Bad Gateway after update

[da3dsoul]

Behaviour

Steps to reproduce this issue

1. Update
2. Be sad

Expected behaviour

It works....

Actual behaviour

Bad Gateway

Configuration

• Docker version (type docker --version) : 19.03.3, build a872fc2f86
• Docker compose version if applicable (type docker-compose --version) : 1.23.1, build b02f1306
• Platform (Debian 9, Ubuntu 18.04, ...) : Ubuntu 20 dev build
• Include all necessary configuration files : docker-compose.yml, .env, ...

version: "3.2"

services:
  traefik:
    image: traefik:1.6-alpine
    command:
      - "--logLevel=DEBUG"
      - "--defaultentrypoints=http,https"
      - "--entryPoints=Name:http Address::80 Redirect.EntryPoint:https"
      - "--entryPoints=Name:https Address::443 TLS"
      - "--docker"
      - "--docker.exposedbydefault=false"
      - "--docker.domain=da3dsoul.shokoanime.com,da3dsoul.strangled.net"
      - "--acme=true"
      - "--acme.acmelogging=true"
      - "--acme.email=da3dsoul@gmail.com"
      - "--acme.storage=acme.json"
      - "--acme.entryPoint=https"
      - "--acme.onhostrule=true"
      - "--acme.httpchallenge=true"
      - "--acme.httpchallenge.entrypoint=http"
    ports:
      - target: 80
        published: 80
        protocol: tcp
      - target: 443
        published: 443
        protocol: tcp
    volumes:
      - "./acme.json:/acme.json"
      - "/var/run/docker.sock:/var/run/docker.sock"
    restart: always

  db:
    image: mariadb:10.2
    volumes:
      - "/home/da3dsoul/nextcloud_data/db:/var/lib/mysql"
      - "/home/da3dsoul/nextcloud_data/maria_config:/etc/mysql"
    environment:
      - "MYSQL_ALLOW_EMPTY_PASSWORD=yes"
      - "MYSQL_DATABASE=nextcloud"
      - "MYSQL_USER=nextcloud"
      - "MYSQL_PASSWORD=akJSFHKASDJ"
    ports:
      - "3306:3306"
    restart: always

  redis:
    image: redis:4.0-alpine
    restart: always

  app:
    image: crazymax/nextcloud:latest
    depends_on:
      - db
      - redis
    volumes:
      - "/media/da3dsoul/Golias:/mediavolume"
      - "/home/da3dsoul/nextcloud_data/data:/data"
    labels:
      - "traefik.enable=true"
      - "traefik.backend=nextcloud"
      - "traefik.port=8000"
      - "traefik.frontend.rule=Host:da3dsoul.shokoanime.com,da3dsoul.strangled.net"
      - "traefik.frontend.redirect.permanent=true"
      - "traefik.frontend.redirect.regex=https://(.*)/.well-known/(card|cal)dav"
      - "traefik.frontend.redirect.replacement=https://$$1/remote.php/dav/"
    env_file:
      - "./nextcloud.env"
    restart: always

  cron:
    image: crazymax/nextcloud:latest
    depends_on:
      - app
    volumes:
      - "/home/da3dsoul/nextcloud_data/data:/data"
      - "/home/da3dsoul/nextcloud_data/apps:/var/www/apps"
    command: "/usr/local/bin/cron"
    env_file:
      - "./nextcloud.env"
    restart: always

  news_updater:
    image: crazymax/nextcloud:latest
    container_name: nextcloud_news_updater
    depends_on:
      - app
    volumes:
      - "/home/da3dsoul/nextcloud_data/data:/data"
    env_file:
      - "./nextcloud.env"
    environment:
      - "SIDECAR_NEWSUPDATER=1"
      - "NC_NEWSUPDATER_THREADS=10"
      - "NC_NEWSUPDATER_TIMEOUT=300"
      - "NC_NEWSUPDATER_INTERVAL=900"
      - "NC_NEWSUPDATER_LOGLEVEL=error"
    restart: always

TZ=America/Indianapolis

PUID=1000
PGID=1000

LOG_LEVEL=DEBUG

MEMORY_LIMIT=8192M
UPLOAD_MAX_SIZE=10G
OPCACHE_MEM_SIZE=4096
APC_SHM_SIZE=1024M

REAL_IP_FROM=0.0.0.0/32
REAL_IP_HEADER=X-Forwarded-For
LOG_IP_VAR=http_x_forwarded_for

HSTS_HEADER=max-age=15768000; includeSubDomains
RP_HEADER=strict-origin
SUBDIR=

SIDECAR_CRON=1
CRON_PERIOD=*/15 * * * * \

DB_TYPE=mysql
DB_HOST=db
DB_NAME=nextcloud
DB_USER=nextcloud
DB_PASSWORD=asfjhs8934uhsgf-as908dha

I set the data folder uid:gid as the changelog says.

