Just had NextCloud denying my credentials (not for the first time). I know they weren’t wrong because I’m using a password manager. Logs didn’t say much. Was about to reinstall (again, not the first time nextcloud went bonkers on me) before I tried a docker compose down && docker compose up. Lo and behold after a restart the credentials worked again.
This stuff is just way too flaky for something so important.
Is OwnCloud good again? My main usecase is saving photos but I don’t want them locked away in a database so SeaFile is out.
Edit: I’m going to take the time to reply to you all, bit busy with work and family suddenly. But a little update - I’ve quickly setup Immich and fired up the CLI to import my library. AFAIK the files are still stored on disk somewhere but metadata is in a database. I didn’t realize this before, knowing that I think my mind is made up and Immich is the best solution. Thanks everyone!
I’m not done but I’m so tired of just stupid error messages that don’t help from developers. I love the open source community but for gods sake devs, handle your errors in a format that makes sense.
Nextcloud or others, it’s always the same. I either get a 200 line stacktrace that means absolutely nothing to me because the dev didn’t bother to handle the exception (like you submit a form and get a null reference back. It sure would be nice to know what field was null) or of course the infamous “Exception occurred” and nothing else.
My favorite was I tried to submit to Jellyfin a fix for one of their very opaque exceptions, keep the stack trace but rewrite the error message like “x exception occurred, do you have permissions to do that?” Or something and the PR was rejected. I just can’t even with that
I’m also a develop and my philosophy is that stack traces are for the developers but they should be translated to informative error messages for the user. Otherwise you’re doing security through obscurity.
My favorite was I tried to submit to Jellyfin a fix for one of their very opaque exceptions, keep the stack trace but rewrite the error message like “x exception occurred, do you have permissions to do that?” Or something and the PR was rejected. I just can’t even with that
Out of interest, which PR was that?
It’s uncommon to rewrite exception messages to be user friendly, they are for developers. The exception shouldn’t be thrown in the first place if it’s a common issue or the error message should be more generic for unhandled problems.
I strongly disagree with this, any error message shown to the user should be helpful to the user
I think you misunderstood, this is about exceptions, which shouldn’t be shown to users unless they ask for it.
Exceptions are not helpful to users most of the time, as shown above. They need instructions on how to report issues instead since they most likely can’t fix an unhandled exception by themselves.
Underrated comment.
To put it into user perspective:
Exception X with error code xxx means Y. Y should be shown via a modal dialog to the user. The state of the application has to be reverted to a valid state as error handling.
The exception/error gets logged, the user doesn’t receive a exception but the interpretation of the error is shown to him via the UI.
I almost don’t dare to say this, but I’ve been running the snap for more than a year and have no complaints.
Too daring of you to say snap
6 years here and went from ubuntu 16 to 22
You installed nextcloud with snap? HOW DARE YOU!
I’ve been on the snap version for three years with zero problems. It was originally created as a VM on virtualbox, then ported over to proxmox. Every OS and instance upgrade has gone off without a hitch so far.
My problem with nextcloud is more the performance of the web interface rather than it’s reliability (and that’s even with
mariadb+redissetup and a decently fast minipc). It’s fine if you avoid the web interface, but that’s part of the draw of the thing.The poor performance carries over to the sync clients too because they’re just using webdav http requests. Nextcloud will take like 10+ hours to sync my folders, vs about 10 minutes with Syncthing or something else.
The performance is indeed pretty terrible. Most stuff runs fine on my NUCs except nextcloud. Maybe throwing more hardware at it solves it though.
As someone with a beef server: Nope, performance stays unsatisfactory. Redis helps a lot but only if the page is cached which tbh just makes the experience worse if the page isn’t cached
Edit: I’m using the AIO installer though, as discussed elsewhere in this post that might be the root cause of the poor performance, will check on the weekend by installing nextcloud manually in a fresh vm
Most likely you got blocked for some time by the brute force prevention. Have a look at your logfiles.
