Homelab, Linux, JS & ABAP (~˘▾˘)~
 

[Nextcloud] Docker update 30.0.11 to 31.0.5 – Encryption issues / MariaDB ROW_FORMAT=Dynamic

Today I updated to the latest Nextcloud docker container, as there were massive problems with the encryption app in previous versions. User couldn’t login and file versions could not be opened… Read more about it in the following two issues:

https://github.com/nextcloud/server/issues/51066
https://github.com/nextcloud/server/issues/52161

Allthough some users reported, that they still have issues, I tried the latest version. Luckily, in my case the update finished without issues and it solved all my problems related to the encryption app.

After the update, I got the usual warnings that I have to run some occ commands:

docker exec --user www-data nextcloud-app php occ db:add-missing-indices
docker exec --user www-data nextcloud-app php occ maintenance:repair --include-expensive

But then there was also a very long warning:

Falsches Zeilenformat in deiner Datenbank gefunden. ROW_FORMAT=Dynamic bietet die beste Datenbankleistung für Nextcloud. Bitte aktualisiere das Zeilenformat in der folgenden Liste: oc_richdocuments_template, oc_direct_edit, oc_flow_operations, oc_migrations, oc_talk_sessions, oc_circles_remote, oc_circles_member, oc_trusted_servers, oc_richdocuments_direct, oc_directlink, oc_talk_invitations, oc_cards, oc_filecache, oc_oauth2_clients, oc_storages_credentials, oc_login_flow_v2, oc_group_admin, oc_files_trash, oc_deck_labels, oc_deck_stacks, oc_ocsms_sendmessage_queue, oc_weather_city, oc_collres_collections, oc_jobs, oc_deck_assigned_users, oc_phonetrack_points, oc_deck_cards, oc_ldap_group_mapping_backup, oc_ocsms_config, oc_mail_mailboxes, oc_accounts, oc_twofactor_providers, oc_calendarchanges, oc_gpodder_subscriptions, oc_appconfig, oc_mail_coll_addresses, oc_polls_notif, oc_calendarobjects, oc_addressbookchanges, oc_calendars, oc_twofactor_totp_secrets, oc_user_status, oc_talk_internalsignaling, oc_vcategory_to_object, oc_dav_cal_proxy, oc_calendar_resources, oc_talk_commands, oc_mail_message_tags, oc_authtoken, oc_polls_log, oc_ocsms_smsdatas, oc_phonetrack_proxims, oc_share, oc_text_steps, oc_polls_preferences, oc_preferences, oc_weather_config, oc_twofactor_backupcodes, oc_circles_circle, oc_deck_boards, oc_webauthn, oc_federated_reshares, oc_activity, oc_mimetypes, oc_collres_resources, oc_notifications, oc_mail_classifiers, oc_notes_meta, oc_schedulingobjects, oc_circles_mount, oc_circles_membership, oc_talk_attendees, oc_news_folders, oc_deck_assigned_labels, oc_mail_aliases, oc_oauth2_access_tokens, oc_phonetrack_geofences, oc_news_items, oc_polls_options, oc_filecache_extended, oc_phonetrack_pubshares, oc_news_feeds, oc_groups, oc_text_documents, oc_files_lock, oc_polls_polls, oc_calendarsubscriptions, oc_text_sessions, oc_whats_new, oc_phonetrack_shares, oc_onlyoffice_filekey, oc_polls_share, oc_calendar_reminders, oc_bruteforce_attempts, oc_share_external, oc_systemtag_object_mapping, oc_systemtag, oc_cards_properties, oc_calendar_rooms, oc_talk_bridges, oc_mail_attachments, oc_polls_comments, oc_storages, oc_ocsms_user_datas, oc_flow_operations_scope, oc_calendar_rooms_md, oc_richdocuments_assets, oc_calendarobjects_props, oc_phonetrack_sessions, oc_mail_local_messages, oc_comments_read_markers, oc_calendar_appt_configs, oc_calendar_invitations, oc_richdocuments_wopi, oc_gpodder_episode_action, oc_recent_contact, oc_circles_event, oc_circles_share_lock, oc_calendar_resources_md, oc_circles_token, oc_circles_mountpoint, oc_deck_board_acl, oc_authorized_groups, oc_phonetrack_filtersb, oc_activity_mq, oc_flow_checks, oc_profile_config, oc_accounts_data, oc_announcements_map, oc_mail_accounts, oc_known_users, oc_collres_accesscache, oc_mail_provisionings, oc_announcements, oc_onlyoffice_permissions, oc_addressbooks, oc_group_user, oc_ldap_user_mapping, oc_notifications_settings, oc_calendar_appt_bookings, oc_deck_attachment, oc_file_locks, oc_ratelimit_entries, oc_polls_votes, oc_ocsms_conversation_read_states, oc_dav_shares, oc_phonetrack_tileserver, oc_talk_rooms, oc_polls_watch, oc_notifications_pushhash, oc_mail_tags, oc_privacy_admins, oc_systemtag_group, oc_ldap_group_mapping, oc_mail_messages, oc_mail_recipients, oc_onlyoffice_instance, oc_comments, oc_ldap_group_members, oc_users, oc_properties, oc_user_transfer_owner, oc_mail_trusted_senders, oc_phonetrack_devices, oc_vcategory, oc_mounts. Weitere Informationen findest du in der Dokumentation ↗.

