search

linuxserver / docker-nextcloud

GNU General Public License v3.0
701 stars 128 forks source link

[BUG] <title>This container runs commands “update-ca-certificates” invalid #459

Open samfor12 opened 2 months ago

samfor12 commented 2 months ago

Is there an existing issue for this?

Current Behavior

After connecting to S3 storage, I found that NextCloud cannot access it

I went to NextCloud's log center

S3Exception
Error executing "PutObject" on "https://haproxy:9000/nextcloud/urn%3Aoid%3A226"; AWS HTTP error: cURL error 60: SSL certificate problem: self-signed certificate (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://haproxy:9000/nextcloud/urn%3Aoid%3A226
Exception thrown: Aws\S3\Exception\S3Exception

This log clearly tells us that the system did not trust this certificate

Expected Behavior

After these operations are executed and my minio S3 storage is functioning properly, NextCloud will work properly and store the data in the S3 backend

Steps To Reproduce

1. I will first copy a CA certificate to/usr/share/ca certificates/mozilla/

docker cp CA-cloud.com.crt nextcloud1:/usr/share/ca-certificates/mozilla/

Entering the interior of the container

docker exec -it nextcloud1 bash

2. edit /etc/ca-certificates.conf

nano /etc/ca-certificates.conf

3. Go to the end of the file and add mozilla/CA-cloud.com.crt

4. RUN update-ca-certificates

update-ca-certificates

5. not output

6. But the original NextCloud container has relevant output and will trust this certificate normally

7. Add S3 storage configuration

vi /home/nextcloud1/appdata/www/nextcloud/config/config.php

  'objectstore' => [
          'class' => '\\OC\\Files\\ObjectStore\\S3',
          'arguments' => [
                  'bucket' => 'nextcloud',
                  'hostname' => 'minio',
                  'key' => 'minioadmin',
                  'secret' => 'minioadmin',
                  'port' => 9000,
                  // required for some non-Amazon S3 implementations
                  'use_path_style' => true,
          ],
],

8. Once added, you will immediately be unable to access NextCloud

Internal Server Error

The server encountered an internal error and was unable to complete your request.
Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.
More details can be found in the server log.

Unless the configuration files stored in S3 are removed

vi /home/nextcloud1/appdata/www/nextcloud/config/config.php

//  'objectstore' => [
//         'class' => '\\OC\\Files\\ObjectStore\\S3',
//          'arguments' => [
//                  'bucket' => 'nextcloud',
//                  'hostname' => 'haproxy',
//                  'key' => 'minioadmin',
//                  'secret' => 'minioadmin',
//                  'port' => 9000,
//                  // required for some non-Amazon S3 implementations
 //                 'use_path_style' => true,
//          ],
//],

I went to NextCloud's log center

S3Exception
Error executing "PutObject" on "https://haproxy:9000/nextcloud/urn%3Aoid%3A226"; AWS HTTP error: cURL error 60: SSL certificate problem: self-signed certificate (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://haproxy:9000/nextcloud/urn%3Aoid%3A226
Exception thrown: Aws\S3\Exception\S3Exception

This log clearly tells us that the system did not trust this certificate

Environment

- OS:rocky8
- How docker service was installed:
Use the official yum source provided by Docker to install

CPU architecture

x86-64

Docker creation

docker run -d  --name=nextcloud1 --restart=always   --net minio_to_haproxy_network -p 3958:443 -v /home/nextcloud1/appdata:/config -v /home/nextcloud1/data:/data  linuxserver/nextcloud:latest

Container logs

using keys found in /config/keys
[custom-init] No custom files found, skipping...
[ls.io-init] done.
[migrations] started
[migrations] 01-nginx-site-confs-default: skipped
[migrations] 02-default-location: skipped
[migrations] done
usermod: no changes
───────────────────────────────────────

      ██╗     ███████╗██╗ ██████╗
      ██║     ██╔════╝██║██╔═══██╗
      ██║     ███████╗██║██║   ██║
      ██║     ╚════██║██║██║   ██║
      ███████╗███████║██║╚██████╔╝
      ╚══════╝╚══════╝╚═╝ ╚═════╝

   Brought to you by linuxserver.io
───────────────────────────────────────

To support LSIO projects visit:
https://www.linuxserver.io/donate/

───────────────────────────────────────
GID/UID
───────────────────────────────────────

User UID:    911
User GID:    911
───────────────────────────────────────

using keys found in /config/keys
[custom-init] No custom files found, skipping...
[ls.io-init] done.
github-actions[bot] commented 2 months ago

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.

Roxedus commented 2 months ago

The paths used are not correct for alpine Linux. PHP's curl has its own certstore.

samfor12 commented 2 months ago

HI ,Roxedus I need Alpine Linux to set up the root certificate and commands How to enable SMB sharing for external storage on Linux server/nextcloud? Thank you for your reply .

j0nnymoe commented 2 months ago

You install the app within nextcloud.

samfor12 commented 1 month ago

I have installed software for external storage. But to use SMB, it is required to install SMB support software on the host, but I am not sure what needs to be installed

LinuxServer-CI commented 4 weeks ago

This issue has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions.