Batch file / folder download error: Class OC_Util not found

[eumpf0]

Problem description:

When downloading files in bulk (selecting multiple files, then clicking download) or downloading a whole directory from the web interface, an html file containing the following error message
Fatal error: Uncaught Error: Class "OC_Util" not found in /var/www/html/apps/files/ajax/download.php:31 Stack trace: #0 {main} thrown in /var/www/html/apps/files/ajax/download.php on line 31
is downloaded instead of the expected files.

From the error message I gather that the PHP module cannot find the class (which does certainly exist in lib/private/legacy/OC_Util.php).
I do however, have absolutely no experience with PHP and therefore have no idea how Nextcloud & PHP "import" classes.

Environment:

Nextcloud version: 28.0.1
Image: nextcloud:fpm-alpine
Reverse Proxy: caddy:alpine (v2.7)

Below are the requested configuration files.

Thanks for the help!

Docker compose file:

services:
  mariadb:
    image: mariadb:10.6
    container_name: mariadb
    command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
    restart: unless-stopped
    volumes:
      - mariadb:/var/lib/mysql:Z
    env_file: mariadb.env
    environment:
      - MYSQL_ROOT_HOST=localhost
      - MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD}
      - MYSQL_PASSWORD=${MARIADB_NEXTCLOUD_PASSWORD}
    networks:
      - mariadb

  nextcloud-redis:
    image: redis:alpine
    container_name: nextcloud-redis
    command: redis-server /etc/redis/redis.conf
    restart: unless-stopped
    volumes:
      - ./redis.conf:/etc/redis/redis.conf
    networks:
      - nextcloud

  nextcloud-app:
    image: nextcloud:fpm-alpine
      #build: ./nextcloud-fpm-alpine
    container_name: nextcloud-app
    restart: unless-stopped
    volumes:
      - nextcloud:/var/www/html:z
    env_file:
        - mariadb.env
        - nextcloud-app.env
    environment:
      - NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN}
      - NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD}
      - REDIS_HOST=nextcloud-redis
      - REDIS_HOST_PASSWORD=${NEXTCLOUD_REDIS_PASSWORD}
      - MYSQL_PASSWORD=${MARIADB_NEXTCLOUD_PASSWORD}
    networks:
      - proxy
      - mariadb
      - nextcloud
    depends_on:
      - mariadb
      - nextcloud-redis

  nextcloud-cron:
    image: nextcloud:fpm-alpine
      #build: ./nextcloud-fpm-alpine
    container_name: nextcloud-cron
    entrypoint: /cron.sh
    restart: unless-stopped
    volumes_from: 
        - nextcloud-app
    env_file:
        - mariadb.env
        - nextcloud-app.env
    environment:
      - NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN}
      - NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD}
      - REDIS_HOST=nextcloud-redis
      - REDIS_HOST_PASSWORD=${NEXTCLOUD_REDIS_PASSWORD}
      - MYSQL_PASSWORD=${MARIADB_NEXTCLOUD_PASSWORD}
    networks:
      - proxy
      - mariadb
      - nextcloud
    depends_on:
      - mariadb
      - nextcloud-redis
 
  proxy:
    image: caddy:alpine
    restart: unless-stopped
    container_name: proxy
    volumes: 
      - ./Caddyfile:/etc/caddy/Caddyfile
      - ./certs:/certs:z,ro
      - nextcloud:/var/www/html:ro
    networks:
      - proxy
    ports:
      - "80:80"
      - "443:443"
    depends_on:
      - nextcloud-app

volumes:
  mariadb:
  nextcloud:
networks:
  proxy:
    name: proxy
    ipam:
      config:
        - subnet: 172.29.0.0/16
  mariadb:
    name: mariadb
  nextcloud:
    name: nextcloud
    ipam:
      config:
        - subnet: 172.28.0.0/16

Caddyfile

(the example #2052)

my.domain.com {
    # static content
	root * /var/www/html

	# PHP fast cgi
	php_fastcgi nextcloud-app:9000 {
		env front_controller_active true # Enable pretty urls
		env modHeadersAvailable true # Avoid sending the security headers twice
	}

	file_server

	# Redirects for DAV apps
	redir /.well-known/carddav /remote.php/dav/ 301
	redir /.well-known/caldav /remote.php/dav/ 301

	respond /.well-known/acme-challenge 404
	respond /.well-known/pki-validation 404

	# redir /.well-known/* /index.php/.well-known/webfinger 301
	# redir /.well-known/nodeinfo /index.php/.well-known/nodeinfo 301
	redir /.well-known/* /index.php{uri} 301

