Hello
I had traefik2 + nginx + nextcloud working with docker-compose.
Few week ago it stopped working for weird reason (and I changed a lot of things so cannot rollback)
I tried to remove nginx (replaced by apache) to isolate the issue but still the same. I guess it comes from traefik, or security in nextcloud, (or network in swarm ??) but donât know where to look anymoreâŚ
I get properly the status page of nextcloud
https://nextcloud.domain.be/status.php
{
âinstalledâ: true,
âmaintenanceâ: false,
âneedsDbUpgradeâ: false,
âversionâ: â19.0.12.0â,
âversionstringâ: â19.0.12â,
âeditionâ: ââ,
âproductnameâ: âSteppersâ,
âextendedSupportâ: false
}
10.0.1.3 - - [28/May/2021:13:36:51 +0000] "HEAD /status.php HTTP/1.1" 200 1514 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 Safari/605.1.15"
But if I try to reach the login page, I get âBad Gatewayâ after some time (a time out ?)
But I see in apache log that nextcloud replied with 200 !!!
10.0.1.3 - - [28/May/2021:13:30:04 +0000] "GET /index.php/login HTTP/1.1" 200 5034 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36"
In traefik I see the following for the login page call:
021-05-28T13:51:00Z" level=debug msg="vulcand/oxy/roundrobin/rr: begin ServeHttp on request" Request="{\"Method\":\"GET\",\"URL\":{\"Scheme\":\"\",\"Opaque\":\"\",\"User\":null,\"Host\":\"\",\"Path\":\"/index.php/login\",\"RawPath\":\"\",\"ForceQuery\":false,\"RawQuery\":\"\",\"Fragment\":\"\",\"RawFragment\":\"\"},\"Proto\":\"HTTP/2.0\",\"ProtoMajor\":2,\"ProtoMinor\":0,\"Header\":{\"Accept\":[\"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\"],\"Accept-Encoding\":[\"gzip, deflate, br\"],\"Accept-Language\":[\"en,fr-BE;q=0.9,fr-FR;q=0.8,fr;q=0.7,en-US;q=0.6\"],\"Cache-Control\":[\"max-age=0\"],\"Cookie\":[\"_ga=GA1.2.1459894290.1521357716; experimentation_subject_id=ImMyNGJhNGUxLWJmZmEtNGUyOC1iODA4LTU0NDczZTBkNjQyZCI%3D--2c756b4cef21c0872cce6f82b8ade18bfcbcf175; _fbp=fb.1.1591527514444.643587881; _fbc=fb.1.1600693021828.IwAR2LUlSk5fARQEz8uJz9y_tWZ7F0th7p7dqGEhDLGd7LWi7Zi38FBwiBaec; mp_a36067b00a263cce0299cfd960e26ecf_mixpanel=%7B%22distinct_id%22%3A%20%22173234909ce3d3-05f1d2b1d32e1f-4353760-140000-173234909d06f0%22%2C%22%24device_id%22%3A%20%22173234909ce3d3-05f1d2b1d32e1f-4353760-140000-173234909d06f0%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fwww.domain.be%2Fwp-admin%2Fupdate.php%3Faction%3Dupload-plugin%22%2C%22%24initial_referring_domain%22%3A%20%22www.domain.be%22%7D; _gid=GA1.2.1165212142.1622186899; oc_sessionPassphrase=0aIVd4u7X3D%2FzAD2LKJNbR5a3%2B%2BHSN509jQ2NovebKL5SiaIYgDtYjmER6ZoYRtjjNxlL0DncmkgrOAi9FpOBHNOu0S7ylgNoIqLrYPNGTvjwZh8e9DTYd4cdIZaDdIN; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true; ocpdo29osxkn=a0d09d27a1032acde7608eb5d0d92aa6; ochx1ncyvqdv=d48f1a5e346a5c128b029fc93a579d55\"],\"Sec-Ch-Ua\":[\"\\\" Not A;Brand\\\";v=\\\"99\\\", \\\"Chromium\\\";v=\\\"90\\\", \\\"Google Chrome\\\";v=\\\"90\\\"\"],\"Sec-Ch-Ua-Mobile\":[\"?0\"],\"Sec-Fetch-Dest\":[\"document\"],\"Sec-Fetch-Mode\":[\"navigate\"],\"Sec-Fetch-Site\":[\"none\"],\"Sec-Fetch-User\":[\"?1\"],\"Upgrade-Insecure-Requests\":[\"1\"],\"User-Agent\":[\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36\"],\"X-Forwarded-Host\":[\"nextcloud.domain.be\"],\"X-Forwarded-Port\":[\"443\"],\"X-Forwarded-Proto\":[\"https\"],\"X-Forwarded-Server\":[\"f7d8afd38a24\"],\"X-Real-Ip\":[\"10.0.0.2\"]},\"ContentLength\":0,\"TransferEncoding\":null,\"Host\":\"nextcloud.domain.be\",\"Form\":null,\"PostForm\":null,\"MultipartForm\":null,\"Trailer\":null,\"RemoteAddr\":\"10.0.0.2:25847\",\"RequestURI\":\"/index.php/login\",\"TLS\":null}"
