Why does Nextcloud adds a new akamaitechnologies.com hostname to my server?

Hi,

I’ve recently noticed that whenever I launch my nextcloud docker container, I have an additional hostname (showing up with hostname -A) that reads a<container_IP>.deploy.static.akamaitechnologies.com. Why is that? What is the relation between Nextcloud and the CDN akamaitechnologies.com. Should I be worried?

Surprisingly, I wasn’t able to find any conclusive information on the forum or on Github.

[/details]

Nextcloud version : 26.0.1
Operating system and version : debian 11 (bullseye), Linux 5.10.0-23-amd64
PHP version: 8.1.19
(latest stable image available on dockerhub)

Steps to replicate it:

  1. pull the docker image from dockerhub and start the container
  2. run hostname -A

The output of config.php:

<?php
$CONFIG = array (
  'htaccess.RewriteBase' => '/',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' => 
  array (
    0 => 
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 => 
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' => 
  array (
    'host' => 'redis_nextcloud',
    'password' => '',
    'port' => 6379,
  ),
  'instanceid' => 'XXXX',
  'passwordsalt' => 'XXXXXX',
  'secret' => 'XXXXXX',
  'trusted_domains' => 
  array (
    0 => 'XXXXXXX',
  ),
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'mysql',
  'version' => '26.0.1.1',
  'overwrite.cli.url' => 'XXXXXXXXX',
  'overwriteprotocol' => 'https',
  'dbname' => 'nextcloud',
  'dbhost' => 'mariadb_nextcloud',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => 'XXXXXXXX',
  'installed' => true,
  'maintenance' => false,
  'theme' => '',
  'loglevel' => 2,
  'ffmpeg' => '/usr/bin/ffmpeg',
  'enable_previews' => true,
  'enabledPreviewProviders' => 
  array (
    0 => 'OC\\Preview\\PNG',
    1 => 'OC\\Preview\\JPEG',
    2 => 'OC\\Preview\\GIF',
    3 => 'OC\\Preview\\BMP',
    4 => 'OC\\Preview\\XBitmap',
    5 => 'OC\\Preview\\Movie',
    6 => 'OC\\Preview\\PDF',
    7 => 'OC\\Preview\\MP3',
    8 => 'OC\\Preview\\TXT',
    9 => 'OC\\Preview\\MarkDown',
    10 => 'OC\\Preview\\MP4',
  ),
  'memories.exiftool' => '/var/www/html/custom_apps/memories/exiftool-bin/exiftool-amd64-glibc',
  'memories.vod.path' => '/var/www/html/custom_apps/memories/exiftool-bin/go-vod-amd64',
  'memories.vod.ffmpeg' => '/usr/bin/ffmpeg',
  'memories.vod.ffprobe' => '/usr/bin/ffprobe',
);

Let me know if more information is necessary.

Thank you!

There are numerous Nextcloud images, including third party ones.

What Docker image, specifically, are you running?

I can’t replicate that at all with the ones I’m using and have handy.

Thanks for the help.
I’m using this precise one:
https://hub.docker.com/layers/library/nextcloud/26.0.1-apache/images/sha256-f9ea1a80d9fae963708f2a25e79dbb25ea01ca5d6699c16157ba3eaf6dc8bf2c?context=explore

If that helps (since after some more research, it might come from an app) here are the list of non-default apps I have installed on my instance:

  • preview-generator
  • memories
  • onlyoffice
  • notes
  • calendar

Actually I tried from scratch on another VM and I cannot reproduce the behavior…
However, I’m sure this akmaitechnologies.com hostname somehow comes from the nextcloud docker image because when I shutdown the container, the hostname disappears and reappears whenever I spawn it again. It also clearly contains the docker network IP on which nextcloud runs. Here’s a copy of the docker-compose.yml I use:

version: "3"
services:
  nextcloud:
    image: nextcloud
    container_name: nextcloud
    restart: unless-stopped
    environment:
      - MYSQL_HOST=mariadb_nextcloud
      - REDIS_HOST=redis_nextcloud
    depends_on:
      - mariadb_nextcloud
      - redis_nextcloud
    volumes:
      - ./nextcloud_data:/var/www/html
      - ./piwigo_data/www/gallery/galleries:/var/www/html/data/XXX/files/Photos/
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.nextcloud.rule=Host(`XXXXXX`)"
      - "traefik.docker.network=secure-proxy"
      - "traefik.http.routers.nextcloud.tls=true"
      - "traefik.http.routers.nextcloud.entrypoints=websecure"
    networks:
      nextcloud_network:
          ipv4_address: '172.226.0.XX'
      secure-proxy:
    extra_hosts:
      - "onlyoffice.XXXXX:172.226.0.XX"

  mariadb_nextcloud:
    image: mariadb:10.5
    container_name: mariadb_nextcloud
    restart: unless-stopped
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
    volumes:
      - ./db_data:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=XXXXXX
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_PASSWORD=XXXXXXXX
      - MARIADB_AUTO_UPGRADE=1
      - MARIADB_DISABLE_UPGRADE_BACKUP=1
    networks:
      nextcloud_network:
          ipv4_address: '172.226.0.XX'

  redis_nextcloud:
    image: redis:alpine
    container_name: redis_nextcloud
    restart: unless-stopped
    networks:
      nextcloud_network:
          ipv4_address: '172.226.0.XX'

  cron:
    image: nextcloud
    container_name: nextcloud_cron
    restart: unless-stopped
    volumes:
      - ./nextcloud_data:/var/www/html
    entrypoint: /cron.sh
    depends_on:
      - mariadb_nextcloud
      - redis_nextcloud
    networks:
      nextcloud_network:
          ipv4_address: '172.226.0.XX'

networks:
  nextcloud_network:
    driver: bridge
    name: nextcloud_network
    driver_opts:
      com.docker.network.bridge.name: br_nextcloud
    ipam:
      config:
        - subnet: 172.226.0.0/16
  secure-proxy:
    external: true



Update: I managed to figure it out:
I did make a mistake in the IP range in the network configuration. I used the range 172.226.XX.XX as you can see in the docker-compose.yml above and this address is beyond the reserved range for private IP addresses for 172.XX.XX.XX as described in more details here: Reserved IP addresses - Wikipedia

So, I ended up assigning IPs to my containers from a valid (and existing) public IP range that was reserved for akamaitechnologies.com. Upon reverse DNS, the hostname -A command would then simply return this erroneous host as it was attached to my docker containers. This lead to the confusion. So in the end, this problem is not specific to Nextcloud but could have happened with any other image.

Interesting problem I had never encountered before. Hope this helps anyone in the same situation!

1 Like