Logging into Nextcloud App for the first time - Cannot log in as specified user

I was able to successfully install and launch the official / stable Nextcloud app on TrueNAS SCALE 24.10 (Electric Eel).

When I browse to the UI and put in the credentials I specified while setting up the app, I cannot log in - it just bounces me back to the login screen without an error message.

I’ve deleted the app, including the directories with the DB in them, to ensure it’s a clean start, and reinstalled - same thing.

I’ve tried resetting the password using docker exec to run the occ command, but the command aborts when occ comes back and asks me to input a password.

I did search online and saw suggestions to try Incognito mode, but that doesn’t resolve this for me.

Any ideas on how to either reset the password, or how to ensure it takes the correct password when installing?

With help from another thread, I was able to run this commnand:

TrueNAS% sudo docker exec -it -u 33 ix-nextcloud-nextcloud-1 php -f /var/www/html/occ user:resetpassword Geoffrey

That let me reset the password, but I still can’t log in - this may not be a Password issue, but a trust / security issue in the config of Nextcloud?

I was also able to add a new user using the occ command, but cannot log in as that user, either, leading me to believe this is not a user / password issue.

Did you able to grab some usefull log?

I wasn’t sure what to grab yet - if you can point me to which logs to grab, I will do so.

When I set up the app, I used my own paths to datasets on my main data pool - as a test, I deleted the app, then re-created it using the iX volumes. This let me log in without issue, so I think it’s an issue with when the datasets are set up manually rather than using the defaults.

OK, I was able to get around it by doing the following:

  1. Delete the app, and all data sets related to it
  2. Install the app using the iX storage defaults
  3. Copy the iX folders (from /mnt/.ix-apps/nextcloud) to my main pool (under /mnt/data/apps/nextcloud in my case), using -rp to keep the permissions
  4. Delete the app
  5. Reinstall, pointing the folders to the new paths, and keeping the same Redis & DB passwords.

When I browsed to the UI, it let me in without issue this time. My conclusion is that manually setting the paths leaves something out permissions-wise, which can be gotten around by copying the paths from the official store. Annoying, but not the end of the world.

Probably the permissione issue was just to set the user www-data as owner of the nextcloud data dataset. But glad you get a solution somehow

Yes, that’s fine.
nextcloud- and user-data: user and goup as www-data
postgres-data: user: netdata and group: docker
dataset-type: app
User: ncadmin and password: nextcloud for installation

Now I got it working with host for datasets.

Just a few error-messages in nextcloud:

There are some errors regarding your setup.

  • Accessing site insecurely via HTTP. You are strongly advised to set up your server to require HTTPS instead. Without it some important web functionality like “copy to clipboard” or “service workers” will not work! For more details see the documentation :arrow_upper_right:.

  • 75 errors in the logs since 27. Oktober 2024, 21:49:55

  • Server has no maintenance window start time configured. This means resource intensive daily background jobs will also be executed during your main usage time. We recommend to set it to a time of low usage, so users are less impacted by the load caused from these heavy tasks. For more details see the documentation :arrow_upper_right:.

  • One or more mimetype migrations are available. Occasionally new mimetypes are added to better handle certain file types. Migrating the mimetypes take a long time on larger instances so this is not done automatically during upgrades. Use the command occ maintenance:repair --include-expensive to perform the migrations.

  • Some headers are not set correctly on your instance - The Strict-Transport-Security HTTP header is not set (should be at least 15552000 seconds). For enhanced security, it is recommended to enable HSTS. For more details see the documentation :arrow_upper_right:.

  • Detected some missing optional indices. Occasionally new indices are added (by Nextcloud or installed applications) to improve database performance. Adding indices can sometimes take awhile and temporarily hurt performance so this is not done automatically during upgrades. Once the indices are added, queries to those tables should be faster. Use the command occ db:add-missing-indices to add them. Missing indices: “fs_storage_path_prefix” in table “filecache”, “systag_by_objectid” in table “systemtag_object_mapping”. For more details see the documentation :arrow_upper_right:.

Three errors left.
I’m reaching my nextcloud over ngnix. So HSTS is enabled and I’m reaching it over the proxy.
But I get the error, the “trusted_proxies” setting is not correctly set and that it is recommended to enable HSTS.
Whats the problem here? I already tried to enter trusted_proxies in the config.php and in the app-setting via Additional Environment Variables.

There are some errors regarding your setup.

  • Your “trusted_proxies” setting is not correctly set, it should be an array of IP addresses - optionally with range in CIDR notation. For more details see the documentation :arrow_upper_right:.

