I’m running OwnCloud in Docker and have setup NGinx as a reverse proxy. This works perfectly for all my other services, but OwnCloud keeps throwing the untrusted domain error. I’ve edited the config.php file to add my exampledemain.com but no dice. Does anybody know what I need to do?
Oof. That’s bad news. I don’t have that bit of kit on my setup though. Luckily.
…I thought you just said you’re running OwnCloud?
Yeah but the report says the vulnerability is related to graphapi which doesn’t seem to be a part of all OwnCloud installations. I can’t see it on mine either.
in nginx:
server { ... location / { ... proxy_pass https://redacted.......; proxy_pass_request_headers on; proxy_pass_header Set-Cookie; proxy_set_header HOST $host; proxy_set_header Referer $http_referer; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; ... } }
I think the was a trusted proxy setting in owncloud itself that needed to be set too, or maybe I’m thinking of another service.
Thanks a lot. Whereabouts do I add it to Nginx? Do I need to do this through the dashboard for the proxy host or is there something in docker that I need to add?
proxy_pass https://
Thanks. I found it, but still borked. Need to do some digging. Strange things are afoot at the Circle K …
Sounds like you’re using nginx proxy Manager, a web based frontend for nginx. If so, you have to edit your existing host, change to custom locations, add one with “/” as the address and the same containername and port. Then click the cogwheel in this entry to open a text box for custom rules. You can paste the following lines into there:
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
Thanks a lot. I’m still getting trusted domain errors. Obviously need to have a dig around.
I configure nginx with text condig files.
No clue how or where that is in your setup, but presumably somewhere where you configure the proxypass and server names.
If you’re hosting via docker, I highly recommend deploying a Traefik container as it is a phenomenal reverse proxy to pair with containerized hosting
Thanks for the rec. I’ve got all my stuff running through NPM and am loath to change it just for this one (annoying) thing!
What are the advantages over Nginx Proxy Manager?
What env vars are you using for the docker and what’s in the config.php?
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters HTTP Hypertext Transfer Protocol, the Web IP Internet Protocol nginx Popular HTTP server
2 acronyms in this thread; the most compressed thread commented on today has 10 acronyms.
[Thread #312 for this sub, first seen 29th Nov 2023, 21:55] [FAQ] [Full list] [Contact] [Source code]
You need to forward the real IP from nginx.
I’ll upload an example when I get off workNot familiar with owncloud.
But can’t you set something like “http://127.0.0.1” as domain?
Yeah see I’m not even sure what the env vars are. I’m running it with docker-compose and the only alterations I’ve made to anything are to add my IP address to the config file in the trusted domains array. That’s definitely where it needs to go because if I take it out then it flops hard.
Ah, thank-you so much!
New Lemmy Post: OwnCloud and NGinx = untrusted domain = sadface (https://lemmy.world/post/8927688)
Tagging: #SelfHosted(Replying in the OP of this thread (NOT THIS BOT!) will appear as a comment in the lemmy discussion.)
I am a FOSS bot. Check my README: https://github.com/db0/lemmy-tagginator/blob/main/README.md