Nginx reverse proxy, what to write in nextcloud's config.php?

bump :cold_sweat:

Bump :sweat:

Bumpy bump

Sorry, I haven’t received any email notifications from this thread in about a week, and I haven’t logged in here since then.

Ok, I see what you mean. Nextcloud seems to be in a redirect loop, so in that case you would need to modify the Nextcloud config. Have you changed any other parameters besides overwritewebroot? Maybe you need to use overwritehost as well?

Reverse Proxy Configuration

Also take a look at your htaccess.RewriteBase

Config.php Parameters

Another thing you mentioned was about using HTTPS. Are you using HTTPS with Nextcloud? If you are, that could be related to the problem because it would redirect from HTTP to HTTPS. I would recommend getting things working over HTTP first, then work on adding HTTPS later.

I am having the exact same problem. My config has been modified to add the domain of my nginx server to the trusted_domains along with several overwrite modifications (below). If there is an update on how to fix this, please let me know.

  'trusted_domains' => 
  array (
    0 => '192.168.1.85:444',
    1 => 'home.server.com',
  ),
  'overwrite.cli.url' => 'https://home.server.com',
  'overwritehost'     => 'home.server.com',
  'overwriteprotocol' => 'https',
  'overwritewebroot'  => '/nextcloud',

When you say you’re having the exact same problem, do you mean you’re getting a redirect loop and the browser returns “ERR_TOO_MANY_REDIRECTS”?
I think it would be helpful to see the results of both the NGINX access logs and Apache access logs, so we can see what’s causing the redirect loop. Without that, we’re just doing trial and error which is extremely difficult for someone without access to the machines.

Same redirect problem here,

a way to upload the log files as mine are a bit long? XD

Also not sure if i found the access log file for nginx

Ok, so you’re getting a redirect loop… Do you have the same configuration as the original poster? As in do you have nextcloud running with Apache, no ssl, behind a reverse proxy running nginx?
Otherwise troubleshooting steps will be different.

So far i’ve installed nextcloud via the pbi on freenas, (apache)

next ive installed a nginx server with letsencrypt
and set it up for reversed proxy
currently domain.net/nextcloud
(Not quite sure yet how to remove the /nextcloud from domain in nginx.
i just wanted to use NC for school and it seemed a fun project to tackle but 0_o)

nginx now should communicate with nextcloud over http
and nginx to client over https (the nginx errors are already secured x0)

i’m also open for teamviewer, might learn something from a guru doing his/hers magic :smiley:

Maybe nextcloud sees its coming from a https and tries to redirect its self? while it should not?

I’m no guru, but given enough time and patience I can probably help you solve your issue.
How about posting your nextcloud config (remove sensitive values), Apache config, and nginx config.

for Apache id have to check where they have hidden the file,

in de php ive changed the overwrite protocol to http just to try.

further more now when accessing locally it redirects to the domain and then end up with the same too many redirect message
almost as if nextcloud is redirecting to le proxy and proxy to le nextcloud 0_o

not sure that it is in a loop like that because i changed settings to see where the problem lies
nginx

> load_module /usr/local/libexec/nginx/ngx_mail_module.so;
> load_module /usr/local/libexec/nginx/ngx_stream_module.so;

> #user  nobody;
> worker_processes  8;

> # This default error log path is compiled-in to make sure configuration parsing
> # errors are logged somewhere, especially during unattended boot when stderr
> # isn't normally logged anywhere. This path will be touched on every nginx
> # start regardless of error log location configured here. See
> # https://trac.nginx.org/nginx/ticket/147 for more info.
> #
> #error_log  /var/log/nginx/error.log;
> #

> #pid        logs/nginx.pid;


> events {
>     worker_connections  1024;
> }


> http {
>     include       mime.types;
>     default_type  application/octet-stream;

>     #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
>     #                  '$status $body_bytes_sent "$http_referer" '
>     #                  '"$http_user_agent" "$http_x_forwarded_for"';

>     #access_log  logs/access.log  main;

>     sendfile        on;
>     #tcp_nopush     on;

>     #keepalive_timeout  0;
>     keepalive_timeout  65;

