My constellation is a Nextcloud docker container behind an Apache Server, set up as a Proxy.
I really searched a lot and tried a lot. The only thing that helped, was editing the enabled-site in the Docker Container to use the remote-ip directives, like it is described here:
https://www.loadbalancer.org/blog/apache-and-x-forwarded-for-headers/
It then looks like this:
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" forwarded
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined env=!forwarded
CustomLog ${APACHE_LOG_DIR}/access.log forwarded env=forwarded
I changed the configuration of the Nextclod config.php File like this:
'trusted_proxies' => array('172.17.0.1','ip.from.apache.proxy',),
'overwritecondaddr' => '^172\.17\.0\.1$',
'forwarded_for_headers' => array('HTTP_X_FORWARDED',),
The 172.17.0.1 is the gateway from the Docker container.
In Apache Proxy Config, it was sufficient to switch on the “ProxyPreserve host on”
Now I get the real IPs in the docker logs nextcloud.
Hope that helps someone. Don’t know if everything is really needed, but it works for me so far.
Perhaps this would be super to integrate it already in the Docker image … that would save lots of time.