Hey all! I previously had the official Nextcloud plugin running on my Truenas Core box, but upon updating it seems to have broken the whole instance (apparently a common occurrence with the official plugin).
Rather than trying to troubleshoot the poorly supported and seemingly largely abandoned plugin, I’m taking the opportunity to go through Samuel Dowling’s fantastic guide on a manual jail installation and configuration, to start up a new Nextcloud from scratch, and hopefully gain a better understanding.
There were some hiccups, but now it’s nearly there and working nicely but there’s one problem:
When I attempt to visit my domain name:
cloud.example.com
It reverts to the local IP of the jail:
https://192.168.0.10/login
I’m using a reverse proxy, so this results in a timeout. To access the site without a timeout, I have to specifically use a URL with a nextcloud page.
For instance:
cloud.example.com/login
or cloud.example.com/apps
In my NC Security overview, I have this message which could be related;
The reverse proxy header configuration is incorrect, or you are accessing Nextcloud from a trusted proxy. If not, this is a security issue and can allow an attacker to spoof their IP address as visible to the Nextcloud
I’ve checked my config file again and again, going over every option I can imagine (with my limited experience). But as far as I can tell, the config is ok.
<?php
$CONFIG = array (
'instanceid' => 'redacted',
'passwordsalt' => 'redacted',
'secret' => 'redacted',
'trusted_domains' =>
array (
0 => '192.168.0.10',
1 => 'cloud.example.com',
),
'datadirectory' => '/mnt/data',
'dbtype' => 'mysql',
'version' => '26.0.2.1',
'overwrite.cli.url' => 'https://cloud.example.com',
'htaccess.RewriteBase' => '/',
'dbname' => 'nextcloud',
'dbhost' => 'localhost:/tmp/mysql.sock',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'nextcloud_admin',
'dbpassword' => 'redacted',
'installed' => true,
'default_phone_region' => 'US',
'trusted_proxies' =>
array (
0 => '192.168.0.11',
),
'overwriteprotocol' => 'https',
'redis' =>
array (
'host' => '/var/run/redis/redis.sock',
'port' => 0,
),
'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.locking' => '\\OC\\Memcache\\Redis',
The only possibility I can think of are these settings
'overwrite.cli.url' => 'https://cloud.example.com',
'htaccess.RewriteBase' => '/',
Which I’ve added to enable the “Pretty URLs” feature to remove the ugly index.php/
on all the URLs. But I don’t know if this is the cause or not.
Thanks for sticking with the long post. Any thoughts or suggestions would be much appreciated!