Nextcloud client not working with proxy redirects

Nextcloud version (eg, 12.0.2): 16.04
Operating system and version (eg, Ubuntu 17.04): Mac, Windows
Apache or nginx version (eg, Apache 2.4.25): Nginx 1.14.2
PHP version (eg, 7.1): 7.3

The issue you are facing:

I have configured an Nginx reverse proxy to work with a Nextcloud server located in my home network and it works fine. The proxy works great for remote access but is quite inefficient when the Nextcloud server is on the same subnet as the client.

I have now made some enhancements to the proxy configuration to issue a redirect to the Nextcloud server’s local IP address when it detects that the incoming session is coming from the same public IP as the Nextcloud server.

The nginx redirection works fine with web browsers (Chrome, Safari, etc). However, for some reason the same redirection is not allowed when I use the Nextclient client application. When I try to start a new client session (Add New Account), the client gives the following error:

The server reported the following error: 301 Moved Permanently

Of course, the redirection is not an error at all since it is simply trying to redirect to a local IP.

I have setup config.php to include the proxy’s domain in trusted_proxys and the Nextcloud server’s local IP in trusted_domains. So I believe my configuration is correct. This is evidenced by the fact that everything works when I use a web browser to connect to the Nextcloud server both locally and remotely.

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

The output of your Nextcloud log in Admin > Logging:

Nothing appears in the log when the error occurs in the client.

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'memcache.local' => '\OC\Memcache\APCu',
  'trusted_proxies' =>
  array (
    'remote.domain',
    'localhost',
    '10.4.44.156',
    'domain.local',
    '127.0.0.1',
  ),
  'passwordsalt' => '2Abgxa1BdO66or4FbA3Bjn7M2eoq80',
  'secret' => 'KHYXxAlFKv36B0CDKjvckUvY2oPHgq3jQgh1zJ4T6RyoZdXM',
  'trusted_domains' => 
  array (
    0 => 'localhost',
    2 => 'domain.local',
    '10.4.44.156',
    'remote.domain',
  ),

The output of your Apache/nginx/system log in /var/log/____:

geo $local_user {
  default 0;
  179.50.232.108/32 1;
}

server {
    server_name gigi.kopit.io www.gigi.kopit.io;
    #access_log off;
    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;
    if ($local_user) {
        #return 302 http://10.4.44.156$request_uri;
        rewrite ^ http://10.4.44.156? permanent;
    }
    location / {
            proxy_pass http://localhost:10000/;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto https;
            proxy_redirect off;
    }
    # set max upload size
    client_max_body_size 0;
    error_page 502 /50x.html;
    location = /50x.html {
            root /usr/share/nginx/html;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/gigi.kopit.io/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/gigi.kopit.io/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

I figured out the 1st issue. It looks like the nextcloud client does not like redirection from https to http. I tried http >> http redirection and now the client works.

My next issue is that the client is modifying the configured Nextcloud server URL based on redirects. In my case, the proxy is issuing a 302 (temporarily moved). I was assuming the Nextcloud client would follow a 302 redirection but not store it permanently as the new server configuration. Is there any way to get the nextcloud client to follow a redirection but not store it as the server URL?

I too am having this issue have you by chance found a resolution?

I have not. I do not have the time right now to fix this issue myself. Sorry.