NCP + Nginx and WeDAV (issue)

kattivius · November 13, 2022, 10:10pm

[/details]

Nextcloud version (eg, 20.0.5): 24.0.5.1
Operating system and version : Debian GNU/Linux 11. 5.10.103-v8+ (aarch64)
PHP version : PHP 8.1.10

when adding nc_trusted_proxies and than looking in the config.php file, I dont see any trusted proxies configuration line.
Same the other way around: when adding manually the trusted_proxies in the config.php, I dont see it listed in the NCP config page (:4443)

And its gets even more interesting (for me). I have config.php in 2 locations:
Here:
/var/www/nextcloud/config
And here:
/media/cloud
Both have same contents. Should i assume they are mutually and automatically updated?
If someone could help me understand this, I would appreciate.
Thank you

Is this the first time you’ve seen this error? (Y/N): No. I keep trying and have same result

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php

$CONFIG = array (

  'passwordsalt' => 'blablabla',

  'secret' => '%^%$%$^%^&%$%$^$%^',

  'trusted_domains' => 

  array (

    0 => 'localhost',

    5 => 'nextcloudpi.local',

    1 => '192.168.2.60',

    4 => 'subD.duckdns.org',

    2 => 'subD.duckdns.org',

    7 => 'nextcloudpi',

    8 => 'nextcloudpi.lan',

    9 => '192.168.2.138',

    11 => 'ip_add',

    12 => 'subD.duckdns.org',

  ),

  'datadirectory' => '/path/path/ncdata',

  'tempdirectory' => '/path/path/nextcloudtemp',

  'overwrite.cli.url' => 'https://subD.duckdns.org/',

  'overwriteprotocol' => 'https',

  'trusted_proxies' => ['192.168.21.204']

  'dbtype' => 'mysql',

  'version' => '18.0.3.0',

  'dbname' => 'nextcloud',

  'dbhost' => 'localhost',

  'dbport' => '',

  'dbtableprefix' => 'oc_',

  'mysql.utf8mb4' => true,

  'dbuser' => 'user',

  'dbpassword' => 'superpass,

  'installed' => true,

  'instanceid' => 'ocyxuokvmjte',

  'memcache.local' => '\\OC\\Memcache\\Redis',

  'memcache.locking' => '\\OC\\Memcache\\Redis',

  'redis' => 

  array (

    'host' => '/var/run/redis/redis.sock',

    'port' => 0,

    'timeout' => 0.0,

    'password' => 'superpass,

  ),

  'mail_smtpmode' => 'smtp',

  'mail_smtpauthtype' => 'LOGIN',

  'mail_from_address' => 'user',

  'mail_domain' => 'domain',

  'maintenance' => false,

  'logfile' => '/path/path/ncdata/nextcloud.log',

  'loglevel' => '2',

  'log_type' => 'file',

  'mail_smtpauth' => 1,

  'mail_smtpsecure' => 'ssl',

  'mail_smtpport' => '465',

  'mail_smtpname' => 'user@domain',

  'mail_smtppassword' => 'supersuper password',

  'theme' => '',

  'jpeg_quality' => '60',

  'mail_sendmailmode' => 'smtp',

  'mail_smtphost' => 'smtp.domain.xx',

  'data-fingerprint' => 'dfdfddfdfdfdfdfdfdfdfdfd',

);

kattivius · November 21, 2022, 8:40am

Greetings,
I guess I must have expressed my issue in a non practical way as I did not see any reaction.
I try to explain the issue differently:
Router Openwrt
All LAN behind PIA VPN
I run NCP on a raspberry pi. No docker. the Pi is only for NCP
I added Nginx PM in front of it. Running on an other Raspberry pi and in a Docker.
Duckdns updates are also done from the same Nginx Pi and also on a docker (checked and IP is correctl;y updated)
Excluded the Raspberry Pi (with Nginx and Duckdns updater) from the VPN. Correctly receiving the ISP public IP

Situation:
From anunchanged config.php file, I added:
'overwrite.cli.url' => 'https://nextcloudpi/', (I had added my duckdns domain name but it keep changing it in nextcloudpi after reboot)
At the bottom of the file I do have the following:

'trusted_proxies' => 
  array (
    11 => '127.0.0.1',
    12 => '::1',
    13 => 'nextcloudpi',
    14 => '192.168.1.138', #this is my NCP
    0 => '192.168.1.204', #this is my Nginx

As it is, I can access the cloud from outside my network (from the internet)
as soon as I add anything else from several suggested methods including the Doc.nextcloud , my cloud becomes inaccessible anymore with an server error.

Moreover…
In Nginx PM, I have the following configuration:

proxy_hide_header Upgrade;
rewrite ^/\.well-known/carddav https://$server_name/remote.php/dav/ redirect;
rewrite ^/\.well-known/caldav https://$server_name/remote.php/dav/ redirect;

That allows me (but I must admit I have to confirm 100%) to use all dev applications.
One more thing: in the NCP pannel (port 4443), all is ok except that port 80 and 443 is reported closed.
That is correct as now Nginx is using it. However, should I do something about that.
Mind that Nginx is forwarding requests to Nextcloud port 443 and that works.

Can someone help me to understand what to do here?

I cant hide you my confusion about all this.
To all of this, I mustr add that I am no longer able to access my nextcloud using the domain name within my LAN. It was possible before.
I dont want to use Nextcloud as my DNS server and it seems that NAT loopback is not really working.

I know is a long shot… but I really hope someone can explain me how to have it properly working in an easy explanation (I know… I ask a lot).

Thanks