Nextcloud behind Nginx Proxy Manager and Safari (iOS/macOS) no access

šŸ“‘ How to
, , , ,
1

I recently moved my NextCloudPi instance behind a Nginx Proxy Manager, so that I could run other services on port 80 and 443. After I did this my friends who use iOS and macOS where unable to access my NC instance.

The issue is clearly with the Proxy Manager and so with a quick Brave Search i found the solution.

Here is what you have to do to solve the issue

  • Login to your Nginx Proxy Manager.
  • Open the [3 dots] settings menu of the NextCloud(Pi) host and select ā€œEditā€

NCP-Docx-proxy01
NCP-Docx-proxy011235Ɨ532 83.4 KB

  • In the tab menu at the top of the window that has just opened select ā€œAdvancedā€ and insert the following in the ā€œCustom Nginx Configurationā€ box:
proxy_hide_header Upgrade;

NCP-Docx-proxy02
NCP-Docx-proxy02529Ɨ636 34.5 KB

  • Click ā€œSaveā€ and it should work.

In my case it was working right away, but you might want to try and re-boot if it does not work.

2

Hello,

I have similar setup, NextCloud (Snap installation on 80/443) running behind Nginx Proxy manager.

I beg to differ.

My setup is accessible from iOS / MacOS via Safari without any extra config argument in the advance settings.

My setup has itā€™s own issue (specifically speaking upload speed) but thatā€™s a genera one and present on every platform. Regarding this, I just checked again, its working fine with latest Safari iOS / MacOS and iPadOS

Thanks.

3

The issue @michuvon is refering to happens when HTTP 2 is enabled. I guess you donā€™t have H2 enabled then?

4

I can also confirm that the custom nginx configuration is needed for iOS access with HTTP2 enabled. I found this out some time back. My other services donā€™t need it.

5

That did not do the trick.

On IOS 16 Nextcloud 25.0.1 and 2FA enabled.

I can access the login page, and enter the credentials, then nothing.
Domain:

  • Namecheap

nginx proxy manager setup:

  • Cache Assets

  • Block Common Exploits

  • Force SSL

  • HTTP/2 Support

  • HSTS Enabled

  • HSTS Subdomains

nginx proxy manager advanced config:

proxy_hide_header Upgrade;
client_max_body_size 0;
proxy_request_buffering off;
location /.well-known/carddav {
  return 301 $scheme://$host/remote.php/dav;
}
location /.well-known/caldav 
{ 
  return 301 $scheme://$host/remote.php/dav; 
}
location /.well-known/webdav 
{
 return 301 $scheme://$host/remote.php/dav; 
}

Log:
GET /login?redirect_url=/apps/dashboard/ HTTP/1.1" 200 5719 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 16_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/107.0.5304.101 Mobile/15E148 Safari/604.1"

I do have access through the IOS app and Chrome on macOS Ventura, I wonder if its related to 2FA.

  • Two-Factor TOTP Provider by Christoph Wurst AGPL-licensed v7
6

Any news Pls.?

Same here

7

as I donā€™t have any iOS 16 devices in house I can not test this. But thanks for the post, I will ask friends to test my setup to see if I have the same issue.

8

Any news :thinking:

9

I donā€˜t know if this is still an interesting point for someone, but I want to share it anyway

I had a similar issue with iOS 16 Safari and the login page at my Nextcloud (26) instance behind a NGinx reverse proxy. No login was possible. After I had inserted the credentials I was redirected to the login page. Sometimes the login worked for a few minutes and then I have to log in again. Nothing from the written extra configs could solve the issue.

After a long time of trial and error I found the config that I added to the reverse proxy setting and could solve my problems:


proxy_cookie_path / /;
proxy_set_header Cookie $http_cookie;

My conclusion is that Safari on iOS have maybe some problems to deal with cookies for the session lifetime behind a reverse proxy, but this is just a guessā€¦

Maybe it will help someone elseā€¦

Greetings

10

Thanks! It works for me. You saved my day.