Docker info

Client:
 Debug Mode: false

Server:
 Containers: 9
  Running: 5
  Paused: 0
  Stopped: 4
 Images: 27
 Server Version: 19.03.3
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: b34a5c8af56e510852c35414db4c1f4fa6172339
 runc version: 3e425f80a8c931f88e6d94a8c831b9d5aa481657
 init version: fec3683
 Security Options:
  apparmor
  seccomp
   Profile: default
 Kernel Version: 5.4.6-050406-generic
 Operating System: Ubuntu Focal Fossa (development branch)
 OSType: linux
 Architecture: x86_64
 CPUs: 12
 Total Memory: 31.34GiB
 Name: THE-THRONE
 ID: 2D5T:JP75:HA62:DD7Z:MK7V:PNJN:MQCR:KYG7:TVFY:4DX5:TT7C:T6A6
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

WARNING: No swap limit support

Logs

This log? nextcloud.log is 0 bytes.....

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-fix-logs.sh: executing... 
[cont-init.d] 00-fix-logs.sh: exited 0.
[cont-init.d] 01-fix-uidgid.sh: executing... 
[cont-init.d] 01-fix-uidgid.sh: exited 0.
[cont-init.d] 02-fix-perms.sh: executing... 
Fixing perms...
[cont-init.d] 02-fix-perms.sh: exited 0.
[cont-init.d] 03-config.sh: executing... 
Setting timezone to America/Indianapolis...
Setting PHP-FPM configuration...
Setting PHP configuration...
sed: bad option in substitution expression
Setting Nginx configuration...
Initializing Nextcloud files/folders...
[cont-init.d] 03-config.sh: exited 0.
[cont-init.d] 04-svc-main.sh: executing... 
[cont-init.d] 04-svc-main.sh: exited 0.
[cont-init.d] 05-svc-cron.sh: executing... 
>>
>> Sidecar cron container detected for Nextcloud
>>
Creating Nextcloud cron task with the following period fields : */15 * * * * \
Fixing crontabs permissions...
[cont-init.d] 05-svc-cron.sh: exited 0.
[cont-init.d] 06-svc-news-updater.sh: executing... 
[cont-init.d] 06-svc-news-updater.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
crond: crond (busybox 1.30.1) started, log level 8
[services.d] done.
^C
That's it. Maria and Traefik start as expected

I don't know what else to look for. Bad Gateway tells me nothing other than it's somewhere in the nextcloud container. The logs are useless to me, as it doesn't report an error.

[da3dsoul]

When watching docker-compose logs -f I noticed this:

app_1_3ca37d74f848 | crond: USER nextcloud pid 342 cmd \ php -f /var/www/cron.php
app_1_3ca37d74f848 | /bin/ash:  php: not found

[crazy-max]

@da3dsoul Your compose file looks outdated (specially the cron service not usingSIDECAR_CRON env var). Please see CHANGELOG.md for changes and current compose example in examples/traefik. Also what was the previous docker tag / nextcloud version you used?

[da3dsoul]

The SIDECAR thing is in the env file. The previous one was from a few months ago. I think September. It was on Nextcloud's last version for 16 (I think).

[da3dsoul]

https://github.com/crazy-max/docker-nextcloud/commit/073e936d6fd69b754c3ceab1dc16dce4cf5f2e8f I think it was this one

[da3dsoul]

I can tell a lot has changed, and I tried to go through and do all of the things that it said, but IDK

[crazy-max]

@da3dsoul

The SIDECAR thing is in the env file.

This must be used ONLY for your cron service and not for your app and news_updater service. Please review your compose file with the current one.

[da3dsoul]

Good to know. I'll try it

[da3dsoul]

Okay, that got me a bit further. I got a 500. After some more searching, it said to do an occ check followed by an occ upgrade and while that hasn't fixed it, that gave more info. It says that it can't create the data directory. The data directory exists, and the fact that it wants to make one says that it can't even see the data dir. Because I'm all about security, I had done a chown 1000:100 -R {data} and chmod 777 -R {data} per the changelog.md saying to chown it to the user. Any ideas?