	# Headers
	header {
		# If staging acme_ca is enabled, this needs to be commented out!
		# Otherwise, it is not possible to add browser exception
		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"

		# More security hardening headers
		Referrer-Policy "no-referrer"
		X-Content-Type-Options "nosniff"
		X-Download-Options "noopen"
		X-Frame-Options "SAMEORIGIN"
		X-Permitted-Cross-Domain-Policies "none"
		X-Robots-Tag "noindex, nofollow"
		X-XSS-Protection "1; mode=block"
		# Permissions-Policy "interest-cohort=()"

		# Remove X-Powered-By header, which is an information leak
		-X-Powered-By

		# Replace http with https in any Location header
		Location http:// https://
	}

	# Cache control
	@static {
		file
		path *.css *.js *.svg *.gif
	}

	header @static {
		Cache-Control "max-age=360"
	}

	@fonts {
		path /core/fonts
	}

	header @fonts {
		Cache-Control "max-age=604800"
	}

	# gzip encoding
	encode {
		gzip 4
		minimum_length 256

		match {
			header Content-Type application/atom+xml*
			header Content-Type application/javascript*
			header Content-Type application/json*
			header Content-Type application/ld+json*
			header Content-Type application/manifest+json*
			header Content-Type application/rss+xml*
			header Content-Type application/vnd.geo+json*
			header Content-Type application/vnd.ms-fontobject*
			header Content-Type application/x-font-ttf*
			header Content-Type application/x-web-app-manifest+json*
			header Content-Type application/xhtml+xml*
			header Content-Type application/xml*
			header Content-Type font/opentype*
			header Content-Type image/bmp*
			header Content-Type image/svg+xml*
			header Content-Type image/x-icon*
			header Content-Type application/atom+xmlapplication/javascript*
			# Would this be a good idea?
			header Content-Type text/*
			# header Content-Type text/cache-manifest*
			# header Content-Type text/css*
			# header Content-Type text/plain*
			# header Content-Type text/vcard*
			# header Content-Type text/vnd.rim.location.xloc*
			# header Content-Type text/vtt*
			# header Content-Type text/x-component*
			# header Content-Type text/x-cross-domain-policy*
		}
	}

	# .htaccess / data / config / ... shouldn't be accessible from outside
	@forbidden {
		path /.htaccess
		path /.user.ini
		path /.xml
		path /3rdparty/*
		path /autotest
		path /build/*
		path /config/*
		path /console
		path /console.php
		path /data/*
		path /db_
		path /db_structure
		path /indie
		path /issue
		path /lib/*
		path /occ
		path /README
		path /templates/*
		path /tests/*
	}

	respond @forbidden 404
	# not sure if this is 100% safe, but it looks nicer when you hit a 404
	# rewrite @forbidden '/index.php/error/404'
}

Nextcloud configuration:

(output of occ config:list system)

{
    "system": {
        "memcache.local": "\\OC\\Memcache\\APCu",
        "apps_paths": [
            {
                "path": "\/var\/www\/html\/apps",
                "url": "\/apps",
                "writable": false
            },
            {
                "path": "\/var\/www\/html\/custom_apps",
                "url": "\/custom_apps",
                "writable": true
            }
        ],
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "password": "***REMOVED SENSITIVE VALUE***",
            "port": 6379
        },
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "cloud.erumpf.de"
        ],
        "trusted_proxies": "***REMOVED SENSITIVE VALUE***",
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "28.0.1.1",
        "overwrite.cli.url": "https:\/\/my.domain.com",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "maintenance": false,
        "memories.exiftool": "\/var\/www\/html\/custom_apps\/memories\/bin-ext\/exiftool-amd64-musl",
        "memories.vod.path": "\/var\/www\/html\/custom_apps\/memories\/bin-ext\/go-vod-amd64",
        "loglevel": 2,
        "default_phone_region": "DE",
        "default_locale": "de",
        "mail_smtpmode": "smtp",
        "mail_smtpsecure": "ssl",
        "mail_sendmailmode": "smtp",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "465",
        "mail_smtpauth": 1,
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***"
    }
}

[joshtrichards]

Duplicate of nextcloud/server#42617

Your web server configuration doesn't match the documented configs. You'll have to adapt the rewrite rules for ajax and related urls from either the nginx or apache configs to your Caddyfile.

It's not an image issue. If you need help post on the Nextcloud Help Forum - https://help.nextcloud.com

[joshtrichards]

P.S. If you get a fully working Caddyfile, consider submitting into https://github.com/nextcloud/documentation

I've seen a lot of really incomplete configuration files floating around and it may be time to add an unofficial (but best tested) Caddyfile config alongside the nginx one in the upstream (server) Admin Manual.