Scripted installation of Nextcloud 28 in iocage jail 2018-03-23

[danb35]

In your script however, you skip this step.

Correct, as it's optional. It also can only be done on datasets, so if you hadn't created a db dataset for the database (you were just using a directory instead), it would fail. If you want to revert that (though you shouldn't), you'd run zfs set primarycache=all YOURDRIVENAME/db.

 

[cunningorb]

Believe it or not, I'm having trouble on freenas 11.2 U1 getting the script to run. At first it was due to jails being active on the wrong pool, fixed that. Now when I run the script it only gets as far as creating the iocage folders and then just spits a bunch of errors about jail not found. Tried creating jail 11.2 release through the new UI and then running the script but it still errors out.
This was a pretty fresh install of 11.2 on my main storage pool and I followed the script readme instructions to the letter. Any tips on further troubleshooting steps?

 

[Sanfe]

For anyone feeling adventurous, I've created a nextcloud-15 branch to install Nextcloud 15 rather than 14. So far, the only change I've made is to download NC15 rather than 14, and it seems to be working. Further testing would be welcome, of course.

Can I try?

 

[danb35]

Can I try?

Sure, just check out the nextcloud-15 branch. git clone -b nextcloud-15 https://github.com/danb35/freenas-iocage-nextcloud should do the trick.

 

[Sanfe]

Code:

[root@freenas ~]# cd /tmp
[root@freenas /tmp]# git clone -b nextcloud-15 https://github.com/danb35/freenas-iocage-nextcloud
Cloning into 'freenas-iocage-nextcloud'...
fatal: unable to access 'https://github.com/danb35/freenas-iocage-nextcloud/': Could not resolve host: github.com
[root@freenas /tmp]#

 

[danb35]

fatal: unable to access 'https://github.com/danb35/freenas-iocage-nextcloud/': Could not resolve host: github.com

You've got network problems on your FreeNAS server. Do you have a DNS server set up?

 

[gt2416]

@Sanfe If you use iOS, don't upgrade to 15 yet, the mobile app is completely unusable at the moment and will consistently crash and freeze.

 

[Sanfe]

You've got network problems on your FreeNAS server. Do you have a DNS server set up?

I changed my network to work without DHCP, and i forgot to setup the gateway. I made ping and now i have internet access. Thanks, and sorry about the inconvenience.
@gt2416 I use android phone, Ios Ipad, Windows and macbookPro, so...

Thanks! i will try.

 

[gt2416]

@Sanfe Then only your ios iPad wont work well with nextcloud 15 at the moment. Just wanted to give you a heads up.

 

[Sanfe]

Installation success with 0 errors.
After launching next cloud I have some warnings, but everything seems to work

 

[jsherm101]

EDIT: Ignore below. The issue was related to my stored release of freebsd having the wrong permissions set in the /tmp directory.

----
Has something gone awry with Nextcloud and freenas? I've tried using both the plugin and the script linked above for Nextcloud 15 and I keep hitting this error when trying to connect to the mysql database

ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2 "No such file or directory")

same error when typing "mysql" from within the jail

trying to start mysql-server leads to a long pause and it doesn't appear to start.


output of nextcloud.err:

Code:

190131 22:06:47 mysqld_safe mysqld from pid file /var/db/mysql/nextcloud.pid ended
190131 22:15:36 mysqld_safe Starting mysqld daemon with databases from /var/db/mysql
2019-01-31 22:15:36 34420645888 [Warning] option 'table_open_cache': unsigned value 4 adjusted to 10
2019-01-31 22:15:36 34420645888 [Warning] option 'table_open_cache': unsigned value 4 adjusted to 10
2019-01-31 22:15:36 34420645888 [Note] /usr/local/libexec/mysqld (mysqld 10.1.37-MariaDB) starting as process 60693 ...
2019-01-31 22:15:36 34420645888 [Note] InnoDB: innodb_empty_free_list_algorithm has been changed to legacy because of small b$

2019-01-31 22:15:36 34420645888 [Note] InnoDB: Using mutexes to ref count buffer pool pages
2019-01-31 22:15:36 34420645888 [Note] InnoDB: The InnoDB memory heap is disabled
2019-01-31 22:15:36 34420645888 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2019-01-31 22:15:36 34420645888 [Note] InnoDB: GCC builtin __atomic_thread_fence() is used for memory barrier
2019-01-31 22:15:36 34420645888 [Note] InnoDB: Compressed tables use zlib 1.2.11
2019-01-31 22:15:36 34420645888 [Note] InnoDB: Using SSE crc32 instructions
2019-01-31 22:15:36 34420645888 [ERROR] mysqld: Can't create/write to file '/tmp/ibEk7z1j' (Errcode: 13 "Permission denied")
2019-01-31 22:15:36 803a16000  InnoDB: Error: unable to create temporary file; errno: 13
2019-01-31 22:15:36 34420645888 [ERROR] Plugin 'InnoDB' init function returned error.
2019-01-31 22:15:36 34420645888 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed.
2019-01-31 22:15:36 34420645888 [Note] Plugin 'FEEDBACK' is disabled.
2019-01-31 22:15:36 34420645888 [ERROR] Unknown/unsupported storage engine: InnoDB
2019-01-31 22:15:36 34420645888 [ERROR] Aborting

/tmp permissions are 777

 

[Visseroth]

I just can't seem to get any versions of NextCloud installed without errors!

