokeWaitFn()
/var/www/html/3rdparty/guzzlehttp/promises/src/Promise.php - line 267:
GuzzleHttp\Promise\Promise->waitIfPending()
/var/www/html/3rdparty/guzzlehttp/promises/src/Promise.php - line 225:
GuzzleHttp\Promise\Promise->invokeWaitList()
/var/www/html/3rdparty/guzzlehttp/promises/src/Promise.php - line 62:
GuzzleHttp\Promise\Promise->waitIfPending()
/var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php - line 131:
GuzzleHttp\Promise\Promise->wait()
/var/www/html/lib/private/Http/Client/Client.php - line 161:
GuzzleHttp\Client->request("get", "https://lie ... y", { verify: "/ ... e})
/var/www/html/apps/richdocuments/lib/WOPI/DiscoveryManager.php - line 106:
OC\Http\Client\Client->get("https://lie ... y", { timeout: 5})
/var/www/html/apps/richdocuments/lib/WOPI/DiscoveryManager.php - line 78:
OCA\Richdocuments\WOPI\DiscoveryManager->fetchFromRemote()
/var/www/html/apps/richdocuments/lib/WOPI/Parser.php - line 41:
OCA\Richdocuments\WOPI\DiscoveryManager->get()
/var/www/html/apps/richdocuments/lib/TokenManager.php - line 155:
OCA\Richdocuments\WOPI\Parser->getUrlSrc("application ... t")
/var/www/html/apps/richdocuments/lib/Controller/DocumentController.php - line 184:
OCA\Richdocuments\TokenManager->getToken("*** sensiti ... *")
/var/www/html/lib/private/AppFramework/Http/Dispatcher.php - line 166:
OCA\Richdocuments\Controller\DocumentController->index("*** sensiti ... *")
/var/www/html/lib/private/AppFramework/Http/Dispatcher.php - line 99:
OC\AppFramework\Http\Dispatcher->executeController(OCA\Richdocu ... {}, "index")
/var/www/html/lib/private/AppFramework/App.php - line 118:
OC\AppFramework\Http\Dispatcher->dispatch(OCA\Richdocu ... {}, "index")
/var/www/html/lib/private/AppFramework/Routing/RouteActionHandler.php - line 47:
OC\AppFramework\App::main("OCA\\Richdo ... r", "index", OC\AppFramew ... {}, { _route: "r ... "})
<<closure>>
OC\AppFramework\Routing\RouteActionHandler->__invoke({ _route: "r ... "})
/var/www/html/lib/private/Route/Router.php - line 297:
call_user_func(OC\AppFramew ... {}, { _route: "r ... "})
/var/www/html/lib/base.php - line 987:
OC\Route\Router->match("/apps/richdocuments/index")
/var/www/html/index.php - line 42:
OC::handleRequest()
And there also is an error with 'PHP':
Cannot declare class GuzzleHttp\Exception\RequestException, because the name is already in use at /var/www/html/3rdparty/guzzlehttp/guzzle/src/Exception/RequestException.php#0
Maybe this is not a problem of this playbook, maybe it is a problem with one of its components. But I hope there are some thoughts on this!
Due to some DNS mismatch i had to get a new certificate.
This was easily fixed by running the playbook again. Although the playbook did not finish, duo to onlyoffice_documentserver already existing, i got my certificate.
I suggest either skipping the onlyoffice_documentserver or redeploy it if it exist.
System Debian 9
# Uncomment 'traefik_api_user' to get access to your Traefik dashboard at https://nextcloud_server_fqdn/traefik .
# traefik_api_user = traefik
I have traefik_api_user
commented out but unfortunately the dashboard is visible.
First of all. Congrats on this amazing installer.
One thing that I would like to know is how I restore a backup from restic if I need to rebuild my OS (or move to a different server)?
It would be great to have this instruction on README.
Cheers,
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.