  • 86 errors in the logs since 28. Oktober 2024, 13:46:26

  • Some headers are not set correctly on your instance - The Strict-Transport-Security HTTP header is not set (should be at least 15552000 seconds). For enhanced security, it is recommended to enable HSTS. For more details see the documentation :arrow_upper_right:.

  • Your installation has no default phone region set. This is required to validate phone numbers in the profile settings without a country code. To allow numbers without a country code, please add “default_phone_region” with the respective ISO 3166-1 code of the region to your config file. For more details see the documentation :arrow_upper_right:.

I installed Nextcloud also from scratch using these permissions. I activated ACL and the force flag to update them. App is deployed properly and I’m able to access the login page directly and through Nginx.

Unfortunately, I’m facing the same login page issue as reported here multiple times. Already installed again, double-checked properties, updated the app (there was an update 1.4.3 yesterday). Nothing helped so far.

I feel it’s a problem of the app, not a configuration issue or something caused by Nextcloud itself. I had another TrueNAS instance based on 24.04 where Nextcloud worked immediately without these issues. Above mentioned issues popped up at fresh TrueNAS 24.10 installation.

Any support would be appreciated.

Nextcloud app is updated to 1.4.4 just now, still stuck in the login page.

This should get nextcloud running uner EE 24.10:

Install it from scratch.
Created my new datasets for the nextcloud:

  • nextcloud-app-data → user: www-data - group: www.data
  • nextcloud-user-data → user: www-data - group: www.data
  • nextcloud-postgres-data → user: netdata - group: docker

all three dataset-type: app

For the installation of the app I used the standard
User: ncadmin and password: nextcloud

1 Like

Thanks for the summary again. I already used these users/groups for the datasets. All datasets are of type app. Only difference are the names of the datasets but this shouldn’t harm as long as they’re mapped accordingly.
I’m using different credentials right now but also tried these default credentials before.

Nextcloud is deployed without obvious issues and login page is accessible. ‘Only’ problem is that the login never succeeds.

The log output of the container provides this (some comments added by me):

//Just opending the login page
2024-11-05 13:43:11.341912+00:00192.168.178.50 - - [05/Nov/2024:13:43:11 +0000] "GET / HTTP/1.1" 302 749 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
2024-11-05 13:43:11.396533+00:00192.168.178.50 - - [05/Nov/2024:13:43:11 +0000] "GET /login HTTP/1.1" 200 7455 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
//this happens cyclically all the time
2024-11-05 13:43:11.701568+00:00127.0.0.1 - - [05/Nov/2024:13:43:11 +0000] "GET /status.php HTTP/1.1" 200 1539 "-" "curl/7.88.1"
2024-11-05 13:43:21.833986+00:00127.0.0.1 - - [05/Nov/2024:13:43:21 +0000] "GET /status.php HTTP/1.1" 200 1539 "-" "curl/7.88.1"
//trying to login
2024-11-05 13:43:27.239215+00:00192.168.178.50 - - [05/Nov/2024:13:43:27 +0000] "POST /login HTTP/1.1" 303 1362 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
2024-11-05 13:43:27.303970+00:00192.168.178.50 - - [05/Nov/2024:13:43:27 +0000] "GET /login?direct=1&user=cloud HTTP/1.1" 200 7456 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"

Do you think that’s fine?

Are there any other logfiles that could offer further information?

And you are using
User: ncadmin and password: nextcloud
?
You can change these after the first login.

I tried already different credentials. Tried the one you mentioned again just to make sure. No difference.

Do you considered the Redis user (uid 1001) for any of the datasets? I did not provided access for this one yet.

Just owner@ and group@ and a user for my duplicati backup.

With today’s update to v1.4.5 login works fine without further changes. Thanks a lot to the maintainers for taking care, very appreciated!

Unfortunately, I have to come back to this topic again. As stated above, I was able to deploy a Nextcloud app with default credentials. Also the login sucveeds in that case.

When I tried to change the credentials, the odd behavior appeared again. Also dropping all configuration and datasets and finally setting everything up again with custom credentials does not work.

As mentioned in the other thread (Nextcloud does not start and cannot reinstall after Electric Eel update - #43 by RRD1), I nailed it down to the Redis password. So custom passwords for Nextcloud and Postgres are fine but Redis has to be set to “nextcloud” always.

Does anybody know how to properly set a custom password for Redis here?

Have you tried setting the environment variable REDIS_HOST_PASSWORD for nextcloud? I don’t use the app so not sure completely, but this is how it works for custom nextcloud app.

Thanks for the hint. I filled in the Redis password into the input field of the TrueNAS App wizard so far and made sure the correct password is reflected by the NC config.php.

Just set REDIS_HOST_PASSWORD for the existing instance without any positive effect.