fw114
October 10, 2024, 6:24pm
1
Hi ,
i am using my nextcloud installation behind a firewall with nat.
traffic comes from
www.mydomain.com/dir
and gets nated via firewall to
local.domain.local/dir
with
192.168.1.2
ip.
no ports are changed
SSL is Let’s Encrypt
NC version is 29.0.8
regardless what i am putting into that config.php array,
if i call the website via cellphone firefox, i get:
any thoughts on this, because i have no clue anymore.
thanks for any hint.
if you name the logfile u need, i’ll put it in here.
jtr
October 10, 2024, 8:21pm
2
Based on your screenshot, you appear to be using a URL like http{s}://xxx.myfritz.net/nextcloud/
to access your instance. Therefore the trusted_domain
needs to be xxx.myfritz.net
.
fw114
October 11, 2024, 5:40pm
3
it’s set like this and does not work.
jtr
October 11, 2024, 6:15pm
4
Please check the output of occ config:list system --private
(do not post it with that option enabled). Make sure things are properly parsed/etc.
If still stuck, at least post your censored config (occ config:list system
).
1 Like
ernolf
October 11, 2024, 6:20pm
5
Could you please post the output of
occ config:system:get -- trusted_domains
Then you should look under what address your fritzbox speaks with your server. It is possible, that it adds *.fritz.box to the address.
You did not provide much information but if you are using apache2 webserver on a debian or ubuntu system, then go to the /etc/apache2/apache2.conf
file and search for the definition of the log format. There change this line:
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
and add \"%{Host}i\"
to it so that it looks like this:
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\" \"%{Host}i\"" combined
Then restart you webserver.
Now open a terminal and enter
tail -f /var/log/apache2/access.log
it will show your access log in realtime.
Now call your website from various places.
At the end of each line you now will see the address under which your server was accessed.
Now you simply have to add that address to the trusted_domains
array in your config/config.php
After you have done that, you can switch your logformat back to the more comon format if you wish.
hth.
Much and good luck,
ernolf
1 Like
fw114
October 11, 2024, 8:54pm
6
wrong picture
well , the problem is, the ip adresses change with every connection.
before the update i got no issues with this config.
the Domain is
www.mydomain.de/subdir
Nat on firewall is:
from:
any
to service:
any
going to:
www.mydomain.de
change destination to
mydoamain.local
sudo -u webuser php occ config:system:get – trusted_domains
www.mydomain.de
192.168.100.1
apache2 logfile:
82.xx.xx.59 - - [11/Oct/2024:22:39:41 +0200] "PROPFIND /xx/remote.php/dav/addressbooks/users/xxxx/z-app-generated--contactsinteraction--recent/ HTTP/1.1" 207 6641 "-" "iOS/ (21G93) dataaccessd/1.0"
82.xx.xx.59 - - [11/Oct/2024:22:39:43 +0200] "REPORT /xx/remote.php/dav/addressbooks/users/z-server-generated--system/ HTTP/1.1" 401 6769 "-" " (21G93) dataaccessd/1.0"
82.xx.xx.59 - - [11/Oct/2024:22:39:43 +0200] "REPORT /xx/remote.php/dav/addressbooks/users/xxx/z-server-generated--system/ HTTP/1.1" 207 6347 "-" "iOS/ (21G93) dataaccessd/1.0"
109.xx.xx.214 - - [11/Oct/2024:22:40:30 +0200] "GET /apps/theming/img/background/kamil-porembinski-clouds.jpg HTTP/1.1" 404 29924 "-" "Mozilla/5.0 (Android 12; Mobile; rv:131.0) Gecko/131.0 Firefox/131.0"
109.xx.xx.214 - - [11/Oct/2024:22:40:31 +0200] "GET /xx/ HTTP/1.1" 400 23173 "-" "Mozilla/5.0 (Android 12; Mobile; rv:131.0) Gecko/131.0 Firefox/131.0"
jtr
October 11, 2024, 9:15pm
7
The IP address is irrelevant (unless you’re using it in the URL).
apache2 logfile:
Did you restart Apache after making the change suggested by @ernolf ? Because the host is not visible in your logging.
fw114
October 12, 2024, 7:31am
8
Solved.
Funny.
Connection to nexcloud is
mydomain.de
and not www.mydomain.de
so there is some work to do but got nothing to do with nextcloud.
Thanks for the push in the right direction.
2 Likes
system
Closed
October 20, 2024, 7:31am
9
This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.