search

danb35 / freenas-iocage-nextcloud

Script to create an iocage jail on FreeNAS for the latest Nextcloud 28 release, including Caddy, MariaDB or PostgreSQL, and Let's Encrypt
GNU General Public License v3.0
258 stars 71 forks source link

cant access page #115

Closed baztardo-snow closed 4 years ago

baztardo-snow commented 4 years ago

I attempted To install Nextcloud form the script every thing seam to install fine the only error I noticed is:

mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user 'root'@'localhost' (using password: NO)'
Command: mysqladmin reload failed!

I cant access the Nextcloud site at all just looks like connection refused

I forwarded the port on The router. I created all the DataSet needed. I modified the permission for db whit User: mysql Group: mysql The others for config, themes, whit User: www Group: www

I cloned the Git repo created the nextcloud-config file

JAIL_IP="192.168.0.101"
DEFAULT_GW_IP="192.168.0.1"
POOL_PATH="/mnt/NAS1/cloud"
TIME_ZONE="America/Toronto"
HOST_NAME="www.FQDN.ca"
STANDALONE_CERT=1
CERT_EMAIL="name@FQDN.ca"
JAIL_NAME="nextcloud"
DB_PATH="/mnt/SSD/apps/nextcloud/db"
FILES_PATH="/mnt/SSD/apps/nextcloud/files"
CONFIG_PATH="/mnt/SSD/apps/nextcloud/config"
THEMES_PATH="/mnt/SSD/apps/nextcloud/themes"

Ran the scrpit and it finished whit :

Default module: OC_DEFAULT_MODULE
Encryption disabled
Set mode for background jobs to 'cron'
Successfully removed mount from nextcloud's fstab
Installation complete!
Using your web browser, go to https://www.FQDN.ca to log in
Default user is admin, password is SoMePasSwoRd

Database Information
--------------------
Database user = nextcloud
Database password = PASSWORD
The MariaDB root password is PASSWORD
All passwords are saved in /root/nextcloud_db_password.txt

You have obtained your Let's Encrypt certificate using the staging server.
This certificate will not be trusted by your browser and will cause SSL errors
when you connect.  Once you've verified that everything else is working
correctly, you should issue a trusted certificate.  To do this, run:
  iocage exec nextcloud /root/remove-staging.sh

I SSH into Nextcloud here is the caddy log

root@freenas[/mnt/NAS1/steve]# iocage console nextcloud
Last login: Mon May 18 00:27:14 on pts/3
FreeBSD 11.3-RELEASE-p7 (FreeNAS.amd64) #0 r325575+ca0f1a6ba25(HEAD): Tue Apr 21 20:46:20 UTC 2020

Welcome to FreeBSD!

Release Notes, Errata: https://www.FreeBSD.org/releases/
Security Advisories:   https://www.FreeBSD.org/security/
FreeBSD Handbook:      https://www.FreeBSD.org/handbook/
FreeBSD FAQ:           https://www.FreeBSD.org/faq/
Questions List: https://lists.FreeBSD.org/mailman/listinfo/freebsd-questions/
FreeBSD Forums:        https://forums.FreeBSD.org/

Documents installed with the system are in the /usr/local/share/doc/freebsd/
directory, or can be installed later with:  pkg install en-freebsd-doc
For other languages, replace "en" with a language code like de or fr.

Show the version of FreeBSD installed:  freebsd-version ; uname -a
Please include that output and any error messages when posting questions.
Introduction to manual pages:  man man
FreeBSD directory layout:      man hier

