无法通过Docker和Nginx代理管理器在Nextcloud上设置反向代理头/ https

ckx4rj1h  于 12个月前  发布在  Docker
关注(0)|答案(1)|浏览(202)

我认为我可以忽略Nextcloud的这些警告:
上次后台作业执行是在22小时前。好像有点不对劲。检查后台作业设置。

  • 反向代理标头配置不正确,或者您正在从可信代理访问Nextcloud。如果没有,这是一个安全问题,可以允许攻击者欺骗他们的IP地址对Nextcloud可见。有关详细信息,请参阅文档。
  • 您正在通过安全连接访问示例,但示例正在生成不安全的URL。这很可能意味着您处于反向代理的后面,并且覆盖配置变量没有正确设置。请阅读有关此插件的文档页面。

然而,我的桌面客户端应用程序不会让我连接时,网站的工作,它说:“投票网址不开始与HTTPS尽管登录网址开始与HTTPS。无法登录,因为这可能是一个安全问题。请与管理员联系”。无论我输入http://cloud.mydomain.com还是https://cloud.mydomain.com,都会发生这种情况。我正在使用Docker,并且在自己的Docker容器上有Nginx代理管理器和Nextcloud,但它们在同一个nginx2_default网络上。我在web gui中将其作为通过端口80传递容器名称,因为443由于某种原因不起作用,但只要我只告诉Nginx代理管理器HTTP,仍然以SSL连接结束,但仍然通过cert。
我已经在这个问题上停留了一段时间,我已经做了很多不同的帖子,但每次都是不同的情况,这是我得到的最接近的,但我仍然以0功能结束。一定要简单。
我觉得在这里做一个gist会更容易,这样所有的docker-compose文件都可以访问,还有nextcloud的.htaccess和config文件,我也把docker输出放在那里。
我将粘贴下面最相关的文件,但更容易。/home/james/newNextcloud/config/config.php

'trusted_domains' =>    array (
    0 => 'cloud.[redacted].com',   ),   array ( 
    'trusted_proxies' => ['172.20.0.12'], 
    'overwritehost' => 'ssl-proxy.tld', 
    'overwriteprotocol' => 'https', 
    'overwritewebroot' => '/cloud.[redacted].com', 
    'overwritecondaddr' => '^172\.20\.0\.12$',    ),   'forwarded_for_headers' =>
    array (
      0 => 'X-Forwarded-For',
      1 => 'HTTP_X_FORWARDED_FOR',    ),   'datadirectory' => '/var/www/html/data',   'dbtype' => 'mysql',   'version' => '23.0.0.10',   'overwrite.cli.url' => 'https://cloud.[redacted].com',  'dbname' => 'nextcloud',   'dbhost' => 'nextcloud_db',   'dbport' => '',   'dbtableprefix' => 'oc_',   'mysql.utf8mb4' => true,   'dbuser'
=> '[redacted]',   'dbpassword' => '[redacted]',   'installed' => true,   'default_phone_region' => 'US',   'skeletondirectory' => '/var/www/html/fakeskeleton',

Docker输出:

docker ps -a  CONTAINER ID   IMAGE                             COMMAND CREATED       STATUS                 PORTS                             NAMES 7792ac3452db   nextcloud                         "/entrypoint.sh apac…"   2 hours ago   Up 2 hours             0.0.0.0:8080->80/tcp, :::8080->80/tcp, 0.0.0.0:8443->443/tcp, :::8443->443/tcp               nextcloud 8d5a1a2ebc05   nextcloud:fpm-alpine              "/cron.sh"  2 hours ago   Up 2 hours             9000/tcp                          nextcloud2_cron_1 64d024d6ff0c   redis:alpine                      "docker-entrypoint.s…"   2 hours ago   Up 2 hours             6379/tcp nextcloud2_redis_1 d1e40d50cd5f   mariadb                           "docker-entrypoint.s…"   2 hours ago   Up 2 hours             3306/tcp nextcloud_db 29fb4aa53f89   plexinc/pms-docker                "/init"  6 hours ago   Up 2 hours (healthy)   0.0.0.0:3005->3005/tcp, :::3005->3005/tcp, 0.0.0.0:8324->8324/tcp, :::8324->8324/tcp,
0.0.0.0:1900->1900/udp, :::1900->1900/udp, 0.0.0.0:32410->32410/udp, :::32410->32410/udp, 0.0.0.0:32400->32400/tcp, :::32400->32400/tcp,
0.0.0.0:32412-32414->32412-32414/udp, :::32412-32414->32412-32414/udp, 0.0.0.0:32469->32469/tcp, :::32469->32469/tcp   plex 236b0aba1a38   jc21/nginx-proxy-manager:latest   "/init"                  6 hours ago Up 2 hours             0.0.0.0:80-81->80-81/tcp, :::80-81->80-81/tcp,
0.0.0.0:443->443/tcp, :::443->443/tcp                                                                                                                                                                                                                                                                  npm-ui f81959067233   jc21/mariadb-aria:latest          "/scripts/run.sh"        6 hours ago   Up 2 hours             3306/tcp npm-db

