The file should be uploaded and displayed in the files list
The file fails to upload with the message "Not enough space". Though it does work when uploading from the android mobile client
Operating system: Debian stretch LXC container on Debian stretch host
Web server: Nginx
Database: MySQL
PHP version: PHP 7.3
Nextcloud version: 16.0.1
Updated from an older Nextcloud/ownCloud or fresh install: Fresh install
Where did you install Nextcloud from: https://nextcloud.com/install/#instructions-server
Signing status:
Signing status
No errors have been found.
List of activated apps:
App list
Enabled:
- accessibility: 1.2.0
- activity: 2.9.1
- bruteforcesettings: 1.3.0
- calendar: 1.7.0
- cloud_federation_api: 0.2.0
- comments: 1.6.0
- contacts: 3.1.1
- dav: 1.9.2
- federatedfilesharing: 1.6.0
- federation: 1.6.0
- files: 1.11.0
- files_pdfviewer: 1.5.0
- files_rightclick: 0.13.0
- files_sharing: 1.8.0
- files_texteditor: 2.8.0
- files_trashbin: 1.6.0
- files_versions: 1.9.0
- files_videoplayer: 1.5.0
- firstrunwizard: 2.5.0
- gallery: 18.3.0
- logreader: 2.1.0
- lookup_server_connector: 1.4.0
- nextcloud_announcements: 1.5.0
- notifications: 2.4.1
- oauth2: 1.4.2
- password_policy: 1.6.0
- privacy: 1.0.0
- provisioning_api: 1.6.0
- recommendations: 0.4.0
- serverinfo: 1.6.0
- sharebymail: 1.6.0
- support: 1.0.0
- survey_client: 1.4.0
- systemtags: 1.6.0
- theming: 1.7.0
- twofactor_backupcodes: 1.5.0
- updatenotification: 1.6.0
- viewer: 1.0.0
- workflowengine: 1.6.0
Disabled:
- admin_audit
- encryption
- files_external
- user_ldap
Nextcloud configuration:
Config report
{
"system": {
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"cloud.paddatrapper.com"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"dbtype": "mysql",
"version": "16.0.1.1",
"overwrite.cli.url": "https:\/\/cloud.paddatrapper.com",
"overwriteprotocol": "https",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true
}
}
Are you using external storage, if yes which one: no
Are you using encryption: no
Are you using an external user-backend, if yes which one: no
Browser: Firefox 67
Operating system: Debian Sid
Web server error log
2019/06/04 11:51:53 [error] 223#223: *3237 access forbidden by rule, client: <IP>, server: <URL>, request: "GET /data/.ocdata?t=1559641912614 HTTP/1.0", host: "<URL>"
2019/06/04 12:05:37 [error] 223#223: *3483 access forbidden by rule, client: <IP>, server: <URL>, request: "GET /data/.ocdata?t=1559642737015 HTTP/1.0", host: "<URL>"
2019/06/04 12:06:25 [error] 2581#2581: *52 access forbidden by rule, client: <IP>, server: <URL>, request: "GET /data/.ocdata?t=1559642784921 HTTP/1.0", host: "<URL>"
2019/06/04 12:10:01 [error] 2581#2581: *182 access forbidden by rule, client: <IP>, server: <URL>, request: "GET /data/.ocdata?t=1559643000792 HTTP/1.0", host: "<URL>"
2019/06/04 12:22:33 [error] 2581#2581: *632 access forbidden by rule, client: <IP>, server: <URL>, request: "GET /data/.ocdata?t=1559643752638 HTTP/1.0", host: "<URL>"
2019/06/04 12:38:01 [error] 2580#2580: *904 access forbidden by rule, client: <IP>, <URL>, request: "GET /data/.ocdata?t=1559644681008 HTTP/1.0", host: "<URL>"
Nextcloud log
{"reqId":"tRhlmhfEJO4fADLhB366","level":2,"time":"2019-06-04T09:36:26+00:00","remoteAddr":"10.0.3.10","user":"--","app":"core","method":"PROPFIND","url":"\/remote.php\/webdav\/","message":"Login failed: '<USER>' (Remote IP: '<IP>')","userAgent":"Mozilla\/5.0 (Android) Nextcloud-android\/3.6.2","version":"16.0.1.1"}
Browser log
The humanFileSize library is deprecated! It will be removed in nextcloud 19.
The escapeHTML library is deprecated! It will be removed in nextcloud 19.
Following #2311 did not help. I do not want to edit the NC source code and the other solutions were mostly that the issue was fixed by upgrading...
I am experiencing the same issue using the Nextcloud Docker image from Dockerhub. Web interface uploads fail with the above error.
I see the same issue on 17.0, seems to be caused by #free_space
not being populated:
<input type="hidden" id="free_space" value="">
If I manually change that so it looks like below, upload works as expected.