For all these tables a row format adjustment was required. I used ChatGPT to generate the ALTER TABLE commands for all tables that were mentioned in the warning and used the following commands to enter the MariaDB Container:

# Access MariaDB, check your .env file for user and password
docker exec -it nextcloud-db mysql -u nextcloud -p

# Display database 
SHOW DATABASES;

# select the nextcloud database
USE NEXTCLOUD;

# alter row format
ALTER TABLE oc_richdocuments_template ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_direct_edit ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_flow_operations ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_migrations ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_talk_sessions ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_circles_remote ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_circles_member ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_trusted_servers ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_richdocuments_direct ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_directlink ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_talk_invitations ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_cards ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_filecache ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_oauth2_clients ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_storages_credentials ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_login_flow_v2 ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_group_admin ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_files_trash ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_deck_labels ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_deck_stacks ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_ocsms_sendmessage_queue ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_weather_city ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_collres_collections ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_jobs ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_deck_assigned_users ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_phonetrack_points ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_deck_cards ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_ldap_group_mapping_backup ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_ocsms_config ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mail_mailboxes ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_accounts ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_twofactor_providers ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_calendarchanges ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_gpodder_subscriptions ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_appconfig ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mail_coll_addresses ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_polls_notif ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_calendarobjects ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_addressbookchanges ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_calendars ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_twofactor_totp_secrets ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_user_status ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_talk_internalsignaling ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_vcategory_to_object ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_dav_cal_proxy ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_calendar_resources ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_talk_commands ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mail_message_tags ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_authtoken ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_polls_log ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_ocsms_smsdatas ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_phonetrack_proxims ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_share ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_text_steps ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_polls_preferences ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_preferences ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_weather_config ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_twofactor_backupcodes ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_circles_circle ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_deck_boards ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_webauthn ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_federated_reshares ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_activity ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mimetypes ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_collres_resources ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_notifications ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mail_classifiers ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_notes_meta ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_schedulingobjects ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_circles_mount ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_circles_membership ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_talk_attendees ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_news_folders ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_deck_assigned_labels ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mail_aliases ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_oauth2_access_tokens ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_phonetrack_geofences ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_news_items ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_polls_options ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_filecache_extended ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_phonetrack_pubshares ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_news_feeds ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_groups ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_text_documents ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_files_lock ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_polls_polls ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_calendarsubscriptions ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_text_sessions ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_whats_new ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_phonetrack_shares ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_onlyoffice_filekey ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_polls_share ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_calendar_reminders ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_bruteforce_attempts ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_share_external ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_systemtag_object_mapping ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_systemtag ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_cards_properties ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_calendar_rooms ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_talk_bridges ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mail_attachments ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_polls_comments ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_storages ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_ocsms_user_datas ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_flow_operations_scope ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_calendar_rooms_md ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_richdocuments_assets ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_calendarobjects_props ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_phonetrack_sessions ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mail_local_messages ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_comments_read_markers ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_calendar_appt_configs ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_calendar_invitations ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_richdocuments_wopi ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_gpodder_episode_action ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_recent_contact ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_circles_event ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_circles_share_lock ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_calendar_resources_md ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_circles_token ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_circles_mountpoint ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_deck_board_acl ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_authorized_groups ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_phonetrack_filtersb ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_activity_mq ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_flow_checks ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_profile_config ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_accounts_data ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_announcements_map ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mail_accounts ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_known_users ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_collres_accesscache ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mail_provisionings ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_announcements ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_onlyoffice_permissions ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_addressbooks ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_group_user ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_ldap_user_mapping ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_notifications_settings ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_calendar_appt_bookings ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_deck_attachment ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_file_locks ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_ratelimit_entries ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_polls_votes ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_ocsms_conversation_read_states ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_dav_shares ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_phonetrack_tileserver ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_talk_rooms ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_polls_watch ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_notifications_pushhash ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mail_tags ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_privacy_admins ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_systemtag_group ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_ldap_group_mapping ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mail_messages ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mail_recipients ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_onlyoffice_instance ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_comments ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_ldap_group_members ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_users ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_properties ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_user_transfer_owner ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mail_trusted_senders ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_phonetrack_devices ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_vcategory ROW_FORMAT=DYNAMIC;
ALTER TABLE oc_mounts ROW_FORMAT=DYNAMIC;

