Adding of entire sub domains to the config.php file

I have finally managed to install and run the latest version of NextCloud. The question is: How can I add external IP’s in the config.php file, from which I can access NextCloud?
Of course I can add full IPs but can I add an entire sub-domain? Something like https://123.123.123.xxx where xxx is anything from 001 to 255

Are you referring to the trusted_domains parameter[1]?

Can you elaborate a bit on why you’re doing this? Are you really going to access Nextcloud with not only a bunch of different URLs, but as IP addresses no less?

I also ask to make sure there isn’t a confusion regarding what this parameter does. For example, it has nothing to do with what IP addresses you are connecting from (i.e the IP addresses of your various devices/computers that you will be connecting to Nextcloud with).

[1] Configuration Parameters — Nextcloud latest Administration Manual latest documentation

Thank you for the explanation.
Well, you say it does not matter from which external IP address I connect to my NextCloud…
I have NextCloud implemented on FreeBsd and I want to continuously synchronise the data (upload to the server), from my Android Cellphone (mostly pics and videos). I have download the android application and all works 100% on home WiFi. It is also working on cell network data but… it MUST have the cellphone IP noted in the ‘config.php’ file :cry: And as we all know, the cellphone IP changes now and then within the sub-domain…
Is there another way of doing this?

No, that’s not necessary.

Thank You once again.
Just out of curiousity: Are you using NextCloud installed on Windows or Linux OS?
I am sure you know, FreeBSD is “a bit” different when it comes to networking (and data security)…
Be as it may, I tried logging in as an ADMIN only. Perhaps will help if I create a “User Group” and create a ‘User Account’ which only belongs to the newly created User Group (No Admin) and I log on my cellphone with this account…
Another thing is, my TLS certificate is not valid (self signed). Can it have something to do with this?
What exactly is ’ trusted_domains’ meant for?

Your list of trusted domains that users can log into. Specifying trusted domains prevents host header poisoning. Do not remove this, as it performs necessary security checks.

You can specify:

  • the exact hostname of your host or virtual host, e.g. demo.example.org.

  • the exact hostname with permitted port, e.g. demo.example.org:443. This disallows all other ports on this host

  • use * as a wildcard, e.g. ubos-raspberry-pi*.local will allow ubos-raspberry-pi.local and ubos-raspberry-pi-2.local

  • the IP address with or without permitted port, e.g. [2001:db8::1]:8080 Using TLS certificates where commonName= is deprecated

See: Configuration Parameters — Nextcloud latest Administration Manual latest documentation

Something else is going on here because that parameter doesn’t even look at the source IP address of the connection. Are you perhaps confusing trusted_domains with trusted_proxies?

(Which is also not used for this purpose, but it does at least have some relevance to the source IP address).

Maybe you can share a bit more info:

  • are you using a reverse proxy?
  • Where does your HTTPS/TLS terminate?
  • the output of occ config:list system
  • your installation method

Now you are talking…
I am fairly newbie to all this, so I might not give the correct answers.
My NextCloud is installed on FreeBsd using the Xigmanas interface. I access NextCloud on my LAN using the Xigmanas IP but on port 443. So technically it goes thru the Xigmanas (proxy).
In which sub directory exactly would I find the file you are asking?
I don’t find this exact file (occ config:list)

It should correctly read:

php /path/to/your/next/cloud/instance/occ config:list system

See: Using the occ command — Nextcloud latest Administration Manual latest documentation


Here is a ‘occ’ file but I don’t think is the correct one :cry:

Oh yes that’s the right one.

Just got to the folder where you found that file and execute it with:

php occ

and you will see a long list with help text.

Here is what I got…

Does it mean anything to you?

Just to clarify: You are talking about IP addresses and subnets. Subnets are not subdomains.
help.nextcloud.com is a subdomain of nextcloud.com
192.0.2.1 is an IP address within the subnet 192.0.2.0/24

As others mentioned: The trusted domains array in the config.php file does not restrict, from which IP address or domain yout Nextcloud can be accessed. It should be set to the name which is used to access the Nextcloud. Example: nextcloud.example.com
I use my nextcloud from the internet with a public domain name registered in the public DNS and I access my Nextcloud from my home LAN, using a private name like nextcloud.local. So I have to configure both names in the array. I can access my nextcloud from everywhere. If your Nextcloud behaves in another way, there is some misconfiguration in your envronment.

Thank you for the clarification. I do not have a domain name anymore. However, I do have a static IP address where anybody in the world can access the server onto which NextCloud is running (port 443). The problem is: NextCloud can only and only be accessed if the IP address of the accessing device (cellphone, tablet, another computer using whatever OS) does have its IP address noted in the config.php file in NextCloudRoot/config folder. Now, this is not an issue as long as the accessing device also has a static IP address but a cellphone using the SIM card data will not have a static IP… In essence this is a very good security measure but on occassion I want my cellphone to sync with the nextcloud server and this is not possible…

I tested it. I cannot reproduce it. If I connect to my server via the IP address, I have to configure the server’s IP address as trusted domain. I can access the server from any IP address. There is no difference in the behavior to accessing via domain name.
If your server behaves in another way, there seems to be a misconfiguration in your environment (proxy?), but not in nextcloud.