Nextcloud set-up - file permissions

benlin · December 21, 2024, 12:45pm

Hello!

I am currently changing from Truenas SCALE with Truecharts Apps to Electric Eel.

I did a complete fresh installation on my home server. Currently running TrueNAS ElectricEel 24.10.1.

I did try to follow the installation instruction for Nextcloud from the official Truenas documentation.

I think I did not understand the right set-up for the permissions.

I did create 3 datasets

nc/data

nc/html

nc/postgres_data

Nextcloud app settings for the folders:

What am I missing?

oxyde · December 21, 2024, 3:07pm

I don’t know if Is correct, so take this with a grain of salt… But i have struggled a bit with ACL for nextcloud data until i don’t give to everyone some read data attribute plus execute… But i have nextcloud’s datasets nested as childs of another dataset (where all apps datasets are stored);

Aqua1ung · December 26, 2024, 10:18pm

Yeah, somebody needs to go over the official NextCloud installation guide and fix it, because it’s full of holes and confusing as heck.

benlin · December 27, 2024, 12:30pm

Ok - I started from scratch and set up nextcloud WITHOUT following the documentation.

Just create the parent dataset nc and nest the 3 datasets below.

nextcloud
    html
    data
    postgres_data

Do NOT change any permissions and let the app installer take care of that.

Worked for me. Curious, if that is the right approach and the installation instructions here are obsolete.

Aqua1ung · December 28, 2024, 5:26pm

Thanks. I need my data dataset in a different pool though. Will that work?

Also, when creating the datasets, what ACL permissions should the datasets be created with? What do you mean by “do NOT change any permissions”? Do not change them from WHAT? Are they created with permissions BY DEFAULT?

benlin · January 2, 2025, 1:34am

I did not set any ACL permissions at all …

Aqua1ung · January 3, 2025, 12:33am

Thanks. I did just as you suggested, and I also left all the “Enable ACL” tickboxes empty. However, what I also did is I ticked the “Automatic Permissions” tickbox, and that seems to have done it. Now it looks like I need to “edit the ‘trusted_domains’ setting in config/config.php,” as I get the funny screen pictured below when attempting to access the WebUI from any computer on my LAN. How can I do that though? Where do I find this config/config.php file?

And what the heck is this “Host” setting about? What is that for?

Screenshot From 2025-01-02 19-38-42

benlin · January 3, 2025, 8:08pm

For the first one you must edit your config/config.php
Either from the shell within or ssh to the server.

The second one is relevant, if you want to use your own hostname.
eg.: mynextcloud.com or nextcloud.mydomain.com

Aqua1ung · January 3, 2025, 10:46pm

Yeah, that’s the $64,000 question, where exactly is this config/config.php file hidden, ‘cause there ain’t no config directory in TrueNAS’ root. Anyway, it looks like I found it: /mnt/nas1_app/nextcloud/html/config/config.php.

Now that I’ve edited this file, I can finally see the login screen, though I cannot login! What credentials does this thing take? I tried the admin credentials I inputted when I installed the application, but they do not work.

benlin · January 4, 2025, 3:23pm

No definitely the admin + password you did set there

Aqua1ung · January 4, 2025, 5:36pm

Is that password supposed to show up in config.php? I can’t find it anywhere in there!
Would you mind posting your config.php so I can compare it with mine (please obscure any sensitive info)?

Here below is my config.php, and please let me know if you see anything funny in there:

root@nas1[/mnt/nas1_app/nextcloud/html/config]# cat config.php 
<?php
$CONFIG = array (
  'htaccess.RewriteBase' => '/',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' => 
  array (
    0 => 
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 => 
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' => 
  array (
    'host' => 'redis',
    'password' => 'some_password',
    'port' => 6379,
  ),
  'upgrade.disable-web' => true,
  'passwordsalt' => 'seemingly_random_string',
  'secret' => 'seemingly_random_string',
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'pgsql',
  'version' => '30.0.4.1',
  'overwrite.cli.url' => 'http://localhost',
  'dbname' => 'nextcloud',
  'dbhost' => 'postgres:5432',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'oc_admin',
  'dbpassword' => 'seemingly_random_string',
  'installed' => true,
  'instanceid' => 'ocvqq2wlhyy5',
  'trusted_domains' => 
  array (
    0 => '127.0.0.1',
    1 => '192.168.153.205:30027',
    2 => '192.168.153.205:30001',
    3 => 'localhost',
    4 => 'nextcloud',
  ),
);

Many thanks!

benlin · January 4, 2025, 8:18pm

How do you try to access your nextcloud website? It must be added here:

e.g.: nextcloud.mydomain.com

The password is used, when you get to the login screen.
grafik

Aqua1ung · January 4, 2025, 8:23pm

For now, I am attempting to access it from my LAN, as in the screenshot below:

Aqua1ung · January 4, 2025, 10:51pm

Alright, here’s the conclusion of my NextCloud on TrueNASA saga: attempting to change the password in NextCloud app edit mode is an exercise in futility, at least at this point in time. Neither is re-installing the app any useful … UNLESS one first cleans up ALL NextCloud files everywhere on TrueNAS prior(!) to doing a reinstall. Simple reinstall does not clear out previous installations, so all subsequent installs are doomed to fail.

As such, indeed, doing an install from scratch–that is, including all relevant storage datasets–is the easiest way to ensure a painless installation. And also make sure your admin password does not end with the dollar sign ($) or comma (,).

ckao1030 · January 7, 2025, 2:03am

had the exact same experience. very frustrating.

Rogge52 · February 6, 2025, 7:55pm

Well this is very frustrating. Found you post and was hoping it would clear things up. I still cant access the webUI after trying many different things

Doing the setup as as you described above, I have left the hostname blank. This resulted in the webui giving the message about Access through untrusted domains. So I edited the config.php file and added the ip address of the truenas server and the port for NextCloud (192.168.1.4:30027). No change, still get the same message.
when doing setup configuration, under certificate do you leave it as no certificate or do you select the true_nas certificate? I am currently accessing it from insde the network for testing and setup before considering any external connection. even then I will likely use scaletail as I already have it setup for secure connection the truenas server.
Did you ever figure out putting the data files in a location other that the default location in the contiainer?

Thanks for all your hardwork. I am about 40 hours in and you saved me a bunch of time with other configurations I was considering changing.