# exit MariaDB
EXIT;

After a refresh in the NC webinterface, all warnings were gone.

[Nextcloud] Docker update 21.0.7 to 21.0.8

And again… a Nextcloud upgrade failed. After a docker-compose pull and docker-compose up -d the maintenance mode won’t turn off. So I tried to turn it off manually, but I still couldn’t finish the update via WebGUI. I also couldn’t find any errors via the log.

docker exec --user www-data nextcloud-app php /var/www/html/occ maintenance:mode --off

So I triggered the upgrade again from the terminal and finally got an exception.

$ docker exec --user www-data nextcloud-app_1 php /var/www/html/occ upgrade
Nextcloud or one of the apps require upgrade - only a limited number of commands are available
You may use your browser or the occ upgrade command to do the upgrade
Setting log level to debug
Turned on maintenance mode
Updating database schema
Updated database
Updating <user_ldap> ...
An unhandled exception has been thrown:
Error: Call to undefined method OC\DB\QueryBuilder\QueryBuilder::executeQuery() in /var/www/html/apps/user_ldap/lib/Migration/GroupMappingMigration.php:56
Stack trace:
#0 /var/www/html/apps/user_ldap/lib/Migration/Version1130Date20220110154717.php(54): OCA\User_LDAP\Migration\GroupMappingMigration->copyGroupMappingData('ldap_group_mapp...', 'ldap_group_mapp...')
#1 /var/www/html/lib/private/DB/MigrationService.php(528): OCA\User_LDAP\Migration\Version1130Date20220110154717->preSchemaChange(Object(OC\Migration\SimpleOutput), Object(Closure), Array)
#2 /var/www/html/lib/private/DB/MigrationService.php(426): OC\DB\MigrationService->executeStep('1130Date2022011...', false)
#3 /var/www/html/lib/private/legacy/OC_App.php(1012): OC\DB\MigrationService->migrate()
#4 /var/www/html/lib/private/Updater.php(347): OC_App::updateApp('user_ldap')
#5 /var/www/html/lib/private/Updater.php(262): OC\Updater->doAppUpgrade()
#6 /var/www/html/lib/private/Updater.php(134): OC\Updater->doUpgrade('21.0.8.3', '21.0.7.0')
#7 /var/www/html/core/Command/Upgrade.php(249): OC\Updater->upgrade()
#8 /var/www/html/3rdparty/symfony/console/Command/Command.php(255): OC\Core\Command\Upgrade->execute(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#9 /var/www/html/3rdparty/symfony/console/Application.php(1009): Symfony\Component\Console\Command\Command->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#10 /var/www/html/3rdparty/symfony/console/Application.php(273): Symfony\Component\Console\Application->doRunCommand(Object(OC\Core\Command\Upgrade), Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#11 /var/www/html/3rdparty/symfony/console/Application.php(149): Symfony\Component\Console\Application->doRun(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#12 /var/www/html/lib/private/Console/Application.php(215): Symfony\Component\Console\Application->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#13 /var/www/html/console.php(100): OC\Console\Application->run()
#14 /var/www/html/occ(11): require_once('/var/www/html/c...')


