Nixpkgs: nextcloud: php-fpm and nextcloud-setup services fail when nginx is not enabled

Created on 22 Sep 2019  ·  4Comments  ·  Source: NixOS/nixpkgs

Describe the bug
When deploying a nextcloud service, if nginx is not enabled, the unit scripts of php-fpm and nextcloud-setup systemd services fail. This makes it more difficult than necessary to use nextcloud with a different web server.

For both services, the issue is caused by hardcoding the nginx user and/or group in the unit scripts.

For the php-fpm service, we see nginx hardcoded in a few places.

For nextcloud-setup, the failure is related to this line, where the nginx group is hardcoded into this chown command.

The resulting error message:

tshaynik> ● phpfpm-nextcloud.service - PHP FastCGI Process Manager service for pool nextcloud
tshaynik>    Loaded: loaded (/nix/store/2zbp405ils6dbzcclqyr3zf2zrhrk3ch-unit-phpfpm-nextcloud.service/phpfpm-nextcloud.service; enabled; vendor preset: enabled)
tshaynik>    Active: failed (Result: exit-code) since Sun 2019-09-22 17:50:06 UTC; 26s ago
tshaynik>   Process: 4977 ExecStart=/nix/store/r9r5cr97ih4qvlnsh8nzk8id0ffxy6r7-php-7.3.9/bin/php-fpm -y /nix/store/v0rwhdgl0xd073frzl30kjbgkr8dmhyk-phpfpm-nextcloud.conf -c /nix/store/j5w50abdyrafgdng9j60jardifa0nbpi-php.ini (code=exited, status=78)
tshaynik>   Process: 4975 ExecStartPre=/nix/store/r2xhb14kz57hmycvjsvwgpzkl8kd3l2g-unit-script-phpfpm-nextcloud-pre-start (code=exited, status=0/SUCCESS)
tshaynik>  Main PID: 4977 (code=exited, status=78)
tshaynik>
tshaynik> Sep 22 17:50:05 tshaynik systemd[1]: Starting PHP FastCGI Process Manager service for pool nextcloud...
tshaynik> Sep 22 17:50:06 tshaynik php-fpm[4977]: [ERROR] [pool nextcloud] cannot get gid for group 'nginx'
tshaynik> Sep 22 17:50:06 tshaynik php-fpm[4977]: [ERROR] [pool nextcloud] cannot get gid for group 'nginx'
tshaynik> Sep 22 17:50:06 tshaynik php-fpm[4977]: [ERROR] FPM initialization failed
tshaynik> Sep 22 17:50:06 tshaynik php-fpm[4977]: [ERROR] FPM initialization failed
tshaynik> Sep 22 17:50:06 tshaynik systemd[1]: phpfpm-nextcloud.service: Main process exited, code=exited, status=78/CONFIG
tshaynik> Sep 22 17:50:06 tshaynik systemd[1]: phpfpm-nextcloud.service: Failed with result 'exit-code'.
tshaynik> Sep 22 17:50:06 tshaynik systemd[1]: Failed to start PHP FastCGI Process Manager service for pool nextcloud.
tshaynik>
tshaynik> ● nextcloud-setup.service
tshaynik>    Loaded: loaded (/nix/store/4asb31g7w00jrr1kc0k60xi4nigh9bga-unit-nextcloud-setup.service/nextcloud-setup.service; enabled; vendor preset: enabled)
tshaynik>    Active: failed (Result: exit-code) since Sun 2019-09-22 17:50:05 UTC; 26s ago
tshaynik>   Process: 4961 ExecStart=/nix/store/yc3bb7dxnqpkca3h1zkf8pb5fbhbak1r-unit-script-nextcloud-setup-start (code=exited, status=1/FAILURE)
tshaynik>  Main PID: 4961 (code=exited, status=1/FAILURE)
tshaynik>
tshaynik> Sep 22 17:50:05 tshaynik systemd[1]: Starting nextcloud-setup.service...
tshaynik> Sep 22 17:50:05 tshaynik yc3bb7dxnqpkca3h1zkf8pb5fbhbak1r-unit-script-nextcloud-setup-start[4961]: chown: invalid group: ‘nextcloud:nginx’

To Reproduce
Steps to reproduce the behavior:

  1. Enable the nextcloud service, and add the nextcloud-setup systemd service as described in the NixOS manual, but with thenginx.enable option set to false.
    services.nextcloud = {
      enable = true;
      hostName = "nextcloud.example.com";
      nginx.enable = false;
      config = {
        dbtype = "pgsql";
        dbuser = "nextcloud";
        dbhost = "/tmp"; # nextcloud will add /.s.PGSQL.5432 by itself
        dbname = "nextcloud";
        adminpassFile = "/run/keys/nextcloud";
        adminuser = "root";
      };
    };

    systemd.services."nextcloud-setup" = {
      requires = ["postgresql.service"];
      after = ["postgresql.service"];
    };

...

Expected behavior

Not enabling nginx should still allow nextcloud to be deployed, and the user should be able to override the webserver group. It seems to me like there should be an additional option for the name of the webserver's user and group, that would default to nginx, but could changed by the user to something else.

Additional context
Running using nixops on DigitalOcean.

Metadata
Please run nix run nixpkgs.nix-info -c nix-info -m and paste the result.

 - system: `"x86_64-linux"`
 - host os: `Linux 4.19.72, NixOS, 19.03.173506.2dfae8e22fd (Koi)`
 - multi-user?: `yes`
 - sandbox: `yes`
 - version: `nix-env (Nix) 2.2.2`
 - channels(mandolin): `"unstable-19.09pre185176.1036dc66416"`
 - channels(root): `"nixos-19.03.173506.2dfae8e22fd"`
 - nixpkgs: `/nix/var/nix/profiles/per-user/root/channels/nixos`
bug nixos
Source
picture tshaynik
👍2

All 4 comments

Thank you for your contributions.
This has been automatically marked as stale because it has had no activity for 180 days.
If this is still important to you, we ask that you leave a comment below. Your comment can be as simple as "still important to me". This lets people see that at least one person still cares about this. Someone will have to do this at most twice a year if there is no other activity.
Here are suggestions that might help resolve this more quickly:

  1. Search for maintainers and people that previously touched the
    related code and @ mention them in a comment.
  2. Ask on the NixOS Discourse. 3. Ask on the #nixos channel on
    irc.freenode.net.
stale[bot] picture stale[bot] on 2 Jun 2020

Because of this, running nextcloud on nixos is unnecessary difficult. There is No documentation or hint telling one has to enable the nginx server. Why is it not enabled by default?
I think the module should either have working defaults or raise an error if some mandatory field is missing.

DavHau picture DavHau on 14 Jul 2020
👍1

@Ma27 after comments earlier today about nextcloud and httpd I think you probably agree this should be enabled by default. Correct? Maybe the option doesn't even have any value at all...

aanderse picture aanderse on 14 Jul 2020

Tbh I'm slightly confused that the nginx isn't enabled by default, we should definitely alter the default to true here.

@aanderse AFAICS this can be fixed by using a different user/group if nginx is disabled (currently, the nginx group is used for pretty much everything in the Nextcloud module)

@DavHau this is not entirely true though, see https://nixos.org/nixos/manual/index.html#module-services-nextcloud

Ma27 picture Ma27 on 14 Jul 2020
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

rzetterberg picture rzetterberg  ·  3Comments
spacekitteh picture spacekitteh  ·  3Comments
tomberek picture tomberek  ·  3Comments
ghost picture ghost  ·  3Comments
grahamc picture grahamc  ·  3Comments