I use docker/.examples/docker-compose/insecure/postgres/fpm at master 路 nextcloud/docker 路 GitHub on my 192.168.1.34 debian machine, which located in a 192.168.1.4 pve mathine, the docker compose file is(I only modify the ip on template)
version: '3'
services:
db:
image: postgres:alpine
restart: always
volumes:
- db:/var/lib/postgresql/data:z
env_file:
- db.env
redis:
image: redis:alpine
restart: always
app:
image: nextcloud:fpm-alpine
restart: always
volumes:
- nextcloud:/var/www/html:z
environment:
- POSTGRES_HOST=db
- REDIS_HOST=redis
env_file:
- db.env
depends_on:
- db
- redis
web:
build: ./web
restart: always
ports:
- 192.168.1.34:8080:80
volumes:
- nextcloud:/var/www/html:z,ro
depends_on:
- app
cron:
image: nextcloud:fpm-alpine
restart: always
volumes:
- nextcloud:/var/www/html:z
entrypoint: /cron.sh
depends_on:
- db
- redis
volumes:
db:
nextcloud:
other files I only add a POSTGRES_PASSWORD password.
My master router, also called gateway, is my home router, only have ipv6, already have ddns with domain nextcloud.XXX.com. The router local ip is 192.168.1.2, and use nginx as revserse proxy. The OS is openwrt.
when I use frp on my 192.168.1.34 and my ipv4 public server to visit my nextcloud, I could have my login page, but when it comes to domain, it comes nextcloud view page not found or 5xx.
I have *.XXX.com proxied on cloudflare, opened the little yellow cloud as cdn and ipv6-ipv4 converter. and also have modify the config/config.php as below
<?php
$CONFIG = array (
'memcache.local' => '\\OC\\Memcache\\APCu',
'apps_paths' =>
array (
0 =>
array (
'path' => '/var/www/html/apps',
'url' => '/apps',
'writable' => false,
),
1 =>
array (
'path' => '/var/www/html/custom_apps',
'url' => '/custom_apps',
'writable' => true,
),
),
'memcache.distributed' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => 'redis',
'password' => '',
'port' => 6379,
),
'upgrade.disable-web' => true,
'instanceid' => 'oco00k31oiuk',
'passwordsalt' => 'J4O1rOCbiK1nmsWS+mpW5NbPeTb81m',
'secret' => '6Fhg91dX7O6wDKGEjpboKiu8QUkPF/eFHH60hNVxgbPaYyKK',
'trusted_domains' =>
array (
0 => 'localhost',
1 => '192.168.1.34:8080',
2 => '120.54.50.240:9988',
3 => '*.XXX.com',
),
'trusted_proxies' => ['192.168.1.2', '2409:8a28:c9d:f690::/60', '120.54.50.240'],
'datadirectory' => '/var/www/html/data',
'dbtype' => 'pgsql',
'version' => '28.0.2.5',
'overwrite.cli.url' => 'https://nextcloud.XXX.com:8443',
'dbname' => 'nextcloud',
'dbhost' => 'db',
'dbport' => '',
'dbtableprefix' => 'oc_',
'dbuser' => 'oc_nextcloud',
'dbpassword' => '903Puh74VcmXmtHiNMbphaTMX8ScrM',
'installed' => true,
);
as I had tested, trusted_proxies seems have no effect on the result but trusted_domains have. I guess the config above have no effect on the accessibility of my nextcloud server, the problem may be on my openwrt nginx(192.168.1.2)
now I tested two config on my openwrt nginx config, but none of which work out.
The one below I got error code like 504/524
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 8443 ssl;
listen [::]:8443 ssl;
server_name nextcloud.XXX.com;
error_log /var/log/nginx/nextcloud.XXX.com.error.log debug;
ssl_certificate /etc/acme/XXX.com/fullchain.cer;
ssl_certificate_key /etc/acme/XXX.com/XXX.com.key;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://192.168.1.34:8080$request_uri;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Accept-Encoding "";
proxy_set_header Host $host;
client_body_buffer_size 512k;
proxy_read_timeout 86400s;
client_max_body_size 0;
# Websocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
but the access.log on my openwrt shows
GET https://nextcloud.XXX.com/custom_apps/richdocumentscode/proxy.php?req=/hosting/capabilities => 200 (192B in 0.003s) <- - -- -
GET https://nextcloud.XXX.com/custom_apps/richdocumentscode/proxy.php?req=/hosting/capabilities => 200 (192B in 0.003s) <- - -- -
GET https://nextcloud.XXX.com/login => 499 (0B in 43.811s) <- - -- -
GET https://nextcloud.XXX.com/login => 504 (562B in 60.036s) <- - -- -
GET https://nextcloud.XXX.com/custom_apps/richdocumentscode/proxy.php?req=/hosting/capabilities => 200 (192B in 0.003s) <- - -- -
GET https://nextcloud.XXX.com/custom_apps/richdocumentscode/proxy.php?req=/hosting/capabilities => 200 (192B in 0.003s) <- - -- -
The other below I got nextcloud view page not found
server {
listen 8443 ssl;
listen [::]:8443 ssl;
server_name nextcloud.XXX.com;
error_log /var/log/nginx/nextcloud.XXX.com.error.log debug;
ssl_certificate /etc/acme/XXX.com/fullchain.cer;
ssl_certificate_key /etc/acme/XXX.com/XXX.com.key;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://192.168.1.34:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
I also have other server behind my 192.168.1.2 and those servers are accessible.
Can anyone figure out what鈥檚 the problem? I would appreciate it very much.
