Hi guys !
I posted here because I have no idea what to do.
My configuration consist of docker-compose with nextcloud app and db. I also have another nginx container that act as reverse proxy. In version 19 everything run ok. The problem appear after I upgrade the image of nextcloud app, now 20.
My problem is that I got 404 for https://my-domain/nextcloud/ .
After some hours of debug, I drop the docker-compose, and run it again (without the proxy).
Everything seams to be ok.
After I start my reverse proxy and configure nextcloud app to use only https the problem is back.
Here is my Ngnix proxy configuration, hope someone can spot the problem and help me:
upstream nextcloud {
server localhost:81;
}server {
listen 80;
server_name my-domain.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl default_server;
server_name my-domain.com;access_log /var/log/nginx/reverse-access.log;
error_log /var/log/nginx/reverse-error.log;ssl_certificate /etc/letsencrypt/live/my-domain.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/my-domain.com/privkey.pem; # managed by Certbotadd_header Strict-Transport-Security “max-age=15768000; includeSubdomains” always;
server_tokens off;
ssl_stapling on;
ssl_trusted_certificate /etc/letsencrypt/live/my-domain.com/chain.pem;
ssl_stapling_verify on;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;add_header Referrer-Policy “no-referrer” always;
add_header X-Content-Type-Options “nosniff” always;
add_header X-Download-Options “noopen” always;
add_header X-Frame-Options “SAMEORIGIN” always;
add_header X-Permitted-Cross-Domain-Policies “none” always;
add_header X-Robots-Tag “none” always;
add_header X-XSS-Protection “1; mode=block” always;# Remove X-Powered-By, which is an information leak fastcgi_hide_header X-Powered-By; location = /.well-known/carddav { return 301 $scheme://$host:$server_port/nextcloud/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host:$server_port/nextcloud/remote.php/dav; } location /.well-known/acme-challenge { } location ^~ /nextcloud { client_max_body_size 0; fastcgi_buffers 64 4K; gzip on; gzip_vary on; gzip_comp_level 4; gzip_min_length 256; gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; location /nextcloud { rewrite ^ /nextcloud/index.php; } location ~ ^\/nextcloud\/(?:build|tests|config|lib|3rdparty|templates|data)\/ { deny all; } location ~ ^\/nextcloud\/(?:\.|autotest|occ|issue|indie|db_|console) { deny all; } location ~ ^\/nextcloud\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy)\.php(?:$|\/) { fastcgi_split_path_info ^(.+?\.php)(\/.*|)$; set $path_info $fastcgi_path_info; try_files $fastcgi_script_name =404; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $path_info; fastcgi_param HTTPS on; fastcgi_param modHeadersAvailable true; fastcgi_param front_controller_active true; fastcgi_pass nextcloud; fastcgi_intercept_errors on; fastcgi_request_buffering off; } location ~ ^\/nextcloud\/(?:updater|oc[ms]-provider)(?:$|\/) { try_files $uri/ =404; index index.php; } location ~ ^\/nextcloud\/.+[^\/]\.(?:css|js|woff2?|svg|gif|map)$ { try_files $uri /nextcloud/index.php$request_uri; add_header Cache-Control "public, max-age=15778463"; access_log off; } location ~ ^\/nextcloud\/.+[^\/]\.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ { try_files $uri /nextcloud/index.php$request_uri; access_log off; } }}