docker container ls CONTAINER ID   IMAGE                             COMMAND                  CREATED       STATUS                 PORTS    NAMES 7792ac3452db   nextcloud                         "/entrypoint.sh apac…"   2 hours ago   Up 2 hours             0.0.0.0:8080->80/tcp, :::8080->80/tcp, 0.0.0.0:8443->443/tcp, :::8443->443/tcp               nextcloud 8d5a1a2ebc05   nextcloud:fpm-alpine              "/cron.sh"  2 hours ago   Up 2 hours             9000/tcp                          nextcloud2_cron_1 64d024d6ff0c   redis:alpine                      "docker-entrypoint.s…"   2 hours ago   Up 2 hours             6379/tcp nextcloud2_redis_1 d1e40d50cd5f   mariadb                           "docker-entrypoint.s…"   2 hours ago   Up 2 hours             3306/tcp nextcloud_db 29fb4aa53f89   plexinc/pms-docker                "/init"  6 hours ago   Up 2 hours (healthy)   0.0.0.0:3005->3005/tcp, :::3005->3005/tcp, 0.0.0.0:8324->8324/tcp, :::8324->8324/tcp,
0.0.0.0:1900->1900/udp, :::1900->1900/udp, 0.0.0.0:32410->32410/udp, :::32410->32410/udp, 0.0.0.0:32400->32400/tcp, :::32400->32400/tcp,
0.0.0.0:32412-32414->32412-32414/udp, :::32412-32414->32412-32414/udp, 0.0.0.0:32469->32469/tcp, :::32469->32469/tcp   plex 236b0aba1a38   jc21/nginx-proxy-manager:latest   "/init"                  6 hours ago Up 2 hours             0.0.0.0:80-81->80-81/tcp, :::80-81->80-81/tcp,
0.0.0.0:443->443/tcp, :::443->443/tcp                                                                                                                                                                                                                                                                  npm-ui f81959067233   jc21/mariadb-aria:latest          "/scripts/run.sh"        6 hours ago   Up 2 hours             3306/tcp npm-db

docker volume ls DRIVER    VOLUME NAME local     f6e0828f8a826cf3c8faa9f11b9cda279999f034a8d9e09cfac26bfa0ba9eb16


docker network ls NETWORK ID     NAME                 DRIVER    SCOPE 9cf4b1fc4f1b   bridge               bridge    local 78512dde6d1b   host                 host      local 135921ebe5b5   nextcloud2_default bridge    local 4e52bbf25209   nginx2_default       bridge    local 4de38ef5961d   none                 null      local

NextCloud Docker编写文件

version: '2.1'
 
networks:
 nginx2_default:
   external:
     name: nginx2_default
 
services:
  nextcloud:
    image: nextcloud
    container_name: nextcloud
    restart: always
    ports:
      - 8080:80
      - 8443:443
    networks:
      - nginx2_default
    links:
      - nextcloud_db
    volumes:
      - /home/james/newNextcloud:/var/www/html
      - /newRaid/Nextcloud:/var/www/html/data
    environment:
      - MYSQL_PASSWORD=[redacted]
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=[redacted]
      - MYSQL_HOST=nextcloud_db
      - APACHE_DISABLE_REWRITE_IP=1
  nextcloud_db:
    image: mariadb
    container_name: nextcloud_db
    restart: always
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --skip-innodb-read-only-compressed
    networks:
     - nginx2_default
    volumes:
      - /mnt/nextcloud:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=[redacted]
      - MYSQL_PASSWORD=[redacted]
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=[redacted]
  redis:
    image: redis:alpine
    restart: always  
  cron:
    image: nextcloud:fpm-alpine
    restart: always
    volumes:
      - /home/james/newNextcloud:/var/www/html
    entrypoint: /cron.sh
    depends_on:
      - nextcloud_db
      - redis

Nginx代理管理器docker-compose.yml

version: "3"
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: npm-ui
    restart: unless-stopped
    ports:
      # These ports are in format <host-port>:<container-port>
      - '80:80' # Public HTTP Port
      - '443:443' # Public HTTPS Port
      - '81:81' # Admin Web Port
        # - '32400:32400'  For Plex
      # Add any other Stream port you want to expose
      # - '21:21' # FTP
    environment:
      DB_MYSQL_HOST: "db"
      DB_MYSQL_PORT: 3306
      DB_MYSQL_USER: "[redacted]"
      DB_MYSQL_PASSWORD: "[redacted]"
      DB_MYSQL_NAME: "npm"
      # Uncomment this if IPv6 is not enabled on your host
      # DISABLE_IPV6: 'true'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
    networks:
      default:
        ipv4_address: 172.20.0.12
    depends_on:
      - db
 
  db:
    image: 'jc21/mariadb-aria:latest'
    container_name: npm-db
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: '[redacted]'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: '[redacted]'
      MYSQL_PASSWORD: '[redacted]'
    volumes:
      - ./data/mysql:/var/lib/mysql
    networks:
      default:
        ipv4_address: 172.20.0.22

networks:
  default:
    ipam:
      config:
        - subnet: 172.20.0.0/16
docker

1条答案

按热度按时间
mspsb9vt

mspsb9vt1#

所以你的文件帮我解决了这个问题,所以我会分享我的配置文件给你。

root@linux:/apps/nextcloud/app/config# vim config.php
<?php
$CONFIG = array (
  'htaccess.RewriteBase' => '/',
  'memcache.local'`` => '\\OC\\Memcache\\APCu',
  'apps_paths' =>
  array (
    0 =>
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 =>
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'instanceid' => 'ocsdfgfsdg5',
  'passwordsalt' => 'Wsdgsdfgsdfgsd2IO/nY',
  'secret' => 'Asdfgsdfgsdfgsdfg',
  'trusted_domains' =>
  array (
    0 => 'cloud.sdfgfdsgsfd.org',
   ),
  'trusted_proxies' =>
  array (
    0 => '10.1.5.124',
  ),
  'overwriteprotocol' => 'https',
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'mysql',
  'version' => '23.0.2.1',
  'overwrite.cli.url' => 'http://cloud.fsdghfgsdh.org',
  'dbname' => 'fghfdgsh',
  'dbhost' => 'fghjdfdg',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'dfhgfghdh',
  'dbpassword' => 'dfghfdgh',
  'installed' => true,
);
赞(0)分享  回复(0)举报  12个月前
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com