Quick search on google and it seems that the image for 21.0.8 is broken and already withdrawn. Here and here. Great if users can still pull it from the docker repo…

I disabled the user_ldap addon via command line. This site helped me finding the right commands. After another occ upgrade and a few minutes, the instance finally came back online.

docker exec --user www-data nextcloud-app php /var/www/html/occ app:list
docker exec --user www-data nextcloud-app php /var/www/html/occ app:disable user_ldap
docker exec --user www-data nextcloud-app php /var/www/html/occ maintenance:mode --off
docker exec --user www-data nextcloud-app php /var/www/html/occ upgrade

In the end I also stumbled across the official nextcloud blog, where they announce 20.0.9 and that they had problems with 20.0.8…. But if the new docker image is not yet provided, and you can’t downgrade from your broken 20.0.8 back to 20.0.7, this doesn’t help you at all.

[Nextcloud] Docker upgrade 20.0.10 to 21.0.3

As always the nextcloud update failed for me…

After a quick search I found this post. Seems like using mariadb:latest is not a good idea anymore. After switching to mariadb:10.5 and manually turning the maintenance mode off I could proceed the update process.

$ docker exec --user www-data nextcloud-app php /var/www/html/occ maintenance:mode --off
Nextcloud or one of the apps require upgrade - only a limited number of commands are available
You may use your browser or the occ upgrade command to do the upgrade
Maintenance mode disabled

[Wallabag] Docker upgrade 2.3.8. to 2.4.2

Just did an upgrade for Wallabag from Version 2.3.8 to 2.4.2. So I opened my docker-compose.yml and changed the image version and ran docker-compose up -d

version: '3'
services:
  wallabag:
    image: wallabag/wallabag:2.4.2
    container_name: wallabag-app
    restart: unless-stopped
    environment:
      - MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD}
      - SYMFONY__ENV__DATABASE_DRIVER=pdo_mysql
      - SYMFONY__ENV__DATABASE_HOST=wallabag-db
      - SYMFONY__ENV__DATABASE_PORT=3306
      - SYMFONY__ENV__DATABASE_NAME=wallabag
      - SYMFONY__ENV__DATABASE_USER=${MARIADB_USER}
      - SYMFONY__ENV__DATABASE_PASSWORD=${MARIADB_PASSWORD}
      - SYMFONY__ENV__DATABASE_CHARSET=utf8mb4
      - SYMFONY__ENV__MAILER_HOST=${WALLABAG_MAILER_HOST}
      - SYMFONY__ENV__MAILER_USER=~
      - SYMFONY__ENV__MAILER_PASSWORD=~
      - SYMFONY__ENV__FROM_EMAIL=${WALLABAG_FROM_EMAIL}
      - SYMFONY__ENV__DOMAIN_NAME=${WALLABAG_DOMAIN_NAME}
    depends_on:
      - wallabag-db
    volumes:
      - /opt/containers/wallabag/images:/var/www/wallabag/web/assets/images
    networks:
      - proxy

  wallabag-db:
    image: mariadb
    restart: unless-stopped
    container_name: wallabag-db
    environment:
      - MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD}
    volumes:
      - /opt/containers/wallabag/data:/var/lib/mysql
    networks:
      - proxy

networks:
  proxy:
    external: true

But somehow after the upgrade my container won’t come back online. Although the log was saying “Provisioner finished”, it could not connect to the database. When opening the webpage for wallabag the docker logs said: “…unable to parse the MySQL grant string: GRANT USAGE ON entrypoint.sh TO wallabag@% IDENTIFIED BY PASSWORD…”

After searching on google I finally found this note on the Wallabag Github page….

