I know, HTTPS is important for security. I get that. I want to use a proxy server to apply HTTPS outside of Nextcloud (because I have multiple services on my network which need to respond to requests on 443).

I’ve already configured Nextcloud and the proxy server and everything is working. I’ve added other services and now have problems with Nextcloud. I’m trying to debug and it’s very difficult because when I try to access my Nextcloud directly (without the proxy) by visiting http://nextcloud.internal.ip.address the browser is being redirected to https://nextcloud.internal.ip.address/login. Of course that’s not working because the web server isn’t set to listen to 443. I never setup Nextcloud to force HTTPS, and there’s nothing in config.php which would cause it to.

I’m using nginx for the proxy and the main server, there’s nothing in the main server config to respond to SSL requests and the main proxy is turned off for the time being.

If I configure a different domain to point to nextcloud.internal.ip.address I’m taken to the trusted domain webpage, but when I click to add the domain it redirects my request to the https:// version (which doesn’t respond because the server isn’t setup to listen to 443). I’m guessing things were working before because I had configured the SSL proxy and everything was coming through it so random https redirects didn’t hurt anything.

How do I make Nextcloud NEVER force HTTPS?

hello,
from my point of view, this redirection is due to the NGINX configuration files. Did you check the /etc/nginx/conf.d/.conf or /etc/nginx/sites-available/.conf ?
you should find something like that:

server {
listen 80 default_server;
server_name your_domain.fr www.your_domain.fr;

enforce https

return 301 https://$server_name$request_uri;
}

which is the cause of your redirection …

Yep, that’s exactly how my proxy server is configured however like I said the proxy server is turned off and I’m accessing Nextcloud directly. It behaved like this the moment I installed it but I never thought anything of it because it was going to be https proxied anyway.

The nginx conf file for the Nextcloud server has 1 listen directive and it’s listening to 80.

did you enable HSTS ?
if yes, try access using another browser …

The proxy uses HSTS but the internal IP shouldn’t have an HSTS record. Further if I try to navigate to http://ip.address/login it works, it won’t log in because it insists on redirecting to https to log in, but it doesn’t redirect every request. I suspect something in the code base is causing the redirect for some instructions.

Regardless I did try a new browser, same behavior.

I figured it out. Turns out I need to work on the old reading comprehension.

https://docs.nextcloud.com/server/9/admin_manual/installation/nginx_examples.html says

Remove fastcgi_params HTTPS on;

I hadn’t done that, now it works perfect!

thanks very much

comments out the line saved me.

I did that, however it still redirects me to https during login Same as you, on internal IP, with nginx serving it on port 80

It’s same to me.

I tried to

1. session.cookie_secure = off(on php-fpm)
   php_admin_flag[session.cookie_secure] = off
2. remove fastcgi_params HTTPS on;
3. rewrite nginx.conf

From

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

To

server {
listen 80;
listen [::]:80;

But When I enter ID/PW to log in,
Redirect to Login Page.

Debug Tools tel ‘http://xxxxxx/apps/files/’ has no responce
Error log line is "GET /apps/files/ HTTP/1.1 303 0 "

it work fine to me!

add changes the following steps.

4. delete nginx add_header!
   add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";

5. restart everything

restart php-fpm
restart nginx
restart redis

6. Browse in secret mode

start Chrome with secret mode.

That’s done.