Not able to solve trusted domains issue

Hi ,
i am using my nextcloud installation behind a firewall with nat.
traffic comes from

www.mydomain.com/dir

and gets nated via firewall to
local.domain.local/dir with
192.168.1.2 ip.
no ports are changed

SSL is Let’s Encrypt

NC version is 29.0.8

regardless what i am putting into that config.php array,

if i call the website via cellphone firefox, i get:

grafik

any thoughts on this, because i have no clue anymore.
thanks for any hint.

if you name the logfile u need, i’ll put it in here.

Based on your screenshot, you appear to be using a URL like http{s}://xxx.myfritz.net/nextcloud/ to access your instance. Therefore the trusted_domain needs to be xxx.myfritz.net.

it’s set like this and does not work.

Please check the output of occ config:list system --private (do not post it with that option enabled). Make sure things are properly parsed/etc.

If still stuck, at least post your censored config (occ config:list system).

1 Like

Could you please post the output of

occ config:system:get -- trusted_domains

Then you should look under what address your fritzbox speaks with your server. It is possible, that it adds *.fritz.box to the address.

You did not provide much information but if you are using apache2 webserver on a debian or ubuntu system, then go to the /etc/apache2/apache2.conf file and search for the definition of the log format. There change this line:

LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined

and add \"%{Host}i\"to it so that it looks like this:

LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\" \"%{Host}i\"" combined

Then restart you webserver.

Now open a terminal and enter

tail -f /var/log/apache2/access.log

it will show your access log in realtime.
Now call your website from various places.
At the end of each line you now will see the address under which your server was accessed.
Now you simply have to add that address to the trusted_domains array in your config/config.php

After you have done that, you can switch your logformat back to the more comon format if you wish.

hth.


Much and good luck,
ernolf

1 Like

wrong picture

well , the problem is, the ip adresses change with every connection.
before the update i got no issues with this config.

the Domain is
www.mydomain.de/subdir

Nat on firewall is:

from:
any

to service:
any

going to:
www.mydomain.de

change destination to
mydoamain.local

sudo -u webuser php occ config:system:get – trusted_domains

www.mydomain.de
192.168.100.1

apache2 logfile:

82.xx.xx.59 - - [11/Oct/2024:22:39:41 +0200] "PROPFIND /xx/remote.php/dav/addressbooks/users/xxxx/z-app-generated--contactsinteraction--recent/ HTTP/1.1" 207 6641 "-" "iOS/ (21G93) dataaccessd/1.0"
82.xx.xx.59 - - [11/Oct/2024:22:39:43 +0200] "REPORT /xx/remote.php/dav/addressbooks/users/z-server-generated--system/ HTTP/1.1" 401 6769 "-" " (21G93) dataaccessd/1.0"
82.xx.xx.59 - - [11/Oct/2024:22:39:43 +0200] "REPORT /xx/remote.php/dav/addressbooks/users/xxx/z-server-generated--system/ HTTP/1.1" 207 6347 "-" "iOS/ (21G93) dataaccessd/1.0"
109.xx.xx.214 - - [11/Oct/2024:22:40:30 +0200] "GET /apps/theming/img/background/kamil-porembinski-clouds.jpg HTTP/1.1" 404 29924 "-" "Mozilla/5.0 (Android 12; Mobile; rv:131.0) Gecko/131.0 Firefox/131.0"
109.xx.xx.214 - - [11/Oct/2024:22:40:31 +0200] "GET /xx/ HTTP/1.1" 400 23173 "-" "Mozilla/5.0 (Android 12; Mobile; rv:131.0) Gecko/131.0 Firefox/131.0"

The IP address is irrelevant (unless you’re using it in the URL).

apache2 logfile:

Did you restart Apache after making the change suggested by @ernolf? Because the host is not visible in your logging.

Solved.

Funny.

Connection to nexcloud is

mydomain.de

and not www.mydomain.de

so there is some work to do but got nothing to do with nextcloud.

Thanks for the push in the right direction.

2 Likes

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.