I was running Nextcloud 26.0.2 with php8.2-fpm on apache2 and Ubuntu server 22.04. This was working very well. Reachable on https://nextcloud.mydomain.com.
Recently I switched from native Nextcloud install to docker. Therefor I run nextcloud as:
docker run -d \
--name="nextcloud" \
--restart unless-stopped \
-v /home/bart/docker/nextcloud:/var/www/html \
-v /data:/var/www/html/data \
-p 8080:80 \
--net bridge \
nextcloud
Nextcloud connects to mariadb on the host via bridge network.
Apache on the host is configured as:
.....
RewriteEngine on
RewriteCond %{HTTP:Upgrade} =websocket [NC]
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
ProxyPreserveHost On
ProxyRequests Off
RequestHeader set X-Real-IP %{REMOTE_ADDR}s
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
<IfModule mod_dav.c>
Dav off
</IfModule>
RewriteEngine On
RewriteRule ^/\.well-known/carddav https://%{SERVER_NAME}/remote.php/dav/ [R=301,L]
RewriteRule ^/\.well-known/caldav https://%{SERVER_NAME}/remote.php/dav/ [R=301,L]
.....
I had some trouble to get this running, but it is working now. Now I found out that it is also possible to use the nextcloud:fpm version. nextcloud:fpm .
My thoughts where changing this config as:
docker run -d \
--name="nextcloud" \
--restart unless-stopped \
-v /home/bart/docker/nextcloud:/var/www/html \
-v /data:/var/www/html/data \
-p 8080:9000 \
--net bridge \
nextcloud:fpm
and apache config could be the same,
But when I
docker stop nextcloud, docker rm nextcloud, docker pull nextcloud:fpm
and start docker run … as mentioned above, the server is up according to docker, but not reachable. Firefox tells me:
Beveiligde verbinding mislukt
Fout tijdens het verbinden met nextcloud.mydomain.com.
De pagina die u wilt bekijken kan niet worden weergegeven, omdat de echtheid van de ontvangen gegevens niet kon worden geverifieerd.
Neem contact op met de website-eigenaars om ze over dit probleem te informeren.
In english deepl.com translate:
Secure connection failed
Error while connecting to nextcloud.mydomain.com.
The page you want to view cannot be displayed because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
What am I missing here? Something with https connection?
Edit: I did some experiments with:
'overwrite.cli.url' => 'http://nextcloud.mydomain.com',
'trusted_proxies' =>
array (
0 => '172.17.0.1',
),
'overwriteprotocol' => 'https',
'overwritehost' => 'nextcloud.mydomain.com',
'overwriteprotocol' => 'https',
in config.php. But no effect.
Edit:
When I bash connect to this docker and execute php-fpm:
/var/www/html# php-fpm
[11-Jun-2023 11:43:39] NOTICE: Failed implicitly binding to ::, retrying with 0.0.0.0
[11-Jun-2023 11:43:39] ERROR: unable to bind listening socket for address '9000': Address already in use (98)
[11-Jun-2023 11:43:39] ERROR: FPM initialization failed
root@cebddbf196cf:/var/www/html#
I see this error about binding issues. Is that a clue to a solution?
Because of this binding issue I tried to change the port inside nextcloud:fpm. by changing zz-docker.conf in /usr/local/etc/php-fpm.d/zz-docker.conf. There I changed listen to 9002. But this gave me the same error: “unable to bind listening socket for address ‘9000’:”
Because of this binding 9000 error I executed netstat -tunap in this nextcloud:fpm docker:
netstat -tunap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 172.17.0.5:51360 199.232.150.132:80 TIME_WAIT -
tcp 0 0 172.17.0.5:44340 199.232.150.132:80 TIME_WAIT -
tcp6 0 0 :::9000 :::* LISTEN 1/php-fpm: master p
php-fpm is not binded to 0.0.0.0 nor 172.17.0.5. Changing listen to 172.17.0.5:9000 in zz-docker.conf has no effect.
I’m almost out of ideas. Is this a bug?