search

danb35 / freenas-iocage-nextcloud

Script to create an iocage jail on FreeNAS for the latest Nextcloud 28 release, including Caddy, MariaDB or PostgreSQL, and Let's Encrypt
GNU General Public License v3.0
250 stars 71 forks source link

Stopped nextcloud due to VNET failure: Failed to create jail #200

Closed domicm closed 1 year ago

domicm commented 1 year ago

First off, thank you @danb35 for the script. You have saved me and many others hours of troubleshooting.

When I ran the script in the configuration most suitable to my needs, I originally received an error in the script: "pkg.freebsd.org could not be reached via DNS, check your network"

I was able to get around this by adding INTERFACE="em0" in the config file, which resulted in freebsd being able to be downloaded and installed. However, I now receive the error that the jail was stopped due to a VNET failure, and the script failed to create the jail.

Here is my config file:

DEFAULT_GW_IP="192.168.1.1"
POOL_PATH="/mnt/tank/"
TIME_ZONE="America/New_York"
HOST_NAME="xxxxxx"
DNS_CERT=1
CERT_EMAIL="xxxx"
DNS_PLUGIN="cloudflare"
DNS_TOKEN="xxxx"
INTERFACE="em0"

And the nextcloud.log:

Command: ./nextcloud-jail.sh
cannot open 'Creating': dataset does not exist
cannot open 'Creating': dataset does not exist
cannot open 'Creating': dataset does not exist
cannot open 'Creating': dataset does not exist
cannot open 'Creating': dataset does not exist
cannot open 'Creating': dataset does not exist
cannot open 'Creating': dataset does not exist
cannot open 'Default': dataset does not exist
cannot open 'configuration': dataset does not exist
cannot open 'missing,': invalid character ',' in name
cannot open 'creating': dataset does not exist
cannot open 'one': dataset does not exist
JAIL_INTERFACES not set, defaulting to: vnet0:bridge0
Fetching: 13.1-RELEASE

Downloading: MANIFEST [####################] 100%
Downloading: base.txz [####################] 100%
Downloading: lib32.txz [####################] 100%
Downloading: src.txz [####################] 100%
Extracting: base.txz...
Extracting: lib32.txz...
Extracting: src.txz...

* Updating 13.1-RELEASE to the latest patch level...
Looking up update.FreeBSD.org mirrors... 2 mirrors found.
Fetching public key from update1.freebsd.org... done.
Fetching metadata signature for 13.1-RELEASE from update1.freebsd.org... done.
Fetching metadata index... done.
Fetching 2 metadata files... done.
Inspecting system... done.
Preparing to download files... done.
Fetching 336 patches.....10....20....30....40....50....60....70....80....90....100....110....120....130....140....150....160....170....180....190....200....210....220....230....240....250....260....270....280....290....300....310....320....330... done.
Applying patches... done.
Fetching 3 files... . done.
The following files will be removed as part of updating to
13.1-RELEASE-p7:
/usr/share/zoneinfo/SystemV
/usr/src/contrib/tzdata/pacificnew
/usr/src/contrib/tzdata/systemv
/usr/src/contrib/tzdata/yearistype.sh
/usr/src/contrib/tzdata/zoneinfo2tdf.pl
The following files will be added as part of updating to
13.1-RELEASE-p7:
/usr/share/zoneinfo/America/Ciudad_Juarez
/usr/share/zoneinfo/Europe/Kyiv
/usr/share/zoneinfo/GMT
/usr/src/crypto/openssl/crypto/bn/rsa_sup_mul.c
The following files will be updated as part of updating to
13.1-RELEASE-p7:
/bin/freebsd-version
/boot/loader
/boot/loader.efi
/boot/loader_4th
/boot/loader_4th.efi
...
(long install stuff, not relevant)
...
/var/db/mergemaster.mtree
Installing updates...Scanning /mnt/tank/iocage/releases/13.1-RELEASE/root/usr/share/certs/blacklisted for certificates...
Scanning /mnt/tank/iocage/releases/13.1-RELEASE/root/usr/share/certs/trusted for certificates...
 done.
Missing default rc.conf, creating it
nextcloud successfully created!

Stopped nextcloud due to VNET failure
Failed to create jail

Command exit status: 1
Script done on Sat Mar 18 19:45:52 2023

It seems that there is something screwy happening in the beginning of the script according to the log... not sure what "cannot open 'Creating': dataset does not exist" is all about. In any case, I am not able to access nextcloud via the jail IP, but it can successfully be pinged to from another system.

danb35 commented 1 year ago

I'll look at it more later, but you've shared your Cloudflare API token. I'd recommend you revoke that token and generate a new one, because anyone who has it can do pretty much anything to your DNS records.

domicm commented 1 year ago

Whoops, that was pretty stupid of me. Thanks for catching that.

domicm commented 1 year ago

For reference, here is the log file of what happens when I leave the INTERFACE setting at defaults: 

Command: ./nextcloud-jail.sh
JAIL_INTERFACES not set, defaulting to: vnet0:bridge0
nextcloud successfully created!

Testing Host DNS response to pkg.freebsd.org
DNS Exception: The DNS operation timed out after 30.118759870529175 seconds
pkg.freebsd.org could not be reached via DNS, check your network
Failed to create jail

Command exit status: 1
Script done on Sun Mar 19 10:48:53 2023

Maybe something is up with the bridge? I'm not well versed in this networking stuff so I'm not sure what I could do about it.

domicm commented 1 year ago

I was able to get around this issue by disabling VNET and setting the interface to the network card of the TrueNAS system.