I thought that I could ignore these warning from Nextcloud:
Last background job execution ran 22 hours ago. Something seems
wrong. Check the background job settings .
- The reverse proxy header configuration is incorrect, or you are accessing Nextcloud from a trusted proxy. If not, this is a security
issue and can allow an attacker to spoof their IP address as visible
to the Nextcloud. Further information can be found in the
documentation .- You are accessing your instance over a secure connection, however your instance is generating insecure URLs. This most likely means
that you are behind a reverse proxy and the overwrite config
variables are not set correctly. Please read the documentation page
about this .
However, my desktop client app won’t let me connect when the website works, it says “The polling URL does not start with HTTPS despite the login URL started with HTTPS. Login will not be possible because this might be a security issue. Please contact your administrator”. This happens regardless if I put http://cloud.mydomain.com or https://cloud.mydomain.com . I’m using docker, and have Nginx proxy manager and Nextcloud on their own docker containers, but they’re on the same nginx2_default network. I have it in the web gui as passing the container name through port 80, as 443 will not work for some reason, but still ends in a SSL connection as long as I tell Nginx Proxy Manager HTTP only, but still pass through a cert.
I’ve been stuck on this for awhile, and I’ve made many different posts, but each time it’s been a different situation, this is the closest I’ve gotten, but I still end up with 0 functionality. It’s gotta be simple.
I felt it’d be easier to just make a gist here , that way all docker-compose files are accessible, as well as .htaccess and config files for nextcloud, and I also put docker output there.
I’ll paste the most relevant files below though to be easier.
/home/james/newNextcloud/config/config.php
'trusted_domains' => array (
0 => 'cloud.[redacted].com', ), array (
'trusted_proxies' => ['172.20.0.12'],
'overwritehost' => 'ssl-proxy.tld',
'overwriteprotocol' => 'https',
'overwritewebroot' => '/cloud.[redacted].com',
'overwritecondaddr' => '^172\.20\.0\.12$', ), 'forwarded_for_headers' =>
array (
0 => 'X-Forwarded-For',
1 => 'HTTP_X_FORWARDED_FOR', ), 'datadirectory' => '/var/www/html/data', 'dbtype' => 'mysql', 'version' => '23.0.0.10', 'overwrite.cli.url' => 'https://cloud.[redacted].com', 'dbname' => 'nextcloud', 'dbhost' => 'nextcloud_db', 'dbport' => '', 'dbtableprefix' => 'oc_', 'mysql.utf8mb4' => true, 'dbuser'
=> '[redacted]', 'dbpassword' => '[redacted]', 'installed' => true, 'default_phone_region' => 'US', 'skeletondirectory' => '/var/www/html/fakeskeleton',
Docker output:
docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7792ac3452db nextcloud "/entrypoint.sh apac…" 2 hours ago Up 2 hours 0.0.0.0:8080->80/tcp, :::8080->80/tcp, 0.0.0.0:8443->443/tcp, :::8443->443/tcp nextcloud 8d5a1a2ebc05 nextcloud:fpm-alpine "/cron.sh" 2 hours ago Up 2 hours 9000/tcp nextcloud2_cron_1 64d024d6ff0c redis:alpine "docker-entrypoint.s…" 2 hours ago Up 2 hours 6379/tcp nextcloud2_redis_1 d1e40d50cd5f mariadb "docker-entrypoint.s…" 2 hours ago Up 2 hours 3306/tcp nextcloud_db 29fb4aa53f89 plexinc/pms-docker "/init" 6 hours ago Up 2 hours (healthy) 0.0.0.0:3005->3005/tcp, :::3005->3005/tcp, 0.0.0.0:8324->8324/tcp, :::8324->8324/tcp,
0.0.0.0:1900->1900/udp, :::1900->1900/udp, 0.0.0.0:32410->32410/udp, :::32410->32410/udp, 0.0.0.0:32400->32400/tcp, :::32400->32400/tcp,
0.0.0.0:32412-32414->32412-32414/udp, :::32412-32414->32412-32414/udp, 0.0.0.0:32469->32469/tcp, :::32469->32469/tcp plex 236b0aba1a38 jc21/nginx-proxy-manager:latest "/init" 6 hours ago Up 2 hours 0.0.0.0:80-81->80-81/tcp, :::80-81->80-81/tcp,
