Login loop behind nginx reverse proxy, login ok inside network

ℹ️ Support
1

I’m switching from owncloud to nextcloud.

My Nextcloud instance is behind a nginx reverse proxy which has an entry for owncloud and one for nextcloud. They contain the same settings.

I have one local admin in my nextcloud db and all the other users are LDAP (openldap). From inside the network all can log in. From outside the network none can login (looping back to the login screen).

I searched quite a long time but I really don’t know what I am looking for exactly.

Here are my nginx (1.10.3) settings (I’m far from an expert, somebody else did the owncloud one, I just copied it):

location ^~ /owncloud/ {
    	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_redirect off;
	proxy_set_header Connection "Keep-Alive";
    	proxy_pass https://host_spiky_443/owncloud/;
    }

location ^~ /nextcloud/ {
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_redirect off;
	proxy_set_header Connection "Keep-Alive";
    	proxy_pass https://host_spiky_443/nextcloud/;
    }

Here is my config.php

'datadirectory' => '/var/www/nextcloud/data',
'dbtype' => 'mysql',
'version' => '11.0.2.7',
'dbname' => 'nextcloud',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'dbuser' => 'nextcloud_user',
'dbpassword' => 'of course not',
'logtimezone' => 'UTC',
'installed' => true,
'ldapIgnoreNamingRules' => false,
'ldapProviderFactory' => '\\OCA\\User_LDAP\\LDAPProviderFactory',
'maintenance' => false,
'overwriteprotocol' => 'https',
'overwritewebroot' => '/nextcloud',
'overwrite.cli.url' => 'https://spiky/nextcloud',
'logfile' => '/home/http/nextcloud.log',
'log_type' => 'file',
'loglevel' => 0,
'logdateformat' => 'F d, Y H:i:s',
'trusted_proxies' =>
  array (
    0 => '192.168.22.41',
  ),

Both owncloud and nextcloud use the same LDAP users…

Amazingly, the android client works without problem through the reverse proxy too. So I’m starting to wonder if the problem is coming from me or the nextcloud code ?

What did I miss ? What do I do wrong ?
Thanks !

2

I’m sorry to say that the problem has disappeared, but I have no idea why. My best guess is that because I update my systems regularly some negative side effect might be now gone.