“If there is a version upgrade that needs a database migration. The most easy way to do is running the migrate command:”

docker exec -t wallabag-app /var/www/wallabag/bin/console doctrine:migrations:migrate --env=prod --no-interaction

After running the db migration everything came back online. So this post is just a reminder for myself that sometimes Wallabag needs a db migration after upgrading. 🙂

[Nextcloud] Docker update 20.0.1 to 20.0.4 warnings

After pulling the latest Nextcloud image I got some warnings about missing indices, missing primary keys and about converting some column types to big int. The warnings could easily be fixed by running the suggested occ comands. Append “-no-interaction” to suppress the confirmation question (see docs).

docker exec --user www-data nextcloud-app php /var/www/html/occ db:add-missing-indices
docker exec --user www-data nextcloud-app php /var/www/html/occ db:add-missing-primary-keys
docker exec --user www-data nextcloud-app php /var/www/html/occ db:convert-filecache-bigint --no-interaction

[WordPress] 4 levels of caching

Good overview on: https://www.smarthomebeginner.com/wordpress-on-docker-traefik/#3_WordPress_Caching

Browser Caching: This is what tells the visitors browser to cache the files locally to speed up future site/page visits. We will set this up using Nginx. On Apache, this is accomplished using .htaccess files.

Server Caching: This caches static versions of pages (Page cache). We are going to accomplish this using Nginx FastCGI cache.

Frontend Caching: This means caching WordPress PHP files so they don’t have to be re-compiled for every visit. We are going to set this up using PHP OpCache.

Database Caching: This optimizes database queries by storing them in the RAM for faster delivery. We are going to use Redis for this.

[Nextcloud] Docker upgrade 19.0 to 20.0 exception

Just did the Nextcloud Docker upgrade from version 19.0 to 20.0. I followed their guide on Github and updated my docker-compose.yml.

 nextcloud-app:
    image: nextcloud:20.0
    restart: unless-stopped
    volumes:
      - /opt/containers/nextcloud/app:/var/www/html
    depends_on:
      - nextcloud-db
      - nextcloud-redis
    environment:
        REDIS_HOST: nextcloud-redis
        REDIS_HOST_PASSWORD: ${REDIS_PASSWORD}
    networks:
      - proxy

Followed by:

$ docker-compose -f /opt/containers/nextcloud/docker-compose.yml pull
$ docker-compose -f /opt/containers/nextcloud/docker-compose.yml up -d

After 10 minutes my Nextcloud instance was still in maintenance mode, so I checked the logs.

$ docker logs nextcloud-app_1
Initializing nextcloud 20.0.1.1 ...
Upgrading nextcloud from 19.0.1.1 ...
Initializing finished
Nextcloud or one of the apps require upgrade - only a limited number of commands are available
You may use your browser or the occ upgrade command to do the upgrade
Setting log level to debug
Turned on maintenance mode
Updating database schema
Updated database
Disabled incompatible app: announcementcenter
Disabled incompatible app: breezedark
Disabled incompatible app: calendar
Disabled incompatible app: drawio
...
...
...
Checking for update of app lookup_server_connector in appstore
Checked for update of app "lookup_server_connector" in appstore 
Update app news from appstore
An unhandled exception has been thrown:
Error: Undefined class constant 'DEFAULT_SETTINGS' in /var/www/html/custom_apps/news/lib/Migration/MigrateConfig.php:49
Stack trace:
#0 [internal function]: OCA\News\Migration\MigrateConfig->__construct(Object(OCA\News\Config\LegacyConfig), Object(OC\AllConfig), Object(OCA\News\AppInfo\Application))
#1 /var/www/html/lib/private/AppFramework/Utility/SimpleContainer.php(101): ReflectionClass->newInstanceArgs(Array)
#2 /var/www/html/lib/private/AppFramework/Utility/SimpleContainer.php(109): OC\AppFramework\Utility\SimpleContainer->buildClass(Object(ReflectionClass))
#3 /var/www/html/lib/private/AppFramework/Utility/SimpleContainer.php(126): OC\AppFramework\Utility\SimpleContainer->resolve('OCA\\News\\Migrat...')
#4 /var/www/html/lib/private/AppFramework/DependencyInjection/DIContainer.php(455): OC\AppFramework\Utility\SimpleContainer->query('OCA\\News\\Migrat...')
#5 /var/www/html/lib/private/ServerContainer.php(140): OC\AppFramework\DependencyInjection\DIContainer->queryNoFallback('OCA\\News\\Migrat...')
#6 /var/www/html/lib/private/Repair.php(119): OC\ServerContainer->query('OCA\\News\\Migrat...')
#7 /var/www/html/lib/private/legacy/OC_App.php(1035): OC\Repair->addStep('OCA\\News\\Migrat...')
#8 /var/www/html/lib/private/legacy/OC_App.php(979): OC_App::executeRepairSteps('news', Array)
#9 /var/www/html/lib/private/Installer.php(206): OC_App::updateApp('news')
#10 /var/www/html/lib/private/Updater.php(452): OC\Installer->updateAppstoreApp('news')
#11 /var/www/html/lib/private/Updater.php(260): OC\Updater->upgradeAppStoreApps(Array)
#12 /var/www/html/lib/private/Updater.php(130): OC\Updater->doUpgrade('20.0.1.1', '19.0.1.1')
#13 /var/www/html/core/Command/Upgrade.php(255): OC\Updater->upgrade()
#14 /var/www/html/3rdparty/symfony/console/Command/Command.php(255): OC\Core\Command\Upgrade->execute(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#15 /var/www/html/3rdparty/symfony/console/Application.php(1000): Symfony\Component\Console\Command\Command->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#16 /var/www/html/3rdparty/symfony/console/Application.php(271): Symfony\Component\Console\Application->doRunCommand(Object(OC\Core\Command\Upgrade), Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#17 /var/www/html/3rdparty/symfony/console/Application.php(147): Symfony\Component\Console\Application->doRun(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#18 /var/www/html/lib/private/Console/Application.php(215): Symfony\Component\Console\Application->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#19 /var/www/html/console.php(100): OC\Console\Application->run()
#20 /var/www/html/occ(11): require_once('/var/www/html/c...')
#21 {main}    0/0 [->--------------------------]   0%Configuring Redis as session handler
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.1X.X.XX. Set the 'ServerName' directive globally to suppress this message
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.1X.X.XX. Set the 'ServerName' directive globally to suppress this message