[crazy-max]

I had done a chown 1000:100 -R {data} and chmod 777 -R {data}

Should be 1000:1000

[da3dsoul]

Tried that first, then 1000:100 (changed in the env, too). Neither did the trick

[crazy-max]

@da3dsoul Can you post your logs please?

[da3dsoul]

nextcloud_docker.log Heads up, that log is not small. It's the docker output

[da3dsoul]

In docker exec -it nextcloud_app... sh

/var/www # ls -lna /data
total 488
drwxrwxrwx    8 1000     1000          4096 Jan 19 16:52 .
drwxr-xr-x    1 0        0             4096 Jan 20 06:35 ..
-rwxrwxrwx    1 1000     1000             1 Sep 11 05:52 .ocdata
drwxrwxrwx    2 1000     1000          4096 Jan 20 06:35 config
drwxrwxrwx    4 1000     1000          4096 Sep 13 07:22 data
drwxrwxrwx    2 1000     1000        462848 Jan 19 21:15 session
drwxrwxrwx    3 1000     1000          4096 Aug 14 14:56 themes
drwxrwxrwx    2 1000     1000          4096 Sep 13 07:22 tmp
drwxrwxrwx    6 1000     1000          4096 Jan 20 08:27 userapps
/var/www # ls -lna /data/data
total 20
drwxrwxrwx    4 1000     1000          4096 Sep 13 07:22 .
drwxrwxrwx    8 1000     1000          4096 Jan 19 16:52 ..
-rwxrwxrwx    1 1000     1000           324 Sep 13 07:22 .htaccess
-rwxrwxrwx    1 1000     1000             0 Sep 13 07:22 .ocdata
drwxrwxrwx    5 1000     1000          4096 Sep 13 07:22 appdata_ocmoe9d6l1yu
drwxrwxrwx    3 1000     1000          4096 Sep 13 07:22 da3dsoul2
-rwxrwxrwx    1 1000     1000             0 Sep 13 07:22 index.html
-rwxrwxrwx    1 1000     1000             0 Sep 13 07:01 nextcloud.log
/var/www # 

Inside the container, it seems fine...

[crazy-max]

Post your compose and .env files again please

[da3dsoul]

version: "3.2"

services:
  traefik:
    image: traefik:1.6-alpine
    command:
      - "--logLevel=INFO"
      - "--defaultentrypoints=http,https"
      - "--entryPoints=Name:http Address::80 Redirect.EntryPoint:https"
      - "--entryPoints=Name:https Address::443 TLS"
      - "--docker"
      - "--docker.exposedbydefault=false"
      - "--docker.domain=da3dsoul.shokoanime.com,da3dsoul.strangled.net"
      - "--acme=true"
      - "--acme.acmelogging=true"
      - "--acme.email=da3dsoul@gmail.com"
      - "--acme.storage=acme.json"
      - "--acme.entryPoint=https"
      - "--acme.onhostrule=true"
      - "--acme.httpchallenge=true"
      - "--acme.httpchallenge.entrypoint=http"
    ports:
      - target: 80
        published: 80
        protocol: tcp
      - target: 443
        published: 443
        protocol: tcp
    volumes:
      - "./acme.json:/acme.json"
      - "/var/run/docker.sock:/var/run/docker.sock"
    restart: always

  db:
    image: mariadb:10.2
    volumes:
      - "/home/da3dsoul/nextcloud_data/db:/var/lib/mysql"
      - "/home/da3dsoul/nextcloud_data/maria_config:/etc/mysql"
    environment:
      - "MYSQL_ALLOW_EMPTY_PASSWORD=yes"
      - "MYSQL_DATABASE=nextcloud"
      - "MYSQL_USER=nextcloud"
      - "MYSQL_PASSWORD=sdlkkafjoavimroei"
    ports:
      - "3306:3306"
    restart: always