Edit /etc/motd to change this login announcement.
root@nextcloud:~ # cat /var/log/caddy.log
2020/05/18 00:27:10 [INFO] Caddy version: v1.0.4
2020/05/18 00:27:10 [INFO][cache:0xc0001e6320] Started certificate maintenance routine
Activating privacy features... 2020/05/18 00:27:16 [INFO][www.FQDN.ca] Obtain certificate
2020/05/18 00:27:16 [INFO][www.FQDN.ca] Obtain: Waiting on rate limiter...
2020/05/18 00:27:16 [INFO][www.FQDN.ca] Obtain: Done waiting
2020/05/18 00:27:16 [INFO] [www.FQDN.ca] acme: Obtaining bundled SAN certificate
2020/05/18 00:27:16 [INFO] [www.FQDN.ca] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445584
2020/05/18 00:27:16 [INFO] [www.FQDN.ca] acme: Could not find solver for: tls-alpn-01
2020/05/18 00:27:16 [INFO] [www.FQDN.ca] acme: use http-01 solver
2020/05/18 00:27:16 [INFO] [www.FQDN.ca] acme: Trying to solve HTTP-01
2020/05/18 00:27:32 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445584
2020/05/18 00:27:32 [INFO] Unable to deactivate the authorization: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445584
2020/05/18 00:27:32 [ERROR][www.FQDN.ca] failed to obtain certificate: acme: Error -> One or more domains had a problem:
[www.FQDN.ca] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Fetching http://www.FQDN.ca/.well-known/acme-challenge/e_2KFyOGpCEFBO50R6vCgJlMkkoie7wp4UF3bvvcbtk: Timeout during connect (likely firewall problem), url: (attempt 1/3; challenge=http-01)
2020/05/18 00:27:33 [INFO] [www.FQDN.ca] acme: Obtaining bundled SAN certificate
2020/05/18 00:27:33 [INFO] [www.FQDN.ca] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445622
2020/05/18 00:27:33 [INFO] [www.FQDN.ca] acme: Could not find solver for: tls-alpn-01
2020/05/18 00:27:33 [INFO] [www.FQDN.ca] acme: use http-01 solver
2020/05/18 00:27:33 [INFO] [www.FQDN.ca] acme: Trying to solve HTTP-01
2020/05/18 00:27:48 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445622
2020/05/18 00:27:48 [INFO] Unable to deactivate the authorization: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445622
2020/05/18 00:27:48 [ERROR][www.FQDN.ca] failed to obtain certificate: acme: Error -> One or more domains had a problem:
[www.FQDN.ca] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Fetching http://www.FQDN.ca/.well-known/acme-challenge/XpbLyHtUC-8Ns0NPNC_RdjbNzlcr9-ri0VmuRsE82XA: Timeout during connect (likely firewall problem), url: (attempt 2/3; challenge=http-01)
2020/05/18 00:27:49 [INFO] [www.FQDN.ca] acme: Obtaining bundled SAN certificate
2020/05/18 00:27:49 [INFO] [www.FQDN.ca] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445672
2020/05/18 00:27:49 [INFO] [www.FQDN.ca] acme: Could not find solver for: tls-alpn-01
2020/05/18 00:27:49 [INFO] [www.FQDN.ca] acme: use http-01 solver
2020/05/18 00:27:49 [INFO] [www.FQDN.ca] acme: Trying to solve HTTP-01
2020/05/18 00:28:11 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445672
2020/05/18 00:28:11 [INFO] Unable to deactivate the authorization: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445672
2020/05/18 00:28:11 [ERROR][www.FQDN.ca] failed to obtain certificate: acme: Error -> One or more domains had a problem:
[www.FQDN.ca] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Fetching http://www.FQDN.ca/.well-known/acme-challenge/3Jr5rKm2b4piXJHf1XuvvS92Kxi1B8UzuAzHTAWj9p4: Timeout during connect (likely firewall problem), url: (attempt 3/3; challenge=http-01)
2020/05/18 00:28:12 [INFO] [www.FQDN.ca] acme: Obtaining bundled SAN certificate
2020/05/18 00:28:12 [INFO] [www.FQDN.ca] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445737
2020/05/18 00:28:12 [INFO] [www.FQDN.ca] acme: use tls-alpn-01 solver
2020/05/18 00:28:12 [INFO] [www.FQDN.ca] acme: Trying to solve TLS-ALPN-01
2020/05/18 00:28:30 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445737
2020/05/18 00:28:30 [INFO] Unable to deactivate the authorization: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445737
2020/05/18 00:28:30 [ERROR][www.FQDN.ca] failed to obtain certificate: acme: Error -> One or more domains had a problem:
[www.FQDN.ca] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Timeout during connect (likely firewall problem), url: (attempt 1/3; challenge=tls-alpn-01)
2020/05/18 00:28:31 [INFO] [www.FQDN.ca] acme: Obtaining bundled SAN certificate
2020/05/18 00:28:32 [INFO] [www.FQDN.ca] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445849
2020/05/18 00:28:32 [INFO] [www.FQDN.ca] acme: use tls-alpn-01 solver
2020/05/18 00:28:32 [INFO] [www.FQDN.ca] acme: Trying to solve TLS-ALPN-01
2020/05/18 00:28:44 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445849
2020/05/18 00:28:44 [INFO] Unable to deactivate the authorization: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445849
2020/05/18 00:28:44 [ERROR][www.FQDN.ca] failed to obtain certificate: acme: Error -> One or more domains had a problem:
[www.FQDN.ca] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Timeout during connect (likely firewall problem), url: (attempt 2/3; challenge=tls-alpn-01)
2020/05/18 00:28:45 [INFO] [www.FQDN.ca] acme: Obtaining bundled SAN certificate
2020/05/18 00:28:45 [INFO] [www.FQDN.ca] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445907
2020/05/18 00:28:45 [INFO] [www.FQDN.ca] acme: use tls-alpn-01 solver
2020/05/18 00:28:45 [INFO] [www.FQDN.ca] acme: Trying to solve TLS-ALPN-01
2020/05/18 00:28:59 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445907
2020/05/18 00:29:00 [INFO] Unable to deactivate the authorization: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/57445907
2020/05/18 00:29:00 [ERROR][www.FQDN.ca] failed to obtain certificate: acme: Error -> One or more domains had a problem:
[www.FQDN.ca] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Timeout during connect (likely firewall problem), url: (attempt 3/3; challenge=tls-alpn-01)
2020/05/18 00:29:01 failed to obtain certificate: acme: Error -> One or more domains had a problem:
[www.FQDN.ca] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Timeout during connect (likely firewall problem), url: 
root@nextcloud:~ #

