nextcoud jail - 30.0.9 - fails and config suggestions #11
Description
Nextcloud return errors and report missing configurations in nginx.conf
pwd
/usr/local/etc/nginx
curl https://raw.githubusercontent.com/cbsd/cbsdfile-recipes/refs/heads/master/jail/nextcloud/skel/usr/local/etc/nginx/mime.types > mime.type
mv nginx.conf nginx.conf.old
curl https://raw.githubusercontent.com/cbsd/cbsdfile-recipes/refs/heads/master/jail/nextcloud/skel/usr/local/etc/nginx/nginx.conf > nginx.conf
service nginx restart
sudo -u www php /usr/local/www/nextcloud/occ setupchecks dav:
✓ DAV system address book: No outstanding DAV system address book sync.
network:
✓ WebDAV endpoint: Your web server is properly set up to allow file synchronization over WebDAV.
✓ Data directory protected
✓ Internet connectivity
⚠ JavaScript source map support: Your webserver is not set up to serve `.js.map` files. Without these files, JavaScript Source Maps won't function properly, making it more challenging to troubleshoot and debug any issues that may arise.
✗ JavaScript modules support: Your webserver does not serve `.mjs` files using the JavaScript MIME type. This will break some apps by preventing browsers from executing the JavaScript files. You should configure your webserver to serve `.mjs` files with either the `text/javascript` or `application/javascript` MIME type. ⚠ OCS provider resolving: Your web server is not properly set up to resolve "/ocm-provider/". This is most likely related to a web server configuration that was not updated to deliver this folder directly.
Please compare your configuration against the shipped rewrite rules in ".htaccess" for Apache or the provided one in the documentation for Nginx. On Nginx those are typically the lines starting with "location ~" that need an update.
⚠ .well-known URLs: Your web server is not properly set up to resolve `.well-known` URLs, failed on: `/.well-known/webfinger`
ℹ Font file loading: Could not check for otf loading support. Please check manually if your webserver serves `.otf` files. To allow this check to run you have to make sure that your Web server can connect to itself. Therefore it must be able to resolve and connect to at least one of its `trusted_domains` or the `overwrite.cli.url`. This failure may be the result of a server-side DNS mismatch or outbound firewall rule. system:
✓ Errors in the log: No errors in the logs since November 4, 2024, 11:56:58 PM
✓ Allowed admin IP ranges: Admin IP filtering isn’t applied.
ℹ Brute-force Throttle: Your remote address could not be determined.
✓ Cron errors: The last cron job ran without errors.
✓ Cron last run: Last background job execution ran 2 minutes ago.
✓ Debug mode: Debug mode is disabled.
✓ File locking
✓ Maintenance window start: Maintenance window to execute heavy background jobs is between 1:00 UTC and 7:00 UTC
✓ Memcache: Configured
✓ Mimetype migrations available: None
✓ Architecture: 64-bit
✓ Temporary space available: Temporary directory is correctly configured: - 1749.3 GiB available in /tmp/ (PHP temporary directory)
✓ Push service: Free push service
notifications:
✓ Push notifications - Fair use policy
security:
✓ App directories owner: App directories have the correct owner "www"
✓ Old administration imported certificates
✓ Code integrity: No altered files
ℹ Forwarded for headers: Your remote address could not be determined. ✓ HTTPS access and URLs: You are accessing your instance over a secure connection, and your instance is generating secure URLs.
✓ Old server-side-encryption: Disabled
✓ PHP version: You are currently running PHP 8.3.13.
✓ Random generator: Secure
⚠ HTTP headers: Some headers are not set correctly on your instance
- The `X-Robots-Tag` HTTP header is not set to `noindex,nofollow`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.
database:
✓ Database missing columns: None
⚠ Database missing indices: Detected some missing optional indices. Occasionally new indices are added (by Nextcloud or installed applications) to improve database performance. Adding indices can sometimes take awhile and temporarily hurt performance so this is not done automatically during upgrades. Once the indices are added, queries to those tables should be faster. Use the command `occ db:add-missing-indices` to add them. Missing indices:
"fs_name_hash" in table "filecache".
✓ Database missing primary keys: None
✓ Database pending bigint migrations: None
✓ MySQL Unicode support: You are not using MySQL
✓ Scheduling objects table size: Scheduling objects table size is within acceptable range.
✓ Database version: 16.4
✓ Database transaction isolation level: Read committed
config:
ℹ Default phone region: Your installation has no default phone region set. This is required to validate phone numbers in the profile settings without a country code. To allow numbers without a country code, please add "default_phone_region" with the respective ISO 3166-1 code of the region to your config file.
ℹ Email test: You have not set or verified your email server configuration, yet. Please head over to the "Basic settings" in order to set them. Afterwards, use the "Send email" button below the form to verify your settings.
✓ Overwrite CLI URL: The "overwrite.cli.url" option in your config.php is set to "https://localhost" which is a correct URL. Suggested URL is "http://localhost".
✓ Configuration file access rights: Nextcloud configuration file is writable
php:
✓ PHP default charset: UTF-8
✓ PHP set_time_limit: The function is available.
✓ Freetype: Supported
✓ PHP getenv
✓ PHP memory limit: 1 GB
ℹ PHP modules: This instance is missing some recommended PHP modules. For improved performance and better compatibility it is highly recommended to install them: - sodium for Argon2 for password hashing - sysvsem
✓ PHP opcache: Correctly configured
✓ PHP "output_buffering" option: Disabled
ℹ PHP Imagick module: The PHP module "imagick" is not enabled although the theming app is. For favicon generation to work correctly, you need to install and enable this module.
Of course the warnings about telephone not set should be avoided.