  redis:
    image: redis:4.0-alpine
    restart: always

  app:
    image: crazymax/nextcloud:latest
    depends_on:
      - db
      - redis
    volumes:
      - "/media/da3dsoul/Golias:/mediavolume"
      - "/home/da3dsoul/nextcloud_data/data:/data"
      - "/home/da3dsoul/nextcloud_data/php_config:/etc/php7"
    labels:
      - "traefik.enable=true"
      - "traefik.backend=nextcloud"
      - "traefik.port=8000"
      - "traefik.frontend.rule=Host:da3dsoul.shokoanime.com,da3dsoul.strangled.net"
      - "traefik.frontend.redirect.permanent=true"
      - "traefik.frontend.redirect.regex=https://(.*)/.well-known/(card|cal)dav"
      - "traefik.frontend.redirect.replacement=https://$$1/remote.php/dav/"
    env_file:
      - "./nextcloud.env"
    restart: always

  cron:
    image: crazymax/nextcloud:latest
    depends_on:
      - app
    volumes:
      - "/home/da3dsoul/nextcloud_data/data:/data"
      - "/home/da3dsoul/nextcloud_data/php_config:/etc/php7"
    command: "/usr/local/bin/cron"
    env_file:
      - "./nextcloud.env"
    environment:
      - "SIDECAR_CRON=1"
      - "CRON_PERIOD=*/15 * * * *"
    restart: always

  news_updater:
    image: crazymax/nextcloud:latest
    container_name: nextcloud_news_updater
    depends_on:
      - app
    volumes:
      - "/home/da3dsoul/nextcloud_data/data:/data"
      - "/home/da3dsoul/nextcloud_data/php_config:/etc/php7"
    env_file:
      - "./nextcloud.env"
    environment:
      - "SIDECAR_NEWSUPDATER=1"
      - "NC_NEWSUPDATER_THREADS=10"
      - "NC_NEWSUPDATER_TIMEOUT=300"
      - "NC_NEWSUPDATER_INTERVAL=900"
      - "NC_NEWSUPDATER_LOGLEVEL=error"
    restart: always

TZ=America/Indianapolis

PUID=1000
PGID=1000

MEMORY_LIMIT=1024M
UPLOAD_MAX_SIZE=10G
OPCACHE_MEM_SIZE=4096
APC_SHM_SIZE=1024M

REAL_IP_FROM=0.0.0.0/32
REAL_IP_HEADER=X-Forwarded-For
LOG_IP_VAR=http_x_forwarded_for

HSTS_HEADER=max-age=15768000; includeSubDomains
RP_HEADER=strict-origin
SUBDIR=

DB_TYPE=mysql
DB_HOST=db
DB_NAME=nextcloud
DB_USER=nextcloud
DB_PASSWORD=sdlkkafjoavimroei

[da3dsoul]

More permission checking:

da3dsoul@THE-THRONE:~/nextcloud$ docker exec -it -u 1000 nextcloud_app_1_60f3881270e9 sh
/var/www $ php occ upgrade
Nextcloud or one of the apps require upgrade - only a limited number of commands are available
You may use your browser or the occ upgrade command to do the upgrade
Cannot create "data" directory
This can usually be fixed by giving the webserver write access to the root directory. See https://docs.nextcloud.com/server/17/go.php?to=admin-dir_permissions

