Server Crawler incorrect host header for .ocdata HEAD request

erasedhammer · July 24, 2024, 8:59pm

Getting a really weird configuration error with Nextcloud 29.0.4 and NGINX.

For the nextcloud server crawler, everything is flowing correctly through my reverse proxy EXCEPT for ocdata

For some reason this request
192.168.20.5 - - [24/Jul/2024:12:58:49 -0700] "HEAD /data/.ocdata HTTP/1.1"
is being sent to my reverse proxy with the wrong host header, i.e. it does not have my nextcloud FQDN as the host header so the proxy processes it under the default_server block. The host header is set as my reverse proxy internal IP.

I host a lot of domains on my reverse proxy, so without a proper host header, I drop the requests in the default_server block.
But every other server crawler request DOES have the correct host header, just not the ocdata request.

I had thought that maybe the issue was DNS, but everything checks out when doing a lookup from the nextcloud server:

dig nextcloud.mydomain.net

; <<>> DiG 9.18.24-1-Debian <<>> nextcloud.mydomain.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1839
;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;nextcloud.mydomain.net.    IN      A

;; ANSWER SECTION:
nextcloud.mydomain.net. 47023 IN    CNAME   rproxy.mydomain.net.
rproxy.mydomain.net. 47023  IN      A       192.168.20.6

;; Query time: 0 msec
;; SERVER: 192.168.0.1#53(192.168.0.1) (UDP)
;; WHEN: Wed Jul 24 13:56:41 PDT 2024
;; MSG SIZE  rcvd: 92

(I did think that maybe the CNAME was messing it up, but changing nextcloud to a straight A record did not resolve the issue)

I also thought that maybe the host override in config.php might fix it, but it did not solve the issue:

  'overwritehost' => 'nextcloud.mydomain.net',
  'overwrite.cli.url' => 'https://nextcloud.mydomain.net/',

This ocdata request only occurs when I browser the the administrative section and the server does it’s self checks.
Unfortunately there are zero logs in nextcloud.log.

But I have no idea why some of the checks are sending the correct header, and this one check is sending the IP as the host header?

Is this a bug or does someone know whats going on here?

jtr · July 25, 2024, 2:35pm

Check all your listed trusted_domains
Check that DNS from your Nextcloud server’s perspective resolve where you expect

Also, see, Setup checks section of the Release Notes: Upgrade to Nextcloud 28 — Nextcloud latest Administration Manual latest documentation

erasedhammer · July 25, 2024, 5:31pm

Ah, yep, it was the trusted_domains. I set that up early on and forgot I threw IPs in there. I brought it down to just the public domain and now its all flowing the correct direction.

Thanks!

system · August 2, 2024, 5:32pm

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.