Replies: 1 comment
-
The The error you see means that Nextcloud is receiving a proxy header (the de-facto standard header ‘X-Forwarded-For), Nginx-proxy is setting that but no trusted proxy is set in the Nextcloud config. In the Nextcloud Docs I see you can set: You need to set it as ip which can be hard, as Docker assigns a random ip from multiple pools everytime you bring the compose up. You can find the ip of the nginx-proxy container by executing So then I should set environment:
- TRUSTED_PROXIES=172.21.0.8 In your case ip will be different! just for example! But after a restart the ip can change. environment:
- TRUSTED_PROXIES=172.21.0.0/16 This will trust all ip's in the 172.21.. range. But again, your container will probably be in a different subnet. If you want to trust all ip's Docker uses by default you can do something like: environment:
- TRUSTED_PROXIES=172.17.0.0/16 172.18.0.0/16 172.19.0.0/16 172.20.0.0/14 172.24.0.0/14 172.28.0.0/14 192.168.0.0/16 (untested and google list of Docker default subnets) Full example for you to trust all known Docker subnets CIDR notation: click meservices:
nginx-proxy:
container_name: nginx-proxy
image: nginxproxy/nginx-proxy:1.5.1
ports:
- 80:80
- 443:443
volumes:
- vhost.d:/etc/nginx/vhost.d
- ./certs:/etc/nginx/certs:ro
- html:/usr/share/nginx/html
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./conf.d/client_max_body_size.conf:/etc/nginx/conf.d/client_max_body_size.conf:ro
environment:
- ENABLE_HTTP3=true
- TRUST_DOWNSTREAM_PROXY=true
restart: always
nextcloud:
image: nextcloud:28.0.5
hostname: cloud
environment:
- VIRTUAL_HOST=cloud.MYDOMAIN
- LETSENCRYPT_HOST=cloud.MYDOMAIN
- LETSENCRYPT_EMAIL=admin@MYDOMAIN
- LC_ALL=C.UTF-8
- LANG=C.UTF-8
- TRUSTED_PROXIES=172.17.0.0/16 172.18.0.0/16 172.19.0.0/16 172.20.0.0/14 172.24.0.0/14 172.28.0.0/14 192.168.0.0/16
volumes:
- ./nextcloud:/var/www/html
- ./data:/var/www/html/data
networks:
- default
links:
- db:db
restart: always |
Beta Was this translation helpful? Give feedback.
-
I have NextCloud in docker. Currently NC wrote alert on Administration page
I've checked NC configuration, tried TRUST_DOWNSTREAM_PROXY in docker-compose Env but still have this nervous error.
How can I fix it?
Current docker-compose configuration
Beta Was this translation helpful? Give feedback.
All reactions