Share link with wrong domain

Hi,

I use nextcloud 23.0.2 with two domains. share.domain1.com from local connection and share.domain2.com from outside through WAF connection.

When I log in and share link with a email I receive link on email with domain1 and of course I can’t connect because it’s only local domain.

Where is the setting to change that configuration?

You find some settings ins config/config.php

Why do you not use only the external domain? Then you can use the same domain e.g. from Web and App form LAN and WAN. Search Hairpinning and NAT Loopback for your router.

I use only one domain and it works fine and there is no additional security risk.

1 Like

I found ‘overwritehost’ option but then it redirects my session to domain2.com roll_eyes:

I think you’ll need to modify the headers using your web server configuration…

X-Forwarded-For

is normally required to properly configure a reverse proxy.

Here’s apache’s documentation:

https://httpd.apache.org/docs/2.4/mod/mod_proxy.html

And nginx:

https://www.nginx.com/resources/wiki/start/topics/examples/forwarded/

Hi @fropa,
You are missing the required support template. Please fill this form out and edit into your post.

This will give us the technical info and logs needed to help you! Thanks.

Nextcloud version : 23.0.2
Operating system and version : rhel 8.5
Apache or nginx version : Apache/2.4.37
PHP version : PHP 7.4.28

I connect nextcloud with share.domain1.com from the local network (use apache on the same server) and connect with share.domain2.com from external, throught WAF.
When I used ‘overwritehost’ => ‘share.domain2.com’, option then it started to redirect portal to the domain2. (I try to connect domain1 but it redirects).

I only want to connect the portal with that two domain and use only domain2 for share links.

<?php
$CONFIG = array (
  'instanceid' => 'ocl7fx8z9fxf',
  'passwordsalt' => '',
  'secret' => '',
  'trusted_domains' =>
  array (
    0 => '',
    1 => '',
    2 => '',
    6 => '',
    7 => '',
  ),
  'datadirectory' => '/share/',
  'dbtype' => 'mysql',
  'version' => '23.0.2.1',



# share link domain change
#  'overwritehost' => 'share.X.X',

  #session timeout
  'session_lifetime' => 3600,
  'session_keepalive' => false,
  'remember_login_cookie_lifetime' => 0,


  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => '',
  'dbpassword' => '',
  'installed' => true,
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
  
# there is that domain2 but not works.  
  'mail_domain' => 'domain2.com',
  'mail_from_address' => '',
  'mail_smtpmode' => 'smtp',
  'mail_smtphost' => '',
  'mail_smtpauthtype' => 'NTLM',
  'mail_smtpport' => '25',
  'mail_sendmailmode' => 'smtp',
  'twofactor_enforced' => 'false',
  'twofactor_enforced_groups' =>
  array (
    0 => 'SYS',
  ),
  'twofactor_enforced_excluded_groups' =>
  array (
  ),
);

This has been discussed several times here in the forums and there is no GUI setting and no configuration parameter for it. Also there is probably not a big interest from Nextcloud’s side to include this feature to the core server, because the “clean” way to solve this would be local DNS records, which would then allow you to access your nextcloud server using the same domain as you would use to access it from the internet

I found the following thread where someone is linking to a GitHub issue in which someone claims to have developed a solution:

https://help.nextcloud.com/t/change-domain-url-in-shared-links/30972/12?u=bb77

Maybe you can contact this user and maybe someone could even develop an app and publish it to the Nextcloud App Store. In the meantime there are basically three possibilities how you clould solve the issue:

  1. Develop a solution yourself or hire someone to develop a solution.

  2. Use the same URL from everywhere. (preferred variant)

  3. Change the link manually before sending it. (not really a good solution, for obvious reasons :wink: )

2 Likes

Thank you for the answer I understand.

In the documentation there is " The automatic hostname detection " - is detected hostname used for domain of the shared links? and where actually decection happens?

Yes, but this doesn’t really help with your problem, because if you for example add 'overwritehost' => 'domain2.tld' to the config.php, the URL will indeed be rewritten to domain2.tld, but then you can only use your Nextloud via domain2.tld anymore. It overwrites the URL with which you are accessing your Nextcloud not just the domain which will be used for the shares. I’m pretty sure that their is no configuration parametaer integrtated which allows you to configure the URL for accessing Nextcloud and the URL for shares independently.

1 Like

Understand,
I tried to change hostname of the machine, restarted services (then server :smiley: ) but this value not changed, that’s why I’m asking that where the detection happens.

I don’t know how exactley the detection works. But if you want to share links via domain2 you have to make sure that you are connected via Domain2.

Addition: Of course you also need to have working DNS for both domains in order for the rewrite from Domain1 to Domain2 to work, which then would make the whole override thing kind of pointless, because in that case you could also just use Domain2 directly. :wink:

so you are accessing your server at home via the local-ip (which you may have bound to some local URL like 192.168.178.100 = share.local.url because of (anticipated) better connection speed?

Right?

In this case you should look up keyword “hairpinning” (aka NAT loopback) for your local router. it would internally bind share.external.url to 192.168.178.100 and thus your data would never leave your LAN and you could benefit from speed-advantages.

You can setup a VPN server on domain1 and create a tunnel from domain2.

To install it, just run that script:

@Sanook Why would you try to solve an issue, which is mainly caused by an overcomplicated setup, by adding even more complexity? The goal should be to simplify the setup by using the same domain for internal and external access. This can generally be done by using Hairpin NAT if the router supports it or by using a local DNS server.

@fropa In order to provide assistance here, we would need to know more details about how your network is laid out and what router / firewall you are using. You also mention a WAF (Web Application Firewall) for external access… But keep in mind that this would be more a general network engineering and planing question, which is not really specific to Nextcloud anymore. But maybe some users here might be able to help if you provide more details about your setup / infrastructure. I would recommand open a new topic for that though.

1 Like