CSP error during login from NextCloud Windows

Hello,

I am a new user of Nextcloud and I have not much experience with php and nginx, so sorry If my question is dumb.

I have setup a new installation of Nextcloud v18.0.4.2 on a Debian 8 server from the following Docker image based on ngnix, fpm and mariadb and let’s encrypt : https://github.com/nextcloud/docker/tree/master/.examples/docker-compose/with-nginx-proxy/mariadb/fpm .

I’ve setup my domain dns to point on my server ip and I’ve finished successfly the setup of my admin account from the url https://cloud.mydomain.com. Then I’ve tried to login to my server from Nextcloud Windows app.

The Nextcloud app open the login page in my browser (firefox), I post the form with my login/password, then the browser display the Grant access page, with a form, and when I click “Grant access” (“Authoriser l’accès” in french) a JS error "Content Security Policy " is raised and I am not able to continue the process.

The problem comes from the url of the form which is an absolute url which link to “http://cloud.mydomain.com” instead of httpS://cloud.mydomain.com". If I edit the form from Firefox Dev tool to replace http by https, I am able to complete the authentication successfuly.

I guess I have missed a config somewhere to allow FPM to use httpS protocol for absolute url instead of http.

Here are some screenshots :

Thank you for your time and precious help !
Alexandre

@alexbal

try the following as root in terminal,
nextcloud.enable-https custom -s cert.pem privkey.pem chain.pem

Should auto redirect for http to https.

Hello, thank you for your answser.
Is this command available from Docker container of Nextcloud ?

I am sorry @alexbal, I completely looked over the Docker part of your problem, My apologies.

No problem @c.walls.

I have continued my exploration of NextCloud, and I have been able to get system settings by running this command : docker exec --user www-data /var/www/html/occ config:list

I saw in the settings value that one param refer to HTTP schema instead of HTTPS. I have updated the config value and restart my container but the problem is still there.

Does any one know a setting to force HTTPS in absolute url used by Nextcloud ? Or any other clue ?

Ok, I finaly got it.

Surely a basic setting for any experienced Nextcloud / php dev.
I have setted the “overwriteprotocol” system param to “https” by running the following docker command : docker exec --user www-data 3ded238a522a /var/www/html/occ config:system:set “overwriteprotocol” --value “https” .

I am wondering if I have missed a step during my Docker installation of NextCloud, or if this configuration is missing in the official dockerfile.

Whatever, I hop this thread can help anyone with the same issue.
Alexandre