Anyhow, I tried the script, everything went well except the certificate. I'm using a standalone cert

Here's what I have...

nextcloud-config

Code:

JAIL_IP="InsertedJailIP"
DEFAULT_GW_IP="InsertedGWIP"
INTERFACE="cxgbe0"
VNET="off"
POOL_PATH="/mnt/Data"
JAIL_NAME="NextCloud"
TIME_ZONE="America/Los_Angeles"
HOST_NAME="NextCloud"
DB_PATH="/mnt/Data/JailHouse/NextCloudData/db"
FILES_PATH="/mnt/Data/JailHouse/NextCloudData/config"
PORTS_PATH="/mnt/Data/JailHouse/NextCloudData/portsnap"
STANDALONE_CERT=1
DNS_CERT=0
SELFSIGNED_CERT=0
NO_CERT=0
TEST_CERT="--test"

I changed the iocage jail version to 11.2 on line 136

Code:

if [ "${RELEASE}" = "11.2-RELEASE" ]; then

acme.sh --issue -d NextCloud --force -w /usr/local/www/apache24/data -k 4096 --fullchain-file /usr/local/etc/pki/tls/certs/fullchain.pem --key-file /usr/local/etc/pki/tls/private/privkey.pem --reloadcmd "service apache24 reload"

Gives me...

Code:

[Fri Feb  1 00:51:08 PST 2019] Single domain='NextCloud'
[Fri Feb  1 00:51:08 PST 2019] Getting domain auth token for each domain
[Fri Feb  1 00:51:08 PST 2019] Getting webroot for domain='NextCloud'
[Fri Feb  1 00:51:08 PST 2019] Getting new-authz for domain='NextCloud'
[Fri Feb  1 00:51:10 PST 2019] The new-authz request is ok.
[Fri Feb  1 00:51:10 PST 2019] new-authz error: {"type":"urn:acme:error:malformed","detail":"Error creating new authz :: DNS name does not have enough labels","status": 400}
[Fri Feb  1 00:51:10 PST 2019] Please add '--debug' or '--log' to check more details.
[Fri Feb  1 00:51:10 PST 2019] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh

service apache24 restart comes back with...

Code:

Performing sanity check on apache24 configuration:
AH00526: Syntax error on line 27 of /usr/local/etc/apache24/Includes/NextCloud.conf:
SSLCertificateFile: file '/usr/local/etc/pki/tls/certs/fullchain.pem' does not exist or is empty

Line 27 reads...

Code:

  SSLCertificateFile /usr/local/etc/pki/tls/certs/fullchain.pem

/usr/local/etc/pki/tls/certs/ has no files

What am I missing?

 

[Visseroth]

Bump...
I'm letting at a stopping point until someone can give me a hand with this.

 

[jsherm101]

Bump...
I'm letting at a stopping point until someone can give me a hand with this.

you're telling letsencrypt to request a standalone certificate for "Nextcloud" which is not a domain you own, nor a real domain

you probably want self-signed.

 

[Visseroth]

Huh, well that makes sense.
Question is where do I put that information? I do have a sub-domain to my domain that I am using xxxx.xxxxxxxx.com

Edit: I should add that I did try the DNS option and enabled the configs/acme_dns_issue.sh script but I think I see what you're saying now after reading the instructions again. I need to set the Host Name to my domain that I plan on using so DNS can resolve accordingly and since I am using PfSense I have already put in my DNS Resolver a redirect for the inside of the network.
I will delete and re-execute the script with my external domain name as the hostname.

 

[Visseroth]

Well that did the trick, I am running and online

 

[vincentemmanuel]

Hi guys. I've got most of the issue ironed out and now ready to issue the real ssl cert and upon follow the instructions and executing the command, there's a no command found error.

Would there be something I'm missing out?

 

[danb35]

upon follow the instructions and executing the command, there's a no command found error.

Exactly what command did you run, and what was the exact output?

 

[vincentemmanuel]

Exactly what command did you run, and what was the exact output?

Code:

[root@nextcloud ~]# acme.sh --issue -d xxx.xxxx.com --force -w /usr/local/www/apache24/data -k 4096 --fullchain-file /usr/local/etc/pki/tls/certs/fullchain.pem --key-file /usr/local/etc/pki/tls/private/privkey.pem --reloadcmd "service apache24 reload"
-bash: acme.sh: command not found

 

[danb35]

-bash: acme.sh: command not found

That's strange; the $PATH variable should have been updated to address that. What happens if you instead run .acme.sh/acme.sh?