I hope my info was thorough, How can I fix this ?..

And Thank you for your time and effort ... CHEERs!!

baztardo-snow commented 4 years ago

Update whit more test does FreeNas have a firewall I cant even access a FAMP stack whit my Router having a fully open DMZ to that IP ..

and here's my network

root@freenas[/mnt/NAS1/steve]# ifconfig
em0: flags=8c02<BROADCAST,OACTIVE,SIMPLEX,MULTICAST> metric 0 mtu 1500
    options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
    ether 10:7b:44:53:00:1a
    hwaddr 10:7b:44:53:00:1a
    nd6 options=1<PERFORMNUD>
    media: Ethernet autoselect
    status: no carrier
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
    options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
    inet6 ::1 prefixlen 128
    inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
    inet 127.0.0.1 netmask 0xff000000
    nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
    groups: lo
mlxen0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 9000
    description: Main 10Gbe
    options=ad00b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWFILTER,VLAN_HWTSO,LINKSTATE,RXCSUM_IPV6>
    ether 00:02:c9:54:5c:0a
    hwaddr 00:02:c9:54:5c:0a
    inet 192.168.0.26 netmask 0xffffff00 broadcast 192.168.0.255
    nd6 options=9<PERFORMNUD,IFDISABLED>
    media: Ethernet autoselect (1000baseT <full-duplex,rxpause,txpause>)
    status: active
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 9000
    ether 02:81:c8:9e:77:00
    nd6 options=1<PERFORMNUD>
    groups: bridge
    id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
    maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
    root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
    member: vnet0.9 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
            ifmaxaddr 0 port 6 priority 128 path cost 2000
    member: vnet0.8 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
            ifmaxaddr 0 port 4 priority 128 path cost 2000
    member: mlxen0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
            ifmaxaddr 0 port 3 priority 128 path cost 20000
vnet0.8: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 9000
    description: associated with jail: nextcloud as nic: epair0b
    options=8<VLAN_MTU>
    ether 10:7b:44:ba:b5:81
    hwaddr 02:b4:90:00:04:0a
    nd6 options=1<PERFORMNUD>
    media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
    status: active
    groups: epair
vnet0.9: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 9000
    description: associated with jail: FAMP as nic: epair0b
    options=8<VLAN_MTU>
    ether 10:7b:44:74:7a:75
    hwaddr 02:b4:90:00:06:0a
    nd6 options=1<PERFORMNUD>
    media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
    status: active
    groups: epair
root@freenas[/mnt/NAS1/steve]#
danb35 commented 4 years ago

Update whit more test does FreeNas have a firewall

No, it doesn't. Either your router is set incorrectly, or your ISP is blocking ports 80 and/or 443.