My config is the following :
docker-compose
nextcloud-apache:
image: arm32v7/nextcloud:19.0.12-apache
volumes:
- /mnt/usb-disk1/nextcloud/data:/var/www/html
networks:
- proxy
environment:
- MYSQL_HOST=xxx
- MYSQL_PASSWORD=xxx
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=xxx
ports:
- 8080:80
deploy:
placement:
constraints:
- node.labels.type == vp
replicas: 1
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.routers.nginxnextcloud-http.entrypoints=web"
- "traefik.http.routers.nginxnextcloud-https.rule=Host(`nextcloud.domain.be`)"
- "traefik.http.routers.nginxnextcloud-http.middlewares=https-redirect"
- "traefik.http.middlewares.https-redirect.redirectScheme.scheme=https"
- "traefik.http.middlewares.https-redirect.redirectScheme.permanent=true"
- "traefik.http.routers.nginxnextcloud-https.entrypoints=websecure"
- "traefik.http.routers.nginxnextcloud-https.service=nginxnextcloud"
- "traefik.http.routers.nginxnextcloud-https.tls=true"
- "traefik.http.routers.nginxnextcloud-https.tls.certresolver=myresolver"
- "traefik.http.services.nginxnextcloud.loadbalancer.server.port=80"
- "traefik.http.routers.nginxnextcloud-https.middlewares=nextcloud2"
- "traefik.http.middlewares.nextcloud2.headers.stsSeconds=155520011"
- traefik.http.middlewares.nextcloud2.headers.stsIncludeSubdomains=true
- traefik.http.middlewares.nextcloud2.headers.stsPreload=true
- traefik.http.middlewares.nextcloud2.headers.contentTypeNosniff=true
- traefik.http.middlewares.nextcloud2.headers.browserXSSFilter=true
- traefik.http.middlewares.nextcloud2_redirect.redirectregex.permanent=true
- traefik.http.middlewares.nextcloud2_redirect.redirectregex.regex=/.well-known/(card|cal)dav
- traefik.http.middlewares.nextcloud2_redirect.redirectregex.replacement=/remote.php/dav/
config.php
<?php
$CONFIG = array (
âmemcache.localâ => â\OC\Memcache\APCuâ,
âapps_pathsâ =>
array (
0 =>
array (
âpathâ => â/var/www/html/appsâ,
âurlâ => â/appsâ,
âwritableâ => false,
),
1 =>
array (
âpathâ => â/var/www/html/custom_appsâ,
âurlâ => â/custom_appsâ,
âwritableâ => true,
),
),
âinstanceidâ => âochx1ncyvqdvâ,
âoverwriteprotocolâ => âhttpsâ,
âtrusted_proxiesâ =>
array (
0 => âtraefikâ,
1 => ânginxnextcloudâ,
2 => âlocalhostâ,
3 => ânginxâ,
4 => â10.0.1.0/8â,
5 => â172.0.0.0/8â
),
âdebugâ => âfalseâ,
âpasswordsaltâ => âxxxxxxxxxxxxxxxxxxxxxxxxxxâ,
âsecretâ => âxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxâ,
âtrusted_domainsâ =>
âtrusted_domainsâ =>
array (
0 => ânextcloud.domain.beâ,
),
âdatadirectoryâ => â/var/www/html/dataâ,
âdbtypeâ => âmysqlâ,
âversionâ => â19.0.12.0â,
âoverwrite.cli.urlâ => âhttps://nextcloud.domain.beâ,
âdbnameâ => ânextcloudâ,
âdbhostâ => âdbncâ,
âdbportâ => â3306â,
âdbtableprefixâ => âoc_â,
âmysql.utf8mb4â => true,
âdbuserâ => ânextcloudâ,
âdbpasswordâ => âxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxâ,
âinstalledâ => true,
âapp_install_overwriteâ =>
array (
0 => âcamerarawpreviewsâ,
1 => âfiles_ebookreaderâ,
2 => âfiles_readmemdâ,
),
âmaintenanceâ => false,
âloglevelâ => 0,
âthemeâ => ââ,
âlogfileâ => ânextcloud.logâ,
âlogdateformatâ => âF d, Y H:i:sâ,
);
Any help, tip, info is welcome
Thanks