0.0.0.0:443->443/tcp, :::443->443/tcp npm-ui f81959067233 jc21/mariadb-aria:latest "/scripts/run.sh" 6 hours ago Up 2 hours 3306/tcp npm-db
docker container ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7792ac3452db nextcloud "/entrypoint.sh apac…" 2 hours ago Up 2 hours 0.0.0.0:8080->80/tcp, :::8080->80/tcp, 0.0.0.0:8443->443/tcp, :::8443->443/tcp nextcloud 8d5a1a2ebc05 nextcloud:fpm-alpine "/cron.sh" 2 hours ago Up 2 hours 9000/tcp nextcloud2_cron_1 64d024d6ff0c redis:alpine "docker-entrypoint.s…" 2 hours ago Up 2 hours 6379/tcp nextcloud2_redis_1 d1e40d50cd5f mariadb "docker-entrypoint.s…" 2 hours ago Up 2 hours 3306/tcp nextcloud_db 29fb4aa53f89 plexinc/pms-docker "/init" 6 hours ago Up 2 hours (healthy) 0.0.0.0:3005->3005/tcp, :::3005->3005/tcp, 0.0.0.0:8324->8324/tcp, :::8324->8324/tcp,
0.0.0.0:1900->1900/udp, :::1900->1900/udp, 0.0.0.0:32410->32410/udp, :::32410->32410/udp, 0.0.0.0:32400->32400/tcp, :::32400->32400/tcp,
0.0.0.0:32412-32414->32412-32414/udp, :::32412-32414->32412-32414/udp, 0.0.0.0:32469->32469/tcp, :::32469->32469/tcp plex 236b0aba1a38 jc21/nginx-proxy-manager:latest "/init" 6 hours ago Up 2 hours 0.0.0.0:80-81->80-81/tcp, :::80-81->80-81/tcp,
0.0.0.0:443->443/tcp, :::443->443/tcp npm-ui f81959067233 jc21/mariadb-aria:latest "/scripts/run.sh" 6 hours ago Up 2 hours 3306/tcp npm-db
docker volume ls DRIVER VOLUME NAME local f6e0828f8a826cf3c8faa9f11b9cda279999f034a8d9e09cfac26bfa0ba9eb16
docker network ls NETWORK ID NAME DRIVER SCOPE 9cf4b1fc4f1b bridge bridge local 78512dde6d1b host host local 135921ebe5b5 nextcloud2_default bridge local 4e52bbf25209 nginx2_default bridge local 4de38ef5961d none null local
nextcloud docker compose file
version: '2.1'
networks:
nginx2_default:
external:
name: nginx2_default
services:
nextcloud:
image: nextcloud
container_name: nextcloud
restart: always
ports:
- 8080:80
- 8443:443
networks:
- nginx2_default
links:
- nextcloud_db
volumes:
- /home/james/newNextcloud:/var/www/html
- /newRaid/Nextcloud:/var/www/html/data
environment:
- MYSQL_PASSWORD=[redacted]
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=[redacted]
- MYSQL_HOST=nextcloud_db
- APACHE_DISABLE_REWRITE_IP=1
nextcloud_db:
image: mariadb
container_name: nextcloud_db
restart: always
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --skip-innodb-read-only-compressed
networks:
- nginx2_default
volumes:
- /mnt/nextcloud:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=[redacted]
- MYSQL_PASSWORD=[redacted]
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=[redacted]
redis:
image: redis:alpine
restart: always
cron:
image: nextcloud:fpm-alpine
restart: always
volumes:
- /home/james/newNextcloud:/var/www/html
entrypoint: /cron.sh
depends_on:
- nextcloud_db
- redis
Nginx Proxy Manager docker-compose.yml
version: "3"
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
container_name: npm-ui
restart: unless-stopped
ports:
# These ports are in format <host-port>:<container-port>
- '80:80' # Public HTTP Port
- '443:443' # Public HTTPS Port
- '81:81' # Admin Web Port
# - '32400:32400' For Plex
# Add any other Stream port you want to expose
# - '21:21' # FTP
environment:
DB_MYSQL_HOST: "db"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "[redacted]"
DB_MYSQL_PASSWORD: "[redacted]"
DB_MYSQL_NAME: "npm"
# Uncomment this if IPv6 is not enabled on your host
# DISABLE_IPV6: 'true'
volumes:
- ./data:/data
- ./letsencrypt:/etc/letsencrypt
networks:
default:
ipv4_address: 172.20.0.12
depends_on:
- db
db:
image: 'jc21/mariadb-aria:latest'
container_name: npm-db
restart: unless-stopped
environment:
MYSQL_ROOT_PASSWORD: '[redacted]'
MYSQL_DATABASE: 'npm'
MYSQL_USER: '[redacted]'
MYSQL_PASSWORD: '[redacted]'
volumes:
- ./data/mysql:/var/lib/mysql
networks:
default:
ipv4_address: 172.20.0.22
networks:
default:
ipam:
config:
- subnet: 172.20.0.0/16