Proxmox + OwnCloud
- Thread starter T_Minus
- Start date
Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
That's why I said I forgot about this thread and bumped it up
Got busy and never got to doing the owncloud/nextcloud like discussed here, LOL!!
only plain proxmox/zfs CLI stuff for me so far.
I still have an instance of Owncloud running but I'm using Nextcloud pretty much exclusively at this point.
I used OnlyOffice rather than Collabora and it was considerably easier to setup. Here's a link to some install info:
Installing Document Server for Linux on Debian, Ubuntu and derivatives - ONLYOFFICE
I used OnlyOffice rather than Collabora and it was considerably easier to setup. Here's a link to some install info:
Installing Document Server for Linux on Debian, Ubuntu and derivatives - ONLYOFFICE
I've used ownCloud, and now nextCloud - one thing I've noticed is that a php memory cache like redis is required to make move.
I just set up an instance of NextCloud on Proxmox Container. Set up was a breeze, but I ran into a permissions problems setting it up. The way I have it right now is that an external 8 TB disk is mounted on the proxmox host which is then bind mounted to the proxmox container via a mount point. So far so good, I can read/write anything to the entire disk from the container.
The mount point in the container shows up as owned by root and with 777 perms. NC doesn't like that, and chown/chmod don't seem to work form within the container for any file/folder. I did some research, and found that was because of how permissions are handled from host to containers for mounts. Short of understanding all that and fixing it, do you guys know of any alternative to getting NC to use a directory inside the external disk for all it's files ?
I do understand that setting up a NAS VM/CT with all my disks and data is a better way to go for the long term, but honestly, I hadn't considered that until I ran into this issue. Any help is appreciated.
The mount point in the container shows up as owned by root and with 777 perms. NC doesn't like that, and chown/chmod don't seem to work form within the container for any file/folder. I did some research, and found that was because of how permissions are handled from host to containers for mounts. Short of understanding all that and fixing it, do you guys know of any alternative to getting NC to use a directory inside the external disk for all it's files ?
I do understand that setting up a NAS VM/CT with all my disks and data is a better way to go for the long term, but honestly, I hadn't considered that until I ran into this issue. Any help is appreciated.
For me the easy answer wasn't a bind mount point, but I installed NFS and just setup an internal network and mounted it on the guest.
Looks like that's a better way to set up everything for me, what does your set up for NFS look like in terms of packages/software and configs ? Also, would the NFS throughput be enough to stream using Plex ?
Yep! very easy... You need to give your proxmox host an ip address on a bridge device you shared with your guest. It's really not best practice for production systems but for home use it's awesome!!
so in my example, I used vmbr2. If you're not using a bonded link or vlans then you can ignore/remove the bond0.210 and substitute for your local device (eno... or enp...)
Code:
auto vmbr2
iface vmbr2 inet static
address 192.168.21.20
netmask 255.255.255.0
bridge_ports bond0.210
bridge_stp off
bridge_fd 0
#vlan 210 (Storage Net)
Code:
apt install nfs-common nfs-kernel-server
Code:
/mount/location/of/media/you/are/sharing/to/plex/server 192.168.21.0/24(rw,no_root_squash)
Code:
exportfs -avThat is awesome, thank you for the detailed instructions ! It did not occur to me that I should make the Proxmox host my NFS server. I wanted to have a separate VM/CT for NFS since that will keep the host clean and cutter-free from any configs.
I'm currently testing the VM route, I have a feeling I'll run into the same perms problems, so I'll do the host NFS thingy once I fail with my VM. I'll keep you posted !
I've never used NC, but for NFS itself, mount-point + no_root_squash and it just works. Samba also works great on that config (I do samba on one of my box using mount-point and works like a charm.)
And I also noticed that you said everything is 777. It's not like that on my side. I'm doing full partition mount point and I can change permissions and owners just fine.
And I also noticed that you said everything is 777. It's not like that on my side. I'm doing full partition mount point and I can change permissions and owners just fine.
Code:
# cat /etc/pve/nodes/casper8/lxc/199.conf
arch: amd64
cores: 4
hostname: Kitakami
memory: 49152
mp0: /dev/md11,mp=/pub,backup=0
net0: name=eth0,bridge=vmbr0,gw=172.16.0.1,hwaddr=***,ip=172.16.13.199/16,type=veth
onboot: 1
ostype: debian
rootfs: vg0:vm-199-disk-1,size=2G
swap: 1I still haven't gotten the NFS to work, I'm stuck at the mounting part on the client. I keep getting access denied on the client -
I can install NFS on both container and VM, but NFS fails to start on the container with nfsd.mount errors, and I think it's because of LXC. NFS starts without issues on a VM, and I can export the files/locations, but I cannot mount them on the clients, I get the error above. I haven't yet dont the NFS on proxmox host, but I have a feeling I'll run into the same perms issue.
