Overwriteprotocol alternatives?

nginx
ssl
tor
proxy

#1

Hi,

I’m terminating SSL on my reverse-proxy server and running Nextcloud behind it using plain HTTP. I also have a Tor hidden service, which points directly to the non-SSL back-end server (since I can’t get a signed cert for a .onion domain name, and TLS is kinda redundant for hidden services anyway).

This all works great, except that Nextcloud doesn’t set a ‘__Host’ prefix on cookies because from its perspective it’s non-SSL. I can fix this by using overwriteprotocol => 'https' in config.php, however this breaks the Tor service because it causes everything to redirect to ‘https://’

So, my question is, without using overwriteprotocol is there a way to fool Nextcloud into thinking it’s using HTTPS? Both the web server running NC and the reverse proxy are nginx.

Thanks in advance for any ideas.

Cheers.


#2

For posterity: after some poking around, setting proxy_redirect https:// http://; on the tor server stanza in nginx seems to do the trick, rewriting the ‘location’ header in the response from nextcloud.