Bonjour
Traefik 2.6.3 as reverse proxy
Docker container 23.0.3 (apache)
After many configurations, in Administration > Overview : All checks passed.
But when I tried api call.
curl -u ADMIN:PASSWORD "https://DOMAIN.TLD/ocs/v2.php/cloud/users/USER" -H "OCS-APIRequest: True"
Response:
{"message":"CSRF check failed"}%
in console logs:
127.0.0.1 - USER [06/Apr/2022:14:55:42 +0000] "GET /ocs/v2.php/cloud/users/fred HTTP/1.1" 412 1619 "-" "curl/7.79.1"
I can use contact sync, calendar sync on macOS, apps on iOS without problem.
Traefik tagβs:
"traefik.enable=true",
"traefik.http.routers.domaintld.tls=true",
"traefik.http.routers.domaintld.tls.certresolver=myresolver",
"traefik.http.routers.domaintld.tls.options=mintls12@file",
"traefik.http.routers.domaintld.entrypoints=https",
"traefik.http.routers.domaintld.rule=Host(`domain.tld`)",
"traefik.http.middlewares.domaintld.redirectscheme.scheme=https",
"traefik.http.middlewares.domaintld.redirectscheme.permanent=true",
"traefik.http.middlewares.domaintld-headers.headers.customResponseHeaders.X-Robots-Tag=none",
"traefik.http.middlewares.domaintld-headers.headers.customResponseHeaders.Strict-Transport-Security=max-age=63072000",
"traefik.http.middlewares.domaintld-headers.headers.frameDeny=true",
"traefik.http.middlewares.domaintld-headers.headers.browserXssFilter=true",
"traefik.http.middlewares.domaintld-headers.headers.contentTypeNosniff=true",
"traefik.http.middlewares.domaintld-headers.headers.stsIncludeSubdomains=true",
"traefik.http.middlewares.domaintld-headers.headers.stsPreload=true",
"traefik.http.middlewares.domaintld-headers.headers.stsSeconds=31536000",
"traefik.http.middlewares.domaintld-headers.headers.forceSTSHeader=true",
"traefik.http.middlewares.domaintld-headers.headers.accessControlMaxAge=15552000",
"traefik.http.middlewares.domaintld-headers.headers.customFrameOptionsValue=SAMEORIGIN",
"traefik.http.routers.domaintld.middlewares=domaintld-headers@consulcatalog,domaintld_redirect",
"traefik.http.middlewares.domaintld_redirect.redirectregex.permanent=true",
"traefik.http.middlewares.domaintld_redirect.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav",
"traefik.http.middlewares.domaintld_redirect.redirectregex.replacement=https://${1}/remote.php/dav/"
docker env:
OVERWRITEPROTOCOL=https
NEXTCLOUD_TRUSTED_DOMAINS = domain.tld 127.0.0.1
TRUSTED_PROXIES=127.0.0.1
APACHE_DISABLE_REWRITE_IP=1
config.php:
'overwrite.cli.url' => 'https://domain.tld',
I read lot of topic and github issue, but didnβt find any solution.
Help!
Thanks