Nextcloud version (eg, 20.0.5): 26.0.1
Operating system and version (eg, Ubuntu 20.04): Ubuntu 22.04.01 Linux Container
Apache or nginx version (eg, Apache 2.4.25): nginx 1.18 (Ubunt 21.04 Linux Container
PHP version (eg, 7.4): php 8.1.2
The issue you are facing:
GuzzleHttp\Exception\ConnectException: cURL error 7: Failed to connect to nc.domain.tld port 443 after 0 ms: Connection refused (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://nc.domain.tld//api/v4/users/me
Mattermost login error : cURL error 7: Failed to connect to nc.domain.tld port 443 after 0 ms: Connection refused (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://nc.domain.tld//api/v4/users/login
My setup:
Host
- nginx Container
- Nextcloud Container
TLS is activated on the nginx container and the traffic is unencrypted between both container. Now cURL can’t access the port 443. I don’t understand this.
My Nextcloud config:
<?php
$CONFIG = array (
'passwordsalt' => 'x',
'secret' => 'x',
'trusted_domains' =>
array (
0 => 'localhost',
1 => '192.168.100.110',
2 => 'x',
3 => 'x',
4 => 'nc.domain.tld',
),
'datadirectory' => '/mnt/ncdata',
'dbtype' => 'pgsql',
'version' => '26.0.1.1',
'overwrite.cli.url' => 'https://nc.domain.tld/',
'dbname' => 'nextcloud_db',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'dbuser' => 'nextcloud_db_user',
'dbpassword' => 'x',
'installed' => true,
'instanceid' => 'x',
'upgrade.disable-web' => true,
'log_type' => 'file',
'logfile' => '/var/log/nextcloud/nextcloud.log',
'loglevel' => '2',
'log.condition' =>
array (
'apps' =>
array (
0 => 'admin_audit',
),
),
'mail_smtpmode' => 'smtp',
'remember_login_cookie_lifetime' => '1800',
'log_rotate_size' => '10485760',
'trashbin_retention_obligation' => 'auto, 60',
'versions_retention_obligation' => 'auto, 180',
'activity_expire_days' => '120',
'simpleSignUpLink.shown' => false,
'memcache.local' => '\\OC\\Memcache\\Redis',
'filelocking.enabled' => true,
'memcache.distributed' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => '/var/run/redis/redis-server.sock',
'port' => 0,
'timeout' => 0.5,
'dbindex' => 0,
'password' => 'x',
),
'default_phone_region' => 'de',
'logtimezone' => 'Europe/Berlin',
'htaccess.RewriteBase' => '/',
'preview_concurrency_new' => '2',
'preview_concurrency_all' => '4',
'enabledPreviewProviders' =>
array (
0 => 'OC\\Preview\\Imaginary',
1 => 'OC\\Preview\\Image',
2 => 'OC\\Preview\\MarkDown',
3 => 'OC\\Preview\\MP3',
4 => 'OC\\Preview\\TXT',
5 => 'OC\\Preview\\OpenDocument',
6 => 'OC\\Preview\\Movie',
7 => 'OC\\Preview\\Krita',
),
'preview_imaginary_url' => 'http://127.0.0.1:9000',
'preview_max_x' => '2048',
'preview_max_y' => '2048',
'jpeg_quality' => '60',
'preview_max_memory' => '256',
'maintenance' => false,
'trusted_proxies' =>
array (
0 => '192.168.100.101',
),
'overwritehost' => 'nc.domain.tld',
'overwriteprotocol' => 'https',
'overwritewebroot' => '/',
'overwritecondaddr' => '^192\\.168\\.100\\.101$',
'app_install_overwrite' =>
array (
0 => 'apporder',
),
);
My nginx config:
# nc.domain.tld
proxy_cache_path /var/cache/nginx/cache levels=1:2 keys_zone=nextcloud_cache:10m max_size=3g inactive=120m use_temp_path=off;
server {
server_name nc.domain.tld;
location /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
location / {
proxy_pass http://192.168.100.110;
client_max_body_size 0;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_buffers 256 16k;
proxy_buffer_size 16k;
proxy_read_timeout 600s;
proxy_cache nextcloud_cache;
proxy_cache_revalidate on;
proxy_cache_min_uses 2;
proxy_cache_use_stale timeout;
proxy_cache_lock on;
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_buffering off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/nc.domain.tld/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/nc.domain.tld/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
}
server {
if ($host = nc.domain.tld) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name nc.domain.tld;
return 404; # managed by Certbot
}
Is this the first time you’ve seen this error? (Y/N): Y