Caffeinated Unix, security and privacy blog

You might have noticed that if you run NextCloud on OpenBSD, with the chroot option enabled in php-fpm.ini, that the occ command and cronjob fail miserably. That can be fixed!

You might have stumbled upon the following error if you have tried to run the occ command or that the cronjob fails:

Your data directory is invalid
Ensure there is a file called ".ocdata" in the root of the data directory.

Cannot create "data" directory
This can usually be fixed by giving the webserver write access to the root directory. See https://docs.nextcloud.com/server/16/go.php?to=admin-dir_permissions

That is due to the chroot option in php-fpm.conf. Both the occ command and the cronjob use the cli interpreter, rather than fpm. Disabling that feels like giving a piece of your sanity to the devil. So, let's fix that! Fire up your favorite editor and open config/config.php in the NextCloud docroot. You specifically want to edit the datadirectory variable:

'datadirectory' => '/ncdata',

Change this one to:

'datadirectory' => ((php_sapi_name() == 'cli') ? '/var/www' : '') . '/ncdata',

...and it's fixed! Basically, that this does, is it prepends /var/www if a NextCloud function is called from the commandline.


You and I need to have a serious talk about email. I have liberated my email and want to share the experience with you, so you are informed enough to decide whether you want to do the same.



I have been running an amount of mailservers for the past years – mainly for my firm (as an entrepreneur). A small part is personal, eg, h3artbl33d.nl runs it's own mailserver.


Whether you are a pentester or do some occasional auditing, most likely you are familiar with Metasploit – or have heard of it. It's considered to be an essential tool for offensive security.


NextCloud on OpenBSD

NextCloud and OpenBSD are complimentary to one another. NextCloud is an awesome, secure and private alternative for propietary platforms, whereas OpenBSD forms the most secure and solid foundation to serve it on. Setting it up in the best way isn’t hard, especially using this step by step tutorial.