This is the fstab for the proxmox host -
I'll split out the Container and VM configs into different posts for easy readability.
As for the 777 permissions, I think they're because of my setup, a few of my drives are NTFS mounted on Proxmox host, and they show up as root:root with 777 perms. The other ext4 shows up as root:root with 755 perms. The perms are carried through the mounts, and are unchangeable for NTFS mounts. They are also readonly when bound to containers. I'm hoping to keep those as-is and remedy the perms and readonly situation with NFS.
I can install NFS on both container and VM, but NFS fails to start on the container with nfsd.mount errors, and I think it's because of LXC. NFS starts without issues on a VM, and I can export the files/locations, but I cannot mount them on the clients, I get the error above. I haven't yet dont the NFS on proxmox host, but I have a feeling I'll run into the same perms issue.
This is the fstab for the proxmox host -
Code:
UUID=fd53663a-6ddf-4c3c-8b2c-c4c342429dfe /media/Data ext4 defaults 0 0
UUID=1C342BB7342B92B6 /media/TV ntfs-3g defaults,locale=en_US.utf8 0 0
UUID=01CC5D8ED9352620 /media/Movies ntfs-3g defaults,locale=en_US.utf8 0 0
UUID=3CBE0681BE0633C4 /media/Backup-8T ntfs-3g defaults,locale=en_US.utf8 0 0This is the CT/Container config for NFS
This is the /etc/exports for CT
This is the syslog on CT when I do a service nfs-kernel-server start
Code:
...
mp0: /media/TV,mp=/media/TV
mp1: /media/Movies,mp=/media/Movies
mp2: /media/Data,mp=/media/Data
rootfs: local-lvm:vm-902-disk-1,size=10G
...
Code:
...
/media/TV/TV 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
/media/TV/Videos 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
/media/Movies 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
/media/Data/Photos 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
/media/Data/Songs 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
/media/Data/Software 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
/media/Data/Transmission-Downloads 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)This is the Proxmox VM config for NFS
This is the /etc/fstab on the VM -
This is the /etc/exports on the VM -
exportfs -av works without problems
The NFS exports show up on other containers/systems on my network, .10.120 is my NFS VM -
And when I try to mount any location, I get access denied.
This is more of an NFS client/server issue, since both NTFS and EXT systems are geting the same access denied message. What am I missing ? What am I doing wrong ?
Code:
...
virtio1: /dev/disk/by-id/ata-WDC_WD10JPLX-00MBPT0_JR1000BN31K76E-part1,size=976761560K
virtio2: /dev/disk/by-id/ata-Hitachi_HDS723015BLA642_MN1120F102JSBD-part1,size=1465136001K
virtio3: /dev/disk/by-id/ata-Hitachi_HUS724030ALE641_P8H80XNR-part2,size=2861459M
virtio4: /dev/disk/by-id/usb-WD_easystore_25FB_3753473950503043-0:0-part1,size=7630883M
Code:
UUID=fd53663a-6ddf-4c3c-8b2c-c4c342429dfe /media/Data ext4 defaults 0 0
UUID=1C342BB7342B92B6 /media/TV ntfs-3g defaults,locale=en_US.utf8 0 0
UUID=01CC5D8ED9352620 /media/Movies ntfs-3g defaults,locale=en_US.utf8 0 0
UUID=3CBE0681BE0633C4 /media/Backup-8T ntfs-3g defaults,locale=en_US.utf8 0 0
Code:
/media/TV/TV 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
/media/TV/Videos 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
/media/Movies 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
/media/Data/Photos 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
/media/Data/Songs 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
/media/Data/Software 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
/media/Data/Transmission-Downloads 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
/media/Backup-8T/NextCloud 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
/media/Backup-8T/ 192.168.10.0/255.255.255.0(rw,no_root_squash,no_subtree_check)
Code:
$ sudo exportfs -av
exporting 192.168.10.0/255.255.255.0:/media/Backup-8T
exporting 192.168.10.0/255.255.255.0:/media/Backup-8T/NextCloud
exporting 192.168.10.0/255.255.255.0:/media/Data/Transmission-Downloads
exporting 192.168.10.0/255.255.255.0:/media/Data/Software
exporting 192.168.10.0/255.255.255.0:/media/Data/Songs
exporting 192.168.10.0/255.255.255.0:/media/Data/Photos