An unhandled exception has been thrown:
Exception: Environment not properly prepared. in /var/www/lib/private/Console/Application.php:166
Stack trace:
#0 /var/www/console.php(96): OC\Console\Application->loadCommands(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#1 /var/www/occ(11): require_once('/var/www/consol...')
#2 {main}/var/www $ ls -lna /
total 124
drwxr-xr-x    1 0        0             4096 Jan 20 06:35 .
drwxr-xr-x    1 0        0             4096 Jan 20 06:35 ..
-rwxr-xr-x    1 0        0                0 Jan 20 06:35 .dockerenv
drwxr-xr-x    1 0        0            12288 Dec 19 12:38 bin
drwxrwxrwx    8 1000     1000          4096 Jan 19 16:52 data
drwxr-xr-x    5 0        0              340 Jan 20 06:35 dev
drwxr-xr-x    1 0        0             4096 Jan 20 06:35 etc
drwxr-xr-x    1 0        0             4096 Dec 19 12:39 home
-rwxr-xr-x    1 0        0              389 Mar 21  2019 init
drwxr-xr-x    1 0        0             4096 Dec 19 12:38 lib
drwxr-xr-x    2 0        0             4096 Mar 21  2019 libexec
drwxr-xr-x    5 0        0             4096 Oct 21 09:39 media
drwxrwxrwx    1 0        0            16384 Jan 19 16:27 mediavolume
drwxr-xr-x    2 0        0             4096 Oct 21 09:39 mnt
drwxr-xr-x    2 0        0             4096 Oct 21 09:39 opt
dr-xr-xr-x  450 0        0                0 Jan 20 06:35 proc
drwx------    1 0        0             4096 Jan 20 08:26 root
drwxr-xr-x    1 0        0             4096 Jan 20 06:35 run
drwxr-xr-x    1 0        0             4096 Dec 19 12:38 sbin
drwxr-xr-x    2 0        0             4096 Oct 21 09:39 srv
dr-xr-xr-x   13 0        0                0 Jan 20 06:35 sys
drwxrwxrwt    1 0        0             4096 Jan 20 10:58 tmp
drwxr-xr-x    1 1000     1000          4096 Dec 19 12:38 tpls
drwxr-xr-x    1 0        0             4096 Dec 19 12:38 usr
drwxr-xr-x    1 0        0             4096 Dec 19 12:38 var
/var/www $ ls -lna /var/www
total 164
drwxr-xr-x    1 65534    65533         4096 Jan 20 06:35 .
drwxr-xr-x    1 0        0             4096 Dec 19 12:38 ..
-rw-r--r--    1 65534    65533         2537 Dec 19 03:47 .htaccess
-rw-r--r--    1 65534    65533          101 Dec 19 03:47 .user.ini
drwxr-xr-x   33 65534    65533         4096 Dec 19 12:39 3rdparty
-rw-r--r--    1 65534    65533        12063 Dec 19 03:47 AUTHORS
-rw-r--r--    1 65534    65533        34520 Dec 19 03:47 COPYING
drwxr-xr-x   42 65534    65533         4096 Dec 19 12:39 apps
drwxr-xr-x    1 1000     1000          4096 Jan 20 06:35 config
-rw-r--r--    1 65534    65533         3805 Dec 19 03:47 console.php
drwxr-xr-x   23 65534    65533         4096 Dec 19 12:39 core
-rw-r--r--    1 65534    65533         4993 Dec 19 03:47 cron.php
-rw-r--r--    1 65534    65533          156 Dec 19 03:47 index.html
-rw-r--r--    1 65534    65533         3172 Dec 19 03:47 index.php
drwxr-xr-x    6 65534    65533         4096 Dec 19 12:39 lib
-rw-r--r--    1 65534    65533          283 Dec 19 03:47 occ
drwxr-xr-x    2 65534    65533         4096 Dec 19 12:39 ocm-provider
drwxr-xr-x    2 65534    65533         4096 Dec 19 12:38 ocs
drwxr-xr-x    2 65534    65533         4096 Dec 19 12:38 ocs-provider
-rw-r--r--    1 65534    65533         2951 Dec 19 03:47 public.php
-rw-r--r--    1 65534    65533         5139 Dec 19 03:47 remote.php
drwxr-xr-x    4 65534    65533         4096 Dec 19 12:39 resources
-rw-r--r--    1 65534    65533           26 Dec 19 03:47 robots.txt
drwxr-xr-x   13 65534    65533         4096 Dec 19 12:39 settings
-rw-r--r--    1 65534    65533         2287 Dec 19 03:47 status.php
lrwxrwxrwx    1 0        0               12 Jan 20 06:35 themes -> /data/themes
lrwxrwxrwx    1 0        0               14 Jan 20 06:35 userapps -> /data/userapps
-rw-r--r--    1 65534    65533          362 Dec 19 03:51 version.php
/var/www $ ls -lna /var/www/config
total 72
drwxr-xr-x    1 1000     1000          4096 Jan 20 06:35 .
drwxr-xr-x    1 65534    65533         4096 Jan 20 06:35 ..
-rw-r--r--    1 1000     1000           264 Dec 19 03:47 .htaccess
-rw-r--r--    1 1000     1000             0 Dec 19 03:47 CAN_INSTALL
lrwxrwxrwx    1 1000     1000            23 Jan 20 06:35 config.php -> /data/config/config.php
-rw-r--r--    1 1000     1000         52964 Dec 19 03:47 config.sample.php
/var/www $ 

[crazy-max]

@da3dsoul,

Permission are not ok. Type chown -R 1000:1000 /home/da3dsoul/nextcloud_data/data to fix it.

And again, your compose file is wrong. command: "/usr/local/bin/cron" should not be there for example and there are other mistakes. So please start over examples/traefik compose file.