Seems like the news app updating process threw an exception. After searching for a minute I found this thread, where someone got the same error and just manually disabled the maintenance mode. So I did the same:

$ docker exec --user www-data nextcloud-app_1 php /var/www/html/occ maintenance:mode --off
Nextcloud or one of the apps require upgrade - only a limited number of commands are available
You may use your browser or the occ upgrade command to do the upgrade
Maintenance mode disabled

Went back to the WebGui, logged in, and he asked me to update the news app. Now the update finished without problems.

[RaspberryPi] Installing MPD on a RaspberryPi 3 with HifiBerry AMP2

Until recently, I only used my RaspberryPi 3 as Bluetooth Speaker with the HifiBerry AMP2 and two old B&W DM601. This setup only consumes about 3 Watts idling, so its running 24h. I used the VLC Android App on my smartphone to access my music on my NAS and streamed it via Bluetooth to the Pi.

But I wanted to control the music on different devices (like Tablet, HTPC, Desktop) and was annoyed, having to reconnect my smartphone Bluetooth connection all the time when coming home. Also there is still a loss of quality with Bluetooth and i have many FLAC files now. That’s why I gave Music Player Daemon (MPD) a try. A daemon which runs on the Pi and can be controlled from different clients. It accesses my music library via Wifi directly on the NAS.

These are the steps I had to make on my Raspberry Pi:

  1. Firmware update
  2. Set up the the Hifiberry AMP2 (if not yet done)
  3. Mount NFS share with your music
  4. Install MPD and the clients MPC and ncmpcpp
  5. Edit MPD config file
  6. Run MPC update to fill library
  7. Configure NCMPCPP
  8. MPDroid as smartphone client
©Hifiberry AMP2

1. Firmware update

I had some audio cracking when switching a song or just pressing play and pause. Following this blog, they released a fix with in a newer firmware version, unfortunately after a while they broke it again with a later firmware version…. nevertheless I made the update and somehow I get less cracking, even if it doesn’t disappear completely.

sudo apt-get install rpi-update
sudo rpi-update
sudo reboot

Update 23.05.2020: Install PulseAudio, if the Firmware update will not help.
https://dbader.org/blog/crackle-free-audio-on-the-raspberry-pi-with-mpd-and-pulseaudio#update2
https://wiki.archlinux.org/index.php/Music_Player_Daemon/Tips_and_tricks#Local_(as_your_own_user)

2. Set up the the Hifiberry AMP2

Just follow these steps: https://github.com/project-owner/Peppy.doc/wiki/HiFiBerry-Amp

And check if user Pi is member of the audio group. If not, add him to.

