Hi,
I’ve been running Nextcloud for over a year in my Docker environment and used it here and there. I’ve now got a real use for it as a backup for Calyx on Android using its SeedVault. So, I tore down my rather old version (pre V18), and followed my notes to set up the new one. All went according to plan until I switch it over to use port 80 rather than 443 (I’m using reverse proxy for it). So, setup looks like this:
Internet --> Firewall --> Nginx-Reverse-Proxy --> Docker-Host (running Nextcloud/MySQL)
I’ve set up the Nextcloud server, logged in, drooled at the new desktop layout and went back to set it up on port 80. According to my notes that I’ve used to set up the last 2 instances, all I needed to do was to change the bind mounted default file as so:
nano ./docker/config/nginx/site-confs/default
Make the following change to the top of the file:
upstream php-handler {
server 127.0.0.1:9000;
}
#server {
# listen 80;
# listen [::]:80;
# server_name _;
# return 301 https://$host$request_uri;
#}
server {
listen 80;
#listen 443 ssl http2;
#listen [::]:443 ssl http2;
server_name _;
#ssl_certificate /config/keys/cert.crt;
#ssl_certificate_key /config/keys/cert.key;
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
Next, comment out:
fastcgi_params HTTPS on;
Then change the docker-compose file so that Nextcloud is mapped to port 80 and restart the container.
443/tcp, 0.0.0.0:8007->80/tcp
All looks good and the container restarts (although I’m wondering why the container is still listening internally on 443 (443/tcp shown above)). Regardless, I can get to the login page on port 80 (accessing it from inside the LAN to avoid any issues with the proxy/trusted domains, etc at the mo).
What I can’t do however is log in. Which is odd. I can’t see how the change of listening port would have an affect on whether I can log in but it clearly has. If revert my changes, I can then log in.
Looking at the logs in the running container, I can see me trying to log in and it appears as though it was successful in that no errors are being logged and I’m getting 200s back.
192.168.1.53 - - [20/Jan/2021:02:26:48 +0000] "POST /login HTTP/1.1" 303 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36"
192.168.1.53 - - [20/Jan/2021:02:26:48 +0000] "GET /apps/dashboard/ HTTP/1.1" 303 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36"
192.168.1.53 - - [20/Jan/2021:02:26:49 +0000] "GET /login?redirect_url=/apps/dashboard/ HTTP/1.1" 200 4943 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36"
However, I get no warning that the login has failed, the boxes just clear themselves.
So I’ve either missed something from my notes that I did last time (entirely possible), or something is different in this new and more shiny version.
If anyone can point out what I’ve missed, I’d be grateful.
Thanks.