I haven’t got this kind of issue with nextcloud, I’m pretty sure you can reset your password using occ via cli
I’m using the LSIO docker image and I could not locate the occ file to fire off the reset - but even then - I didn’t need to reset my password anyway…
That’s your problem, just there: you deployed a one size fits all blackbox of a container that, by definition, on top of pulling all the inefficiencies and redundancies of docker, isn’t tuned for your specific hardware and operational needs. I get the appeal of containers, but if you want to self-host responsibly, you’ve got to be in control of what’s running and how.
Sorry if this sounds harsh.
I honestly don’t see how my issues are related to docker. Sure the occ app was missing (or I just couldn’t find it, but the conclusion was that I didn’t even need it)
I’m running Linux so there’s not really any inefficiencies in regards to resources AFAIK - it’s just namespaces and cgroups.
use immich for photos.
owncloud ocis works but is very young. is literally just file hosting with something to open office files online.
https://github.com/simone-viozzi/my-server
those are my configs. you have both immich and owncloud.
I am using nextcloud for years now with postgres, redis and configured PHP setttings, but I installed it on the host. Never had any problems, Performance is awesome… Almost everytime I read about problems is with the docker images. The new AIO image shall be bad too, but I can not say anything to this, since I don’t use it.
I really like docker, but sometimes it is better to install on the host directly or use an LXC if you need isolation. MinIO is the same… Would not want it in a Container
Maybe seafile could be an option for you 🤔
deleted by creator
In my experience, Immich is way better for Photos.
Maybe Immich might be a fit fit
I’m giving this a try now - it’s true it still saves the files on disk somewhere right? AFAIK at least so, this fits my requirements.
Yes it does, you can back up the files externally and everything if needed. You can also import external directories of existing photos.
The installation instructions talk about the yaml amd env file to dowmload and edit, in one of those you specify explicit path of where your files go
Nextcloud is an overkill. Its just too much. I’d say better split down the needed services. Baikal/radicale etc for contacts/calendar. Photoprism/librephotos etc for photos. A webdav server for storage. And so on.
For photos, I’d highly recommend checking out Photoprism.
the “PhotoSync” app available for both android and apple can sync from your phone to photoprism.
But, nextcloud itself, works pretty nice for me. But, I use OIDC-based logon, with Authentik.
Would highly reccomend https://immich.app/ too. It’s the solution I’ve finally landed on after trying out most of the options out there.
Maybe try https://github.com/kd2org/karadav if you want to continue using the NC apps for photo backups.
Thats frustrating
I second the notion that your ip was banned by nc’s brute force detection
The silent reconnects of a DAVx client on a phone could easily trigger this
You can whitelist your home routers ip in the config IIRC Maybe not on the LISO container though, IIRC it is less configurable, but doesn’t “just work”, I’d ditch that not nextcloud
Quick fix could be to “DELETE FROM” (or “TRUNCATE” if you are certain nobody is blocked correctly) the table bruteforce_attempts (or smth similar). Although that “dc up && dc down” worked could indicate another issue, as you do seem to have persistence with your db in a docker volume (cred are still there) which would mean the time penalty ran out during restart or oits somethimg else
I just implemented authentik SSO for Nextcloud and other apps and it’s made my life easier.
What name do you assign the DB for PostgreSQL in Docker and does it by chance happen to match the name of any other containers, possibly in other docker compose files?
I’m only mentioning it because I experienced weird inconsistent issues with a service I was running where it was sometimes having trouble connecting to its DB companion and I eventually realized that it was sometimes connecting to the other container. I was also finding that turning it off and on again was often ‘fixing’ the issue, at least for a while. Might be worth checking out. I’d also consider viewing the logs for Nextcloud (
docker logs -f) when you’re unable to login and see if there are any errors. Frankly I’ve never had these specific issues with Nextcloud, and given that it’s based on PHP (it only ‘executes’ on an HTTP request), it seems like restarting shouldn’t help unless it’s something else.
