Nextcloud version (eg, 12.0.2): 16.04
Operating system and version (eg, Ubuntu 17.04): Mac, Windows
Apache or nginx version (eg, Apache 2.4.25): Nginx 1.14.2
PHP version (eg, 7.1): 7.3
The issue you are facing:
I have configured an Nginx reverse proxy to work with a Nextcloud server located in my home network and it works fine. The proxy works great for remote access but is quite inefficient when the Nextcloud server is on the same subnet as the client.
I have now made some enhancements to the proxy configuration to issue a redirect to the Nextcloud server’s local IP address when it detects that the incoming session is coming from the same public IP as the Nextcloud server.
The nginx redirection works fine with web browsers (Chrome, Safari, etc). However, for some reason the same redirection is not allowed when I use the Nextclient client application. When I try to start a new client session (Add New Account), the client gives the following error:
The server reported the following error: 301 Moved Permanently
Of course, the redirection is not an error at all since it is simply trying to redirect to a local IP.
I have setup config.php to include the proxy’s domain in trusted_proxys and the Nextcloud server’s local IP in trusted_domains. So I believe my configuration is correct. This is evidenced by the fact that everything works when I use a web browser to connect to the Nextcloud server both locally and remotely.
Is this the first time you’ve seen this error? (Y/N): Y
Steps to replicate it:
The output of your Nextcloud log in Admin > Logging:
Nothing appears in the log when the error occurs in the client.
The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'memcache.local' => '\OC\Memcache\APCu',
'trusted_proxies' =>
array (
'remote.domain',
'localhost',
'10.4.44.156',
'domain.local',
'127.0.0.1',
),
'passwordsalt' => '2Abgxa1BdO66or4FbA3Bjn7M2eoq80',
'secret' => 'KHYXxAlFKv36B0CDKjvckUvY2oPHgq3jQgh1zJ4T6RyoZdXM',
'trusted_domains' =>
array (
0 => 'localhost',
2 => 'domain.local',
'10.4.44.156',
'remote.domain',
),
The output of your Apache/nginx/system log in /var/log/____:
geo $local_user {
default 0;
179.50.232.108/32 1;
}
server {
server_name gigi.kopit.io www.gigi.kopit.io;
#access_log off;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
if ($local_user) {
#return 302 http://10.4.44.156$request_uri;
rewrite ^ http://10.4.44.156? permanent;
}
location / {
proxy_pass http://localhost:10000/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
# set max upload size
client_max_body_size 0;
error_page 502 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/gigi.kopit.io/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/gigi.kopit.io/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}