Docker to install NC16 but the trusted_domains not works

lm.stear · September 9, 2019, 5:35am

Dear,

After install latest Nextcloud (v16) with OMV (5) docker, I can complete setup from local network (10.1.x.249:8280).
I edit the config/config.php to add url in “trusted_domains” as follows:

‘trusted_domains’ =>
array (
0 => ‘home.*.com:8243’,
1 => '10.1..249:8280’,
),

  'overwrite.cli.url' => 'https://home.***.com:8243',

I use the nginx reverse proxy for https access. But I use https://home.***.com:8243 to access my nextcloud，the page shows me：“Access through untrusted domain names”

How can I do to use url to access nextcloud.

Please help. Thanks.

Reiner_Nippes · September 9, 2019, 6:46am

you need to add the ip address/fqdn of the nginx container as well.

lm.stear · September 9, 2019, 7:32am

My system is debian10 and OMV is installed.
Nextcloud is installed as a container
Nginx is automatically installed when omv is installed, so there is no container for nginx

Nextcloud’s IP address is 172.17.0.4（container） , Published Ports: 80=>8280
OMV 's IP address is 10.1.*.249, also is debian’s IP address.

I use 10.1.*.249:8280 can access the nextcloud，but use url cannot access ，it shows me “Access through untrusted domain names”

Reiner_Nippes · September 9, 2019, 8:17am

did you try trusted domains without the port numbers?

lm.stear · September 9, 2019, 8:36am

When I use a domain without port number as a trusted domains，the problem is still

And I also tried to use "" as a trusted domains .
Accessing the url https://home. .com:8243 will be become https://home..com (without port) and the netxtcloud page will not be displayed.

lm.stear · September 11, 2019, 6:46am

I solved this problem.

When nginx reverses the nextcloud in the docker, the default IP address that nginx passes to docker is actually the IP address of the reverse proxy.
So matter how you modify the trusted_domains parameter in the nextcloud configuration file (usually nextcloud/config/config.php), nextcloud will tell you that your visiting domain name is not in the trust domain of nextcloud.

First, configure nginx.conf to add http map in the end of http{ }

map $http_upgrade $connection_upgrade {
default upgrade;
‘’ close;
}

Then, configure the nextcloud.conf reverse configuration file.

vi /etc/nginx/conf.d/nextcloud.conf

server {
listen *** ssl http2 ; # https listen
server_name * **.****.com; # https url
ssl on;
ssl_certificate /sharedfolders/share/Cert/uhttpd.pem; ssl crt
ssl_certificate_key /sharedfolders/share/Cert/uhttpd.key; ssl key
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 30m;
add_header Strict-Transport-Security “max-age=63072000; includeSubdomains; preload”;
client_max_body_size 10G;
    location / {
            proxy_redirect off;
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;
            proxy_pass http://local IP:port; #local url and local port
    }
    location = /.htaccess {
          return 404;
    }
}