How to set trusted proxy when using Nginx proxy manager

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP, AIO)
, ,
1

Hi,
I’m trying to set up a nextcloud docker using nginx proxy manager.
Nextcloud itself works as expected but when I’m looking into the settings under Administration > Overview it says:

  • You are accessing your instance over a secure connection, however your instance is generating insecure URLs. This most likely means that you are behind a reverse proxy and the overwrite config variables are not set correctly. Please read the documentation page about this :arrow_upper_right:.

As far as I understand I have to add my proxy to trusted proxies either through a environment variable in my docker-compose file or directly in the config.php file. I tried to do that but it didn’t work.

  • Should I enter a IP or the name of the proxy container? (Apparently the IP changes)
  • If I can use the IP: How do I find out which IP I have to use?
  • If I should use the container name:
    • Does the environmental variable also support names or just IP address?
    • Can I use the container name even though the proxy manager is in a separate file?
2

I have the same question. Did you ever find a solution?

3

I may have a solution. At least I made some changes and was able to log into nextcloud and the message is gone from Administration Overview.

This is what I did. First in my proxy docker-compose.yml file I gave the proxy a container_name. Likes container_name: nextcloud-proxy-1. I used the same name as what it would auto generate. Full service is like this:

  proxy:
    build: ./proxy
    restart: always
    ports:
      - 80:80
      - 443:443
    labels:
      com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: "true"
    volumes:
      - certs:/etc/nginx/certs:ro
      - vhost.d:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - /var/run/docker.sock:/tmp/docker.sock:ro
    container_name: nextcloud-proxy-1
    networks:
      - proxy-tier

Then for my nextcloud service I added a trusted proxies environment variable like - TRUSTED_PROXIES=nextcloud-proxy-1. Of course it has to be the same name. It goes in like this:

  app:
    image: nextcloud:apache
    restart: always
    volumes:
      - nextcloud:/var/www/html
    environment:
      - VIRTUAL_HOST=my.domain.com
      #- LETSENCRYPT_HOST=
      #- LETSENCRYPT_EMAIL=
      - MYSQL_HOST=db
      - REDIS_HOST=redis
      - NEXTCLOUD_TRUSTED_DOMAINS=my.domain.com
      - TRUSTED_PROXIES=nextcloud-proxy-1
      - NEXTCLOUD_HOSTNAME=my.domain.com
...

After that I did docker-compose down and up.

Then I looked at the config file but show nothing about my trusted proxy. My experience has been the config is not updated from the docker compose file except at the first run. But before I deleted all my containers and volumes to re-build it, I ran:

docker exec --user www-data nextcloud-app-1 php occ config:system:get trusted_proxies
and it returned nextcloud-proxy-1.

I was kind of surprised by this so I logged out of nextcloud web interface. It was at this point I got an error. But after refreshing I got back to the main page and was able to log out and back in. At that point the error message was no longer in the Administration Overview.