Closed arminus closed 3 months ago
@arminus What's the output of docker-compose exec nextcloud occ config:list system
?
Your command returns this:
❯ docker-compose exec nextcloud occ config:list system
Console has to be executed with the user that owns the file config/config.php
Current user id: 1000
Owner id of config.php: 1024
Try adding 'sudo -u #1024' to the beginning of the command (without the single quotes)
If running with 'docker exec' try adding the option '-u 1024' to the docker command (without the single quotes)
Since I think the user in the container is actually nextcloud, I tried this:
❯ docker exec -it --user nextcloud nextcloud bash
bash-5.1$ ps -ef
PID USER TIME COMMAND
1 root 0:00 s6-svscan -t0 /var/run/s6/services
36 root 0:00 s6-supervise s6-fdholderd
534 root 0:00 s6-supervise php-fpm
535 root 0:00 s6-supervise nginx
536 root 0:00 s6-supervise socklog/log
537 root 0:00 s6-supervise socklog
538 nextclou 0:00 php-fpm: master process (/etc/php8/php-fpm.conf)
540 nobody 0:00 s6-log -bp - +^cron\. T /var/log/socklog/cron - +^daemon\. T /var/log/socklog/daemon - +^\.debug: T /var/log/socklog/debu
541 nextclou 0:00 nginx: master process nginx -g daemon off;
543 nobody 0:00 socklog unix /dev/log
565 nextclou 0:00 nginx: worker process
566 nextclou 0:00 nginx: worker process
567 nextclou 0:00 nginx: worker process
568 nextclou 0:00 nginx: worker process
719 nextclou 0:00 php-fpm: pool www
720 nextclou 0:00 php-fpm: pool www
1152 nextclou 0:00 bash
1168 nextclou 0:00 ps -ef
bash-5.1$ occ config:list system
error: failed switching to "nextcloud:nextcloud": operation not permitted
same error with --user 1024:
❯ docker exec -it --user 1024 nextcloud bash
bash-5.1$ occ config:list system
error: failed switching to "nextcloud:nextcloud": operation not permitted
bash-5.1$ ls -al config/config.php
lrwxrwxrwx 1 nextclou nextclou 23 Apr 10 19:43 config/config.php -> /data/config/config.php
bash-5.1$ ls -al /data/config/config.php
-rw-r--r-- 1 1024 users 1101 Apr 10 19:43 /data/config/config.php
I don't have a user defined in the docker-compose.yml
What might play a role here: the data volume is like this:
volumes:
- "/mnt/sshfs/nextcloud:/data"
This is mounted like this on the docker host:
sshfs -o allow_other -o idmap=user admin@192.168.0.125:/2TB /mnt/sshfs
There are no file permission errors anywhere in the docker logs, so I assumed everything is ok.
I don't think this is an issue with this image but your nginx configuration that you might need to tweak. Look for the overwrite.cli.url
or any other CSP-related settings in config.php
. Seems similar to https://github.com/nextcloud/server/issues/44685
Behaviour
Nextcloud appears to be installed and configured fine, no obvious errors in the docker logs, but I can't login.
Steps to reproduce this issue
Expected behaviour
Being able to actually log in
Actual behaviour
After clicking login, I just get back to the login screen again. Error in the console:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-VzdtY3lOL0Zia1BrNnBvYjJ3Y2xOZWFlOERsYm1OMEhyVnRSNVl6K0Yrbz06Yk5QbWpvMldXbWlOck5STjRtaFNUYlBYczJ3MXFhNVI1eUZvb2NyTldvOD0='". Either the 'unsafe-inline' keyword, a hash ('sha256-rwMOiOeVICH7/Cjy5SkreID3OOi5HTrit357k22hUDQ='), or a nonce ('nonce-...') is required to enable inline execution.
Removing RP_HEADER from .env and restarting the containers didn't make a difference. Happens in Firefox, Brave and Chrome - all most current version.
Configuration
docker --version
) : 20.10.5+dfsg1, build 55c4c88docker-compose --version
) : 1.25.0uname -a
) : Linux pi4 5.15.32-v8+ #1538 SMP PREEMPT Thu Mar 31 19:40:39 BST 2022 aarch64 GNU/Linuxdocker-compose.yml
,.env
, ... -> basically the same as in examples, just changed the volumesDocker info
Logs