hey there,
today I’ve tried to install samba via the dietpi-software manager.
The installation worked fine and samba is working, but nextcloud isn’t working anymore and says, that the config folder isn’t writable.I don’t understand why the installation of a not-web software messes with the permissions of the www-folder.
EDIT: I checked the permissions - they’re ok - still 755 owner www-data
The reason why I’m posting here (I’ve opened a thread on the yunohost forums nevertheless) is that it’s reproducible with the dietpi-software installer. It’s not a specific yunohost problem!
How can I see what the dietpi-software installer is doing while installing the software?
I thought it would just apt-get update and so but it’s doing way more than this…
We are releasing DietPi v159 in under 12 hours which has various fixes for the NextCloud/Owncloud installations.
I can only advise retesting the installation of NextCloud, once your system is updated to v159. If problems persist after the update, please let us know, so we can open investigations.
I can tell you on my OPi-PC I made it bulletproof by going into “dietpi-config” going into “performance” and setting minimum to 240mhz, and maximum to 912mhz
┌─────────────┤ DietPi - Performance Options ├─────────────┐
│ Hardware : OrangePi PC (armv7l) │
│ ARM Temp: 42'c │
│ RAM: 1024 MB | Used: 734 MB | Free: 290 MB │
│ │
│ Change CPU Governor : ondemand │
│ CPU Throttle Up : 50% │
│ Ondemand Sample Rate : 25 ms │
│ Ondemand Down Factor : 80 (2000 ms) │
│ CPU Max Freq Limit : 912 MHz │
│ CPU Min Freq Limit : 240 MHz │
│ <Ok> <Back>
Sure I neuter it a little bit, but was able to run a 4 core stress test for over 15 min, starting temp was 42C, and after 15min while running stress and going thru my nextcloud syncing pics and uploading/downloading photos the temp got up to 58C…even though with slower processor speed, it will keep it from overheating, I also have a 1" chunk of heatsink jb quickweld epoxied to the top of the heatsink, so it helps slow down the processor saturation. As long as the OPi isn’t using all 4 cores at max CPU for a crazy long time it will never throttle.
Ok I’ll report back after updating the instance.
But I have to tell, that nextcloud wasn’t installed via the dietpi software installer, it was installed via the script from yunohost.
but maybe there isn’t much of a difference, it apt-get install all the stuff in a row, nothing really special.
I really don’t want to overload you - First I have to analyze, what the problem actually is (it’s probably better to get help for this in the yunohost forums.)
After that, it would be nice to have someone here to analyze what the root cause is.
Ok - I know the reason now!
An installation resets the permission and owner of everything inside of www
For instance - The nextcloud website is in the folder under www/nextcloud with the user “nextcloud” and 755 permission.
After an installation it resets to the user and group www-data and 775 - so the nextcloud user cannot write to this directory anymore.
Is it possible to disable this behavior? If I install a package via apt-get normally this doesn’t happen - only if I use the dietpi-software installation method.
A simple chown -R user:user directory and chmod -R 755 directory brought my nextcloud and wallabag back to life.
Hmm, usually all web services are run by webserver user, which is by default www-data. If you install Nextcloud via dietpi-software it will be configured that way, thus will not show issues.
Is there some special reason you use another user and how did you realize it with webserver? I could think of adding the possibility to DietPi Nextcloud/ownCloud, if there is a good reason and compatibility with other software.
I don’t know the exact reason why yunohost opts for a specific user for several apps (wallabag and nextcloud as far as I know) and I don’t have a special reason for this. I just go for the default, which differs from the default in the dietpi-software installer.
And there’s another problem to login to the yunohost adminpanel after an upgrade via the dietpi-software installer. But again, I’ve to check the yunohost forums first and come back what the specifics of the rootcause are.
# Create a system account for Nextcloud
sudo useradd -c "$app system account" \
-d /var/lib/$app --system --user-group $app \
|| ynh_die "Unable to create $app system account"
and it adds nextcloud as a user - I can think of having separate users for each software for security purposes.
