Help with official Nginx docker + official Nextcloud base docker

ℹ️ Support
, ,
1

Nextcloud version - Nextcloud Hub 3 (25.0.2) official base docker container.
Operating system and version: Linux openmediavault 5.19.0-0.deb11.2-amd64
Apache or nginx version: apache2 integrated in Nextcloud base docker container + separate nginx docker nginx/1.18.0
PHP version (eg, 7.4): idk it’s integrated in Nextcloud base docker container

The issue you are facing:
I need your help to configure nginx with Nextcloud.
I was able to setup Nextcloud with offician base docker image. Everything works fine, even SSL. But I don’t understand how to configure nginx with Nextcloud. Any help will be highly appreciated.

When I try to configure Nginx with my configuration I have this error: “Access through untrusted domain
Please contact your administrator. If you are an administrator, edit the “trusted_domains” setting in config/config.php like the example in config.sample.php.”

I know it’s not easy but I’m ready to dig it no matter what.

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

  1. Install official Nextcloud base docker container with these parameters:

version: ‘2’

volumes:
nextcloud:

services:
app:
image: nextcloud
container_name: nextcloud
restart: always
network_mode: host
volumes:
- nextcloud:/var/www/html
- /distrib/nginx/ssl:/ssl

environment:
  - MYSQL_PASSWORD=password
  - MYSQL_DATABASE=nextcloud
  - MYSQL_USER=root
  - MYSQL_HOST=127.0.0.1
  1. add trusted domains to /var/www/html/config/config.php
<?php $CONFIG = array ( 'htaccess.RewriteBase' => '/', 'memcache.local' => '\\OC\\Memcache\\APCu', 'apps_paths' => array ( 0 => array ( 'path' => '/var/www/html/apps', 'url' => '/apps', 'writable' => false, ), 1 => array ( 'path' => '/var/www/html/custom_apps', 'url' => '/custom_apps', 'writable' => true, ), ), 'instanceid' => 'oc9w2g0verl0', 'passwordsalt' => 'p+wNeVDQ0GA1UghAcN/VmsUAm1kDMV', 'secret' => '/vujqzqcegVy6GWz/eW6byJ/qBM0CJp6RcVbC9ExATzCnVen', 'trusted_domains' => array ( 0 => '192.168.5.229:8899', 1 => 'my_external_ip_1:8899', 2 => 'my_external_ip_2:8899', 3 => 'my_external_ip_3:8899', 4 => 'my_external_ip_4:8899', 5 => '192.168.5.229:9999', 6 => 'my_external_ip_1:9999', 7 => 'my_external_ip_2:9999', 8 => 'my_external_ip_3:9999', 9 => 'my_external_ip_4:9999', 10 => '192.168.5.229:8999', 11 => 'my_external_ip_1:8999', 12 => 'my_external_ip_2:8999', 13 => 'my_external_ip_3:8999', 14 => 'my_external_ip_4:8999', ), 'datadirectory' => '/var/www/html/data', 'dbtype' => 'mysql', 'version' => '25.0.2.3', 'overwrite.cli.url' => 'http://192.168.5.229:8899', 'dbname' => 'nextcloud', 'dbhost' => '127.0.0.1', 'dbport' => '', 'dbtableprefix' => 'oc_', 'mysql.utf8mb4' => true, 'dbuser' => 'oc_admin', 'dbpassword' => ' true, ). `Preformatted text` 3) and this config to nginx: upstream nextcloud { server localhost:8899; keepalive 100; } server { listen 9999 ssl; listen [::]:9999 ssl; # server_name _; server_name spacecraft.mywire.org; # set max upload size client_max_body_size 10G; fastcgi_buffers 64 4K; gzip off; root /usr/share/nginx/html; index index.html index.htm; ssl_certificate /etc/nginx/ssl/chain.pem; ssl_certificate_key /etc/nginx/ssl/key.pem; access_log off; location / { root html; index index.html index.htm; proxy_pass http://nextcloud; proxy_set_header HOST $host; proxy_set_header X-Forwarded-Proto https; proxy_set_header X-Forwarded-Ssl on; } location /accounts/logout { proxy_no_cache 1; proxy_cache_bypass 1; add_header Last-Modified $date_gmt; add_header Cache-Control 'no-cache, must-revalidate, proxy-revalidate, max-age=0'; if_modified_since off; expires -1; proxy_pass http://nextcloud; etag off; } } 4) Configure Apache to use 8899 for HTTP and 8999 for HTTPS The output of your Nextcloud log in Admin > Logging: Warning no app in context Login failed: admin (Remote IP: 192.168.5.10) 2022-12-19T18:00:07+0300 Warning no app in context Login failed: admin (Remote IP: 192.168.5.1) 2022-12-19T12:46:19+0300 Warning no app in context Login failed: admin (Remote IP: 192.168.5.10) 2022-12-19T03:25:23+0300 Error PHP Error: exif_read_data(): File not supported at /var/www/html/lib/private/Metadata/Provider/ExifProvider.php#59 2022-12-18T23:06:26+0300 Warning no app in context Could not detect any host in https:///data/htaccesstest.txt 2022-12-18T23:06:10+0300 Warning no app in context Could not detect any host in http:///data/htaccesstest.txt 2022-12-18T23:06:10+0300 Warning no app in context Could not detect any host in https:///data/htaccesstest.txt 2022-12-18T23:00:19+0300 Warning no app in context Could not detect any host in http:///data/htaccesstest.txt 2022-12-18T23:00:19+0300 The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!): The output of your Apache/nginx/system log in /var/log/____: root@openmediavault:~# docker logs --follow nginx /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/ /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh 10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf is not a file or does not exist /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh /docker-entrypoint.sh: Configuration complete; ready for start up 192.168.5.10 - - [19/Dec/2022:16:43:03 +0000] "GET /apps/dashboard/ HTTP/1.1" 404 450 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors. Use a pastebin service if necessary. NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.54" 192.168.5.1 - - [19/Dec/2022:17:11:01 +0000] "-" 408 511 "-" "-" 127.0.0.1 - - [19/Dec/2022:17:11:45 +0000] "PUT /ocs/v2.php/apps/user_status/api/v1/heartbeat?format=json HTTP/1.0" 400 13914 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 192.168.5.1 - - [19/Dec/2022:17:11:45 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 304 1339 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.54" 192.168.5.1 - - [19/Dec/2022:17:12:05 +0000] "-" 408 511 "-" "-" 127.0.0.1 - - [19/Dec/2022:17:12:45 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.0" 400 13914 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 192.168.5.1 - - [19/Dec/2022:17:12:45 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 304 1339 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.54" 192.168.5.1 - - [19/Dec/2022:17:13:05 +0000] "-" 408 511 "-" "-" 192.168.5.1 - - [19/Dec/2022:17:13:45 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 304 1339 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.54" 192.168.5.1 - - [19/Dec/2022:17:14:05 +0000] "-" 408 511 "-" "-" [Mon Dec 19 17:14:22.856439 2022] [mpm_prefork:notice] [pid 1] AH00170: caught SIGWINCH, shutting down gracefully [Mon Dec 19 17:14:29.491099 2022] [ssl:warn] [pid 1] AH01909: openmediavault.local:8999:0 server certificate does NOT include an ID which matches the server name [Mon Dec 19 17:14:29.517476 2022] [ssl:warn] [pid 1] AH01909: openmediavault.local:8999:0 server certificate does NOT include an ID which matches the server name [Mon Dec 19 17:14:29.521232 2022] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.54 (Debian) PHP/8.1.13 OpenSSL/1.1.1n configured -- resuming normal operations [Mon Dec 19 17:14:29.521267 2022] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND' 192.168.5.1 - - [19/Dec/2022:17:14:45 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 304 4908 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.54" 192.168.5.1 - - [19/Dec/2022:17:15:05 +0000] "-" 408 511 "-" "-" 192.168.5.1 - - [19/Dec/2022:17:15:41 +0000] "PUT /ocs/v2.php/apps/user_status/api/v1/heartbeat?format=json HTTP/1.1" 200 1462 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.54" 192.168.5.1 - - [19/Dec/2022:17:15:41 +0000] "PUT /ocs/v2.php/apps/user_status/api/v1/heartbeat?format=json HTTP/1.1" 200 1462 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.54" 192.168.5.1 - - [19/Dec/2022:17:15:45 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 304 830 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.54" 127.0.0.1 - - [19/Dec/2022:17:15:48 +0000] "GET /csrftoken HTTP/1.0" 400 13914 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 192.168.5.1 - - [19/Dec/2022:17:16:01 +0000] "-" 408 511 "-" "-" 127.0.0.1 - - [19/Dec/2022:17:16:11 +0000] "GET /apps/dashboard/ HTTP/1.0" 400 13795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0" 127.0.0.1 - - [19/Dec/2022:17:16:11 +0000] "GET /js/core/merged-template-prepend.js?v=7cbb2a8a-0 HTTP/1.0" 400 13795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0" 127.0.0.1 - - [19/Dec/2022:17:16:11 +0000] "GET /cron.php HTTP/1.0" 400 13795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0" 127.0.0.1 - - [19/Dec/2022:17:16:14 +0000] "GET / HTTP/1.0" 400 13905 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 127.0.0.1 - - [19/Dec/2022:17:16:14 +0000] "GET /core/css/server.css?v=7cbb2a8a-0 HTTP/1.0" 200 26862 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 127.0.0.1 - - [19/Dec/2022:17:16:14 +0000] "GET /apps/theming/css/default.css?v=47354877-0 HTTP/1.0" 200 1515 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 127.0.0.1 - - [19/Dec/2022:17:16:14 +0000] "GET /core/css/guest.css?v=7cbb2a8a-0 HTTP/1.0" 200 5839 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 127.0.0.1 - - [19/Dec/2022:17:16:14 +0000] "GET /js/core/merged-template-prepend.js?v=7cbb2a8a-0 HTTP/1.0" 400 13905 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 127.0.0.1 - - [19/Dec/2022:17:16:15 +0000] "GET /core/img/favicon.ico HTTP/1.0" 200 3756 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 127.0.0.1 - - [19/Dec/2022:17:16:15 +0000] "GET /cron.php HTTP/1.0" 400 13905 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36"