Getting a really weird configuration error with Nextcloud 29.0.4 and NGINX.
For the nextcloud server crawler, everything is flowing correctly through my reverse proxy EXCEPT for ocdata
For some reason this request
192.168.20.5 - - [24/Jul/2024:12:58:49 -0700] "HEAD /data/.ocdata HTTP/1.1"
is being sent to my reverse proxy with the wrong host header, i.e. it does not have my nextcloud FQDN as the host header so the proxy processes it under the default_server
block. The host header is set as my reverse proxy internal IP.
I host a lot of domains on my reverse proxy, so without a proper host header, I drop the requests in the default_server
block.
But every other server crawler request DOES have the correct host header, just not the ocdata request.
I had thought that maybe the issue was DNS, but everything checks out when doing a lookup from the nextcloud server:
dig nextcloud.mydomain.net
; <<>> DiG 9.18.24-1-Debian <<>> nextcloud.mydomain.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1839
;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;nextcloud.mydomain.net. IN A
;; ANSWER SECTION:
nextcloud.mydomain.net. 47023 IN CNAME rproxy.mydomain.net.
rproxy.mydomain.net. 47023 IN A 192.168.20.6
;; Query time: 0 msec
;; SERVER: 192.168.0.1#53(192.168.0.1) (UDP)
;; WHEN: Wed Jul 24 13:56:41 PDT 2024
;; MSG SIZE rcvd: 92
(I did think that maybe the CNAME was messing it up, but changing nextcloud to a straight A record did not resolve the issue)
I also thought that maybe the host override in config.php might fix it, but it did not solve the issue:
'overwritehost' => 'nextcloud.mydomain.net',
'overwrite.cli.url' => 'https://nextcloud.mydomain.net/',
This ocdata request only occurs when I browser the the administrative section and the server does it’s self checks.
Unfortunately there are zero logs in nextcloud.log.
But I have no idea why some of the checks are sending the correct header, and this one check is sending the IP as the host header?
Is this a bug or does someone know whats going on here?