Support intro
hi!
The Overview - Administration settings - Nextcloud page shows: You are accessing your instance over a secure connection, however your instance is generating insecure URLs. This most likely means that you are behind a reverse proxy and the overwrite config variables are not set correctly.
Where can I see these insecure URLs? What do they look like? My Nextcloud instance seems to be working correctly.
Nextcloud is behind a nginx reverse proxy.
I am using the official Nextcloud Docker image and have not changed anything in it. Nextcloud shows the correct client IP address in the logs. I have tried setting TRUSTED_PROXIES to the IP address of the proxy with --env TRUSTED_PROXIES=192.168.42.2
but that didn’t remove the warning.
thanks for reading my message!
Nextcloud version: Nextcloud Hub 5 (27.0.2)
Operating system and version : Flatcar Container Linux by Kinvolk stable 3510.2.6
Apache or nginx version: nginx/1.17.10
Official Docker Image: Nextcloud 27.0.2
The issue you are facing:
The Overview page shows: You are accessing your instance over a secure connection, however your instance is generating insecure URLs. This most likely means that you are behind a reverse proxy and the overwrite config variables are not set correctly.
Is this the first time you’ve seen this error? (Y/N): N
Steps to replicate it:
- install ngnix using docker
- install Nextcloud using docker
- look at system overview
Nginx config for Netxcloud:
server {
server_name nextcloud.pook.it;
client_max_body_size 512M;
include /etc/nginx/snippets/ssl-server.conf;
location /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
location / {
resolver 127.0.0.11 valid=37s;
set $upstream nextcloud;
proxy_pass http://$upstream:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
}
}
Nextcloud start command:
w=nextcloud
version=27 # only increase versions one at a time
drop="--cap-add=dac_override --cap-add=chown"
docker pull $w:$version
docker run \
--detach \
--cap-drop=all \
$drop \
--cap-add net_bind_service \
--cap-add=dac_override \
--cap-add setgid \
--cap-add setuid \
--volume nextcloud_app2:/var/www/html \
--volume nextcloud_apps2:/var/www/html/custom_apps \
--volume nextcloud_config2:/var/www/html/config \
--volume nextcloud_data2:/var/www/html/data \
--network postgresql \
--name $w \
--env POSTGRES_DB=nextcloud \
--env POSTGRES_USER=nextcloud \
--env POSTGRES_PASSWORD="${POSTGRES_PASSWORD=?}" \
--env POSTGRES_HOST=postgresql \
--env NEXTCLOUD_ADMIN_USER=slmin \
--env NEXTCLOUD_ADMIN_PASSWORD="${NEXTCLOUD_ADMIN_PASSWORD?}" \
--memory 2048M \
--memory-swap 2048M \
--restart always \
$w:$version
The output of your Apache/nginx/system log in /var/log/____
:
=> Searching for scripts (*.sh) to run, located in the folder: /docker-entrypoint-hooks.d/before-starting
==> but the hook folder "before-starting" is empty, so nothing to do
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.20.0.3. Set the 'ServerName' directive globally to suppress this message
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.20.0.3. Set the 'ServerName' directive globally to suppress this message
[Sat Aug 19 21:28:11.847949 2023] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.57 (Debian) PHP/8.2.9 configured -- resuming normal operations
[Sat Aug 19 21:28:11.850134 2023] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'
78.193.22.110 - stuart [19/Aug/2023:21:28:16 +0000] "REPORT /remote.php/dav/calendars/stuart/days-off-work/ HTTP/1.0" 207 1999 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.11.0"