>     #gzip  on;

>     server {
>         listen 80;
>         server_name derp.org;

>         return 301 https://$server_name$request_uri;
>         }

>     server {
>         listen       443 ssl;
>         server_name  derp.org;
>         include ssl_common.conf;
>         include proxy_setup.conf;

>         #charset koi8-r;

>         #access_log  logs/host.access.log  main;

>         location / {
>             root   /usr/local/www/nginx;
>             index  index.html index.htm;
>         }

>         #error_page  404              /404.html;

>         # redirect server error pages to the static page /50x.html
>         #
>         error_page   500 502 503 504  /50x.html;
>         location = /50x.html {
>             root   /usr/local/www/nginx-dist;
>         }

>         # proxy the PHP scripts to Apache listening on 127.0.0.1:80
>         #
>         #location ~ \.php$ {
>         #    proxy_pass   http://127.0.0.1;
>         #}

>         # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
>         #
>         #location ~ \.php$ {
>         #    root           html;
>         #    fastcgi_pass   127.0.0.1:9000;
>         #    fastcgi_index  index.php;
>         #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
>         #    include        fastcgi_params;
>         #}

>         # deny access to .htaccess files, if Apache's document root
>         # concurs with nginx's one
>         #
>         #location ~ /\.ht {
>         #    deny  all;
>         #}
>     }


>     # another virtual host using mix of IP-, name-, and port-based configuration
>     #
>     #server {
>     #    listen       8000;
>     #    listen       somename:8080;
>     #    server_name  somename  alias  another.alias;

>     #    location / {
>     #        root   html;
>     #        index  index.html index.htm;
>     #    }
>     #}


>     # HTTPS server
>     #
>     #server {
>     #    listen       443 ssl;
>     #    server_name  localhost;

>     #    ssl_certificate      cert.pem;
>     #    ssl_certificate_key  cert.key;

>     #    ssl_session_cache    shared:SSL:1m;
>     #    ssl_session_timeout  5m;

>     #    ssl_ciphers  HIGH:!aNULL:!MD5;
>     #    ssl_prefer_server_ciphers  on;

>     #    location / {
>     #        root   html;
>     #        index  index.html index.htm;
>     #    }
>     #}

}

hi guys,
you may find a complete installation and configuration procedure for Nextcloud and NGINX as reverse proxy and webserver at my blog

Please compare the following files to yours:
nginx.conf
gateway.conf
nextcloud.conf
and Nextclouds config.php

That works fine for many servers on different plattforms.
cheers, carsten

Did someone find a solution for this problem?

Facing the same ERR_TOO_MANY_REDIRECTS using Nginx reverse proxy.
Did someone find a solution?

This isn’t a problem with Nextcloud, it’s a problem with your Apache and/or Nginx configuration. Without posting your configuration, we can’t know what might be wrong in your scenario. I would recommend opening a new thread and posting your configuration because your redirect issue probably isn’t related to the original question here which was asking what to write in Nextcloud’s configuration.

I had the same issue.

it happen for me when i tried to join the website the first time, but accidently still had cookies from an old session refering to this address.

i was going into an incognito mode and noticed it is working there.
so i removed all cookies related to the url /ip and it worked.

Kind regards
Gardosen

The fix is available on github https://github.com/nextcloud/server/pull/8042

Took me a day to track down the issue for my reverse proxy setup. I’ve also solved how to run it via a sub folder of a reverse proxy while the Nextcloud instance is installed in a root setup. I’ll post those config a when I’m able to.

Somehow we’ve determined that this needs to be fixed in Nextcloud without showing that the nginx/apache configurations are correct? I don’t understand this… :confused:

The issue is in the routes. The request path comes in as “/login/“ but if you notice in the routes most of them don’t have a trailing slash. Specifically the login only works if the route is “/login”. There is code already present in nextcloud to account for adding a slash to the route but there is no code for removing a trailing slash on the route.

Thus due to what is stated in the pull request the nextcloud will constantly send you to “/login/“ due to the code adding a trailing slash to the url. Then when it detects you’re not logged in will send you back to “/login”. Which creates an infinite loop.