exporting 192.168.10.0/255.255.255.0:/media/Movies
exporting 192.168.10.0/255.255.255.0:/media/TV/Videos
exporting 192.168.10.0/255.255.255.0:/media/TV/TV
Code:
$ showmount -e 192.168.10.120
Export list for 192.168.10.120:
/media/Backup-8T 192.168.10.0/255.255.255.0
/media/Backup-8T/NextCloud 192.168.10.0/255.255.255.0
/media/Data/Transmission-Downloads 192.168.10.0/255.255.255.0
/media/Data/Software 192.168.10.0/255.255.255.0
/media/Data/Songs 192.168.10.0/255.255.255.0
/media/Data/Photos 192.168.10.0/255.255.255.0
/media/Movies 192.168.10.0/255.255.255.0
/media/TV/Videos 192.168.10.0/255.255.255.0
/media/TV/TV 192.168.10.0/255.255.255.0
Code:
$ sudo mount -t nfs 192.168.10.120:/media/Backup-8T/NextCloud /media/NextCloud
mount.nfs: access denied by server while mounting 192.168.10.120:/media/Backup-8T/NextCloud
$ sudo mount -t nfs 192.168.10.120:/media/Data/Transmission-Downloads /media/NextCloud
mount.nfs: access denied by server while mounting 192.168.10.120:/media/Data/Transmission-Downloads
$ sudo mount -t nfs 192.168.10.120:/media/Movies /media/NextCloud
mount.nfs: access denied by server while mounting 192.168.10.120:/media/MoviesSwitch to CIDR notation on the /etc/exports
192.168.10.0/24
What's the IP of your container? adding in a network CIDR range limits access by ip range.
I would change how you're doing things here. IF you want to let owncloud manage all the shares, just mount a single root folder once to the CT and then let it share from the share folder respectively.
Can you give a little more detailed information about your network setup, different vlans, IP ranges for each as it would help.
192.168.10.0/24
What's the IP of your container? adding in a network CIDR range limits access by ip range.
I would change how you're doing things here. IF you want to let owncloud manage all the shares, just mount a single root folder once to the CT and then let it share from the share folder respectively.
Can you give a little more detailed information about your network setup, different vlans, IP ranges for each as it would help.
Sure, I'm working on containerizing all my stuff, so I have multiple CTs running on Proxmox. Plex, Transmission, Splunk, NextCloud, Gitlab, etc. The mounts are for all the containers, I'll mount each of them as needed on respective CTs. For now, Plex is working with mount points from Proxmox, though they're readonly.
All of my systems/VMs/CTs are on the same network, 192.168.10.*, no VLANs or network separations. NFS VM is on 10.120
I'm only looking to have one mount handled by NC, which is /media/Backup-8T/NextCloud. All data that needs to be handled by NC goes in that location. For NC's use, that mount needs to have 0770 perms, and read/write. Mounting those NTFS locations directly from Proxmox to either CT/VM wouldn't let me switch permissions, which is why I'm leaning towards NFS, hoping NFS will allow me to chmod the NextCloud dir.
The configs I posted earlier are not all related to NC, they're just for the bigger picture.
All of my systems/VMs/CTs are on the same network, 192.168.10.*, no VLANs or network separations. NFS VM is on 10.120
I'm only looking to have one mount handled by NC, which is /media/Backup-8T/NextCloud. All data that needs to be handled by NC goes in that location. For NC's use, that mount needs to have 0770 perms, and read/write. Mounting those NTFS locations directly from Proxmox to either CT/VM wouldn't let me switch permissions, which is why I'm leaning towards NFS, hoping NFS will allow me to chmod the NextCloud dir.
The configs I posted earlier are not all related to NC, they're just for the bigger picture.
For NFS try add this line to your lxc config:
Not sure if it's the root cause of this, but I think it worth a try.
Code:
lxc.aa_profile: unconfinedFor NFS on CT, that's definitely the root cause, disabling AppArmor on CT clears up the NFS start problem, but I'm running into the same access denied by server when mounting. 10.242 is the NFS on CT, data mounted using bind mounts as mentioned above. showmounts tells me it can see everything, but I cannot mount anything.
This is the error message I see on the Container when I try to mount -
I can understand NFS on CT running into the Apparmor issue, but why do I have it on a regular VM ?