When running dietpi-software and installing any software title (regardless of nextcloud), DietPi will set www-data permissions to /var/www: https://github.com/Fourdee/DietPi/blob/master/dietpi/dietpi-software#L8585-L8587
This is generally considered “standard Linux practice”. Ensuring restricted permissions to web applications.
As yunohost uses a different user for NextCloud, this would render it incompatible. (yunohost.app, from what I can work out in their installer script)
In regards to the yunohost install script, it appears its a closed and highly customized one use system that is designed to operate with their methods of installation/configuration.
We do something similar in DietPi, however, we focus on ensuring a stock Linux experience (eg: www-data for web apps), and standard Linux changes are compatible.
I think the only way DietPi (+ manual stock Linux installs) and yunohost would be compatible, is if yunohost could accommodate existing installs of the supported applications, instead of requiring a non-standard custom installation via their install scripts.
As it stands at the moment, there is simply too much customization of yunohost’s installation, outside of the standard of Linux, for us to support.
yunohost’s installer is by no means a bad thing, ensures the software operates as intended, however, it can limit use of other software outside its scope.
Thank you Fourdee for your thoughtful answer - I highly appreciate this!
I don’t want to force my usecase on everyone else so I just have to deal with this behavior and reset it after each installation or just install the needed software via apt-get.
I think a compatibility list would be a great addition to some kind of documentation about dietpi - but for now this thread may be a good “link to it if something complains about a yunohost installation” thing
I had a look into this. But I actually couldn’t figure out, how yunohost manages different users for (all?) it’s web service extensions.
The webserver needs to have access to the web service folders. It usually uses www-data as user, thus web service folders/files need to be owned by www-data, at least readable, in case of Nextcloud in several cases writeable.
If you create an own user for every web service and chown it’s folders/files to it, the webserver somehow needs to use this different users for the different services. But I didn’t found a hint about this in the nginx.conf in this case and no idea, if it is actually possible. At least it would need a separate worker for every service, as the webserver worker is the one, running as usually www-data and would need to run under different user in case.
Just reviewed the Nextcloud specific functions and configurations indeed, so a deeper look into yunohost could give a hint.
But the time/benefit calculation for this is extremely bad. We have to take care, that our ~170 different software offers run within our large range of supported devices without disturbing each other. That is already a huge task. We cannot take care about that in combination with other multi software platforms like yunohost, that offer the same software again with different configuration and implementation. Good that you found a such easy solution with just chown the folder back . “Generally” I would recommend to stay with one platform (DietPi or yunohost) and in case try our Nextcloud implementation. It made some nice steps forward recently and offers several optimizations that I can’t see in yunohosts implementation. Might be the same the other way round too .
But this is just my opinion is minor contributor. In the end @Fourdee has to decide, if we do something about it .
Well I don’t want anyone to work on this, because I’m possibly the only person on this forum using this combination.
I think both worlds have their pros, dietpi with the beautiful menu, the cloudshell 2 support, a friendly community and so on.
Yunohost has a wonderful webinterface where you have all those webapps under a nice web gui, which is unbeatable in terms of usability and “niceness” which you can extend quite easily.
Nextcloud from dietpi would be cool too, it’s just the web-gui from yunohost which is - in my personal view - something I really “need” (if you can really need such things)
I just have to know where the possible quirks are and how to circumvent them, that’s all.
And as a bonus - if someone uses this as well - have this documented, that other don’t have to look for themselves.
So. All in all. Thank you and don’t bother about this problem - if I have my webadminpanel working again (which the dietpi-software installer broke as well), I’ll be happy for a long time, until the kernel 4.x matured a little bit and to have new issues to solve
. “Generally” I would recommend to stay with one platform (DietPi or yunohost) and in case try our Nextcloud implementation. It made some nice steps forward recently and offers several optimizations that I can’t see in yunohosts implementation. Might be the same the other way round too 
.
.