$ groups
pi adm dialout cdrom sudo audio video plugdev games users input
$ sudo usermod -a pi -G audio

3. Mount NFS share

My music is stored on to a NAS and published via NFS. So I just had to mount it to my Pi.
https://www.elektronik-kompendium.de/sites/raspberry-pi/2102211.htm

sudo apt install nfs-common
sudo mkdir -p /mnt/nfs/music
showmount -e ipadress
sudo mount -t nfs -o soft ipadress:/data/music /mnt/nfs/music

Use autofs to auto mount the NFS share on boot.
https://www.elektronik-kompendium.de/sites/raspberry-pi/2102221.htm

sudo apt install autofs
sudo nano /etc/auto.nfs
sudo nano /etc/auto.master
sudo service autofs restart
mount
ls /mnt/nfs/music/
sudo reboot
#check again after reboot
ls /mnt/nfs/music/

auto.nfs

music -fstype=nfs,rw,retry=0 192.168.178.100:/data/music

auto.master

/mnt/nfs /etc/auto.nfs

4. Install MPD and the clients MPC and ncmpcpp

sudo apt update
sudo apt install mpd mpc ncmpcpp

5. Edit MPD config file and restart service

Open the mpd.conf file in your favorite editor and after editing, restart the service.

sudo nano /etc/mpd.conf
sudo systemctl restart mpd

I had to make the following changes in the config:

music_directory         "/mnt/nfs/music"
bind_to_address         "any"
auto_update             "yes"
audio_output {
        type            "alsa"
        name            "My ALSA Device"
        device          "hw:0,0"        
        mixer_type      "software"
}

Check aplay -l for the right device settings.

$ aplay -l
**** List of PLAYBACK Hardware Devices ****
card 0: sndrpihifiberry [snd_rpi_hifiberry_dacplus], device 0: HiFiBerry DAC+ HiFi pcm512x-hifi-0 [HiFiBerry DAC+ HiFi pcm512x-hifi-0]
  Subdevices: 0/1
  Subdevice #0: subdevice #0

6. Run MPC update to fill library

The Music Player Client (MPC) acts as client (as well as ncmpcpp) to MPD. MPD itself is just the daemon and has no music controlling capabilities.

#check if the output(s) is enabled
mpc outputs
#update the database (will take while)
mpc update
#look up the commands to adjust volume and play a file as test 
mpc help 

7. Configure ncmpcpp

When using ncmpcpp as client, you have to do a small configuration to tell the client to which server it should talk to. So open the config:

sudo nano ~/.ncmpcpp/config

and insert the following lines. When using ncmpcpp directly one the raspberry, set 127.0.0.1 as mpd_host. When using it on another machine (like your desktop), insert the IP of the raspberry pi.

ncmpcpp_directory =         "~/.ncmpcpp"
mpd_host =                  "127.0.0.1"
mpd_port =                  "6600"	
allow_for_physical_item_deletion = yes

Here is a cool cheatsheet on how to control ncmpcpp:
https://pkgbuild.com/~jelle/ncmpcpp/

If you prefer a GUI, install Cantata or Sonata:
https://github.com/CDrummond/cantata
https://www.nongnu.org/sonata/

8. Install MPDroid

To control MPD via Smartphone, install the MPDroid App from the F-Droid store: https://f-droid.org/en/packages/com.namelessdev.mpdroid/

[Wireguard] Set up Wireguard using PiVPN inside LXC

Recently I had to setup a new Proxmox host and also had to setup a VPN to access the network of the host. This time I gave PiVPN a try, since it recently added support for Wireguard.
So first I installed Wireguard on the host like here (without adding the TUN device to the containers config), set up a new unprivileged container running debian buster, set up port forwarding in the router, installed curl followed by the one liner for PiVPN.

apt install curl
curl -L https://install.pivpn.io | bash

And that was almost it. Now just add a device and use the QR-Code the use it on Android.

pivpn -a
pivpn -qr

PiVPN delivers what it promises! That was super easy to setup.