Run Nextcloud from Subdirectory #401
Comments
|
if I understood you correctly - you have to adjust your nextcloud configuration:
Look this: regards |
|
This is what I was looking for. Is there a way to set this setting via docker, or do I need to modify my version of the image? |
|
Depending on how you run the docker container. If you mount your filesystem in /var/www/html, for example, you don't need to rebuild the container. You can find the config file in the mounted directory. |
|
can you show us some example, I tried everything I could( 'overwritehost' => '', htaccess.RewriteBase' => , etc.), still failed. |
|
I had a similar problem and I have created a fix for this issue (Pull request : #527) that contains the an ENV variable NEXTCOULD_OVERWRITEWEBROOT to help define "subdirectories". Hope it helps, |
|
Hi, anything a do and every variable i use ( like i get a redirection to http://myserver/login except if a use the variable but in this case i have ERR_TOO_MANY_REDIRECTS error Is there something i missed ? Thank you |
|
Hi all! I too get the ERR_TOO_MANY_REDIRECTS error I've also tried fiddling with the PR #527 seems to have morphed into something different so not sure what the fix is for this as I can't get this to work either. What am I missing? John |
|
I've excatly the same issue and looking for a solution. |
|
Solution, for me, was to have all connections go via proxy when using If URL is used via web browser (local network) without reverse proxy => ERR_TOO_MANY_REDIRECTS Need to do more validation and testing, but looks good so far. nginx ymmv... Update: After moving data and re-using previous DB, Android client re-connected and resumed without any reconfiguration when connecting via proxy. Without going through the proxy, it does not work (at all), lots of errors and timeouts. I would suspect that 'overwritewebroot' not working when connecting directly is a bug, as per a number of posts here, and hopefully it gets fixed at some point. |
|
I tried everything, not working, by the way I use nextcloud docker image |
|
My configuration is almost the same. Inside the Docker container, I moved the nextcloud files from /var/www/html to /var/www/html/nextcloud Hope that helps, it seems that the command overwritewebroot does not affect the apache config. The problem with the container restart doesn't affect this config. After a restart there are new files in the /var/www/html folder of a "fresh" nextcloud installation copied. Here is are some lines of my config.php |
|
After almost giving up i did a final test and found the following to be working. the symlink is important because otherwise somehow the app does not look at the right path. Most likely configurations within the apache would be required, but i didnt want to modify these as i would have to mount those to my host system then. Anyways, hope that this helps for some of you! |
|
@StokeHead Many thanks! It seems |
|
@StokeHead @bakcsa83 thanks to you both but as i documented here i still cannot get Nextcloud served as root but from a subdirectory. it indeed looks like |
|
I found out later that there is a command that updates the However, the self-update feature did not work (in brand new image) so I just went back to lxc. |
|
thanks @bakcsa83 however i forgot to mention that i had already tried running the |
|
Same problem as in nextcloud/server#20338. We need help here, fumbling around inside the container is not the way to go. |
|
careful bump |
|
careless bump |
|
For anyone who "just wants it to work", i've been able to get it to work with a modified docker image: then just set Now what would be great is a env var to set the RewriteBase property EDIT: If the above doesn't work, open EDIT2: Or you can just use the (not gonna attach proxy.conf here, just have a look at their image) |
|
Thank you guys! I could get it working with my setup which also involves a traefik container as reverse proxy. Though I had a minor hickup on the way, namely that the web browser login form and the desktop client's authentication form froze but that can be fixed too as described in the following: These are the steps on how I got it working: 1.)Pull the image via a 2.)Start the containers, then in the nextcloud container the dircetory 3.)Then open nextcloud in a browser on your domain, register an admin user. Then config files got auto generated of which the next ones to modify are 4.)modify This step seems important as without it I get an 5.)Now it would work mostly already, except for the fact that the web login and client authentication form hang. This issue is discussed here: nextcloud/server#19091 and to fix it, add the following to Now it's all working fine. My current nextcloud version is 19 and traefik is v2.2 |
|
It worked for me using the following lines:
cloud_server:
environment:
- OVERWRITEWEBROOT=/cloudand 'htaccess.RewriteBase' => '/cloud',...and running Would be nice to have an env variable for PS.: Also @ettingshausen's link was very useful by adding |
|
@timonf Hi! I tried the 3 steps from your post
but the "docker-compose exec " command is not working for me.
Any idea? cheers |
This was a big help to me, I was experiencing redirect loops (HTTP 302) as soon as I added overwritewebroot in nextcloud's config.php and had my reverse proxy redirect to nextcloud for location /nextcloud instead of /. To enable the reverse proxy I follow the nextcloud docs: Then setup nginx as a reverse proxy as follows: The rewrite line was key here, I scowered a lot of guides & forums with similar setups, but this was the first time the rewrite was mentioned. |
|
Anyone care to help me out? I get constant 302s after creating my admin account, no matter what I do. Here's a post I was going to post to the forums, but it kept rejecting my post :/ Google proved to me the forums are useless anyway, this topic is on there constantly with zero responses. I am trying to setup nextcloud on a subdirectory (example.com/nextcloud). I can get to the initial setup screen (where I create an admin account), but after pressing enter after entering my new password, I can only get a 302 message on example.com/nextcloud. Here is my docker-compose.yml for nextcloud and its db, modified slightly from https://github.com/nextcloud/docker#base-version---fpm version: '2'
services:
db:
image: mariadb
restart: always
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
volumes:
- ./db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=ROOTPASS
- MYSQL_PASSWORD=PASS
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
app:
image: nextcloud:production-fpm-alpine
restart: always
links:
- db
ports:
- 9000:9000
volumes:
- ./app:/var/www/html
environment:
- MYSQL_PASSWORD=PASS
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=db
- OVERWRITEWEBROOT=/nextcloudI expose port 9000 since my nginx instance is in a different docker-compose.yml. It mounts the same .app directory at /var/www/html/nextcloud. Here is my config for nginx, modified from https://docs.nextcloud.com/server/stable/admin_manual/installation/nginx.html#nextcloud-in-a-subdir-of-the-nginx-webroot server {
listen DOCKERHOST:443 ssl http2;
# listen [::]:443 ssl http2;
# snippet sets certs
include snippets/domain_example.com.conf;
server_name example.com www.example.com *.example.com;
root /var/www;
# snippets set ssl configs, "custom" errors, security.txt
include snippets/https.conf;
include snippets/errors.conf;
include snippets/security.txt.conf;
location /.well-known {
# The following 6 rules are borrowed from `.htaccess`
rewrite ^/\.well-known/host-meta\.json /nextcloud/public.php?service=host-meta-json last;
rewrite ^/\.well-known/host-meta /nextcloud/public.php?service=host-meta last;
rewrite ^/\.well-known/webfinger /nextcloud/public.php?service=webfinger last;
rewrite ^/\.well-known/nodeinfo /nextcloud/public.php?service=nodeinfo last;
location = /.well-known/carddav { return 301 /nextcloud/remote.php/dav/; }
location = /.well-known/caldav { return 301 /nextcloud/remote.php/dav/; }
try_files $uri $uri/ =404;
}
location ^~ /nextcloud {
# set max upload size
client_max_body_size 512M;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Pagespeed is not supported by Nextcloud, so if your server is built
# with the `ngