@kesselb - first of all, thanks a lot for following up, I am quite lost in the settings to be frank.
I set this on caddy and these are the headers which are forwarded to each container (including nextcloud). I removed the non-X ones:
X-Real-Ip is there, it is the IP of the client calling nextcloud.
I also set in the docker-compose file for nextcloud
TRUSTED_PROXIES='172.18.0.0/16' (this is the internal docker network, on which all containers are, including the reverse proxy)
I tried to set and unset (again, in the docker-compose file for nextcloud)
None of this changed the logging, this is still the IP of the proxy that is displayed.
I then recalled that you wrote (emphasis mine)
Or enable remoteip again and tell caddy to send x-forwarded-for as x-real-ip. But overwritehost and overwriteprotcol are mandatory then.
I am not sure what they mean - the documentation says that these “set the protocol and hostname of the proxy”. I do not know what “the hostname of the proxy” is supposed to be.
My proxy (caddy) has a CNAME
nextcloud.example.com (and many others, one for each service behind the proxy). I tried to set this as
overwriteprotcol because the full URI is
https://nextcloud.example.com - but this did not change anything.
All this was done with a clean nextcloud configuration, the only things I changed there are
0 => 'nextcloud.example.com',
'overwrite.cli.url' => 'https://nextcloud.example.com',
'overwriteprotocol' => 'https',
'overwritehost' => 'nextcloud.example.com',
(the actual domain name is mine of course)
overwritehost refers to the IP the call comes from (the IP of the proxy, as seen within nextcloud network), so I tried
'overwriteprotocol' => 'http',
'overwritehost' => '172.18.0.1',
Same thing: the IP of the proxy is logged