Nextcloud & Nginx reverse proxy issue

IOTxpert · October 13, 2016, 8:25pm

Hi. I’m running Nextcloud in a docker on an unraid system using mariadb. All of this is behind a Nginx reverse proxy. I have the reverse proxy working and I can attach and transfer files… the odd part is when I logout a redirect occurs that redirects me to the direct url that is proxied. It doesn’t maintain the url defined by the proxy server. Anyone successfully implement behind an nginx proxy?

Here are my configs:

config.php
indent preformatted text by 4 spaces
<?php
$CONFIG = array (
‘memcache.local’ => ‘\OC\Memcache\APCu’,
‘datadirectory’ => ‘/data’,
‘instanceid’ => ‘XXXXXXX’,
‘passwordsalt’ => ‘XXXXXXXX’,
‘secret’ => ‘XXXXXXXX’,
‘trusted_domains’ =>
array (
0 => ‘10.168.1.247:8843’,
1 => ‘nasvm.st6.com:8843’,
2 => ‘joedrive.st6.com’,
),
‘overwrite.cli.url’ => ‘https://joedrive.st6.com’,
‘dbtype’ => ‘mysql’,
‘version’ => ‘9.1.1.5’,
‘dbname’ => ‘joedrive’,
‘dbhost’ => ‘10.168.1.247:3306’,
‘dbport’ => ‘’,
‘dbtableprefix’ => ‘oc_’,
‘dbuser’ => ‘XXXX’,
‘dbpassword’ => ‘XXXXXXXXXX’,
‘installed’ => true,
);
indent preformatted text by 4 spaces

Nginx config.

indent preformatted text by 4 spaces
server {
server_name joedrive.st6.com;
# sub1 config

listen 80;

listen 443 ssl;

root /config/www/nextcloud;
index index.html index.htm index.php;

server_name joedrive.st6.com;
	ssl_certificate /config/keys/fullchain.pem;
	ssl_certificate_key /config/keys/privkey.pem;
	ssl_dhparam /config/nginx/dhparams.pem;
	ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';

### Disable SSL by enforcing TLS ###
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

###Extra Settings###
	ssl_prefer_server_ciphers on;
	ssl_session_cache shared:SSL:10m;

### Add HTTP Strict Transport Security ###
	add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
	add_header Front-End-Https on;

client_max_body_size 0;

location / {
    proxy_pass https://nasvm.st6.com:8843/;

}
}

IOTxpert · October 13, 2016, 10:47pm

Resolved by adding to config.php:

‘overwritecondaddr’ => 'https://my.url.ext,
‘overwritehost’ => ‘my.url.ext’,