<input type="hidden" id="free_space" value="999999999">
Possibly related: /index.php/apps/files/ajax/getstoragestats.php?dir=%2F
throws a 404
EDIT: tracked it down to a misconfiguration of nginx. fastcgi_split_path_info
was set to ^(.+\.php)(/.*|)$
(greedy). Changing to ^((?U).+\.php)(/.*|)$
solved the issue.
source: https://stackoverflow.com/a/15663091
Hi @mvn23 ,
I test this patch on nginx conf without success.
But even if it was a success, isn't this patch a security pb ? The nextcloud doc and the nginx (fastcgi_split_path_info
) give both the same conf with greedy regexp.
By the way, in my case (nextcloud 17.0.1 and nginx 1.14.2 on debian stable), setting a quota for user don't give more success :(
Actually, my problem came from a misconfiguration in my nginx conf (nothing to do with NC).
The nginx doc says fastcgi_split_path_info ^(.+\.php)(.*)$;
The nextcloud doc says fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
(note the ?
after .+
)
Your solution is fastcgi_split_path_info ^((?U).+\.php)(\/.*|)$;
(note the (?U)
before the .+
)
So the NC doc solution is ok for me.
I do not test correctly your's (sorry).
And the nginx doc is probably not ok for NC case.
Heyho, I have the same issue. I tried the posted solution, but no change... There is still no value within the input and /index.php/apps/files/ajax/getstoragestats.php?dir=%2F
gives a 404.
I use nextcloud within ISPConfig, which does most of the nginX-stuff for me, so I post only the added directives for nextcould:
`
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
location = /.well-known/carddav {
return 301 $scheme://$host:$server_port/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host:$server_port/remote.php/dav;
}
client_max_body_size 1024M;
fastcgi_buffers 64 4K;
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
location / {
rewrite ^ /index.php;
}
location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
deny all;
}
location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
# Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
# Enable pretty urls
fastcgi_param front_controller_active true;
{FASTCGIPASS}
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js, css and map files
# Make sure it is BELOW the PHP block
location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
# Optional: Don't log access to assets
access_log off;
}
location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ {
try_files $uri /index.php$request_uri;
access_log off;
}
So either there is a bug in the suggested nginX-config or there is a file missing, cause in the current release there is no getstoragestatus.php listed under
/apps/files/ajax ` but there are download.php and list.php and in fact the whole current release-package doesn't know a getstoragestatus.php-File...
This bug renderes nextcloud completely useless to me...
There is no getstoragestatus.php
file. A request to this file is routed via index.php
to the appropriate controller. If a request to this route return a 404 your nginx configuration is probably wrong. Please keep in mind that configurations via panels like ispconfig are usually merged with some global configuration. Try to check the generated and figure out why the request is not routed.
Please note: This is the issue tracker of Nextcloud, please do NOT use this to get answers to your questions or get help for fixing your installation. This is a place to report bugs to developers, after your server has been debugged. You can find help debugging your system on our home user forums: https://help.nextcloud.com or, if you use Nextcloud in a large organization, ask our engineers on https://portal.nextcloud.com. See also https://nextcloud.com/support for support options.
Thanks :+1:
Hello, I finally managed to find out why I had this problem and none of the solutions suggested here helped me.
I'm running Nextcloud in docker-compose based on examples in this Github repository and I was unable to upload files via Web interface after the critical security vulnerability in Nginx was discovered some time in November and after I adapted configuration file for the _web container_.
What I omitted to do was to build the new image of the _web container_, so my _web container_ was running with the old configuration this all time. After rebuilding and recreating the container from the new image, it started to work.
As a side remark, I will maybe take a look at the Dockerfile of the _web container_ in order to investigate possibilities of linking the nginx.conf
file into a vanilla Nginx container rather than having it "baked" into the image.
I apologise for posting it here, right after the previous comment reprimanded us for troubleshooting in the issue tracker, but this page comes up as one of the first hits in search engines, so many people seeking answers will come here.
I'm on 18.06 and I am still seeing this same issue..
When looking at the free space code, like many pointed out, it looks like its still 00.
I can bypass this by using another upload tool like UploadFlow, but the default upload is definately broken.. (Running on Ubuntu 16.04)
Closing as configuration issue. Upload works fine at https://try.nextcloud.com.
https://try.nextcloud.com is running on Apache/2.4.29 (Ubuntu) and I believe that this is a problem with Nextcloud running on Nginx so please reopen this issue.
I already explained it earlier. It's an issue with your configuration. For questions / configuration issues use https://help.nextcloud.com.
Most helpful comment
I see the same issue on 17.0, seems to be caused by
#free_space
not being populated:If I manually change that so it looks like below, upload works as expected.
Possibly related:
/index.php/apps/files/ajax/getstoragestats.php?dir=%2F
throws a404
EDIT: tracked it down to a misconfiguration of nginx.
fastcgi_split_path_info
was set to^(.+\.php)(/.*|)$
(greedy). Changing to^((?U).+\.php)(/.*|)$
solved the issue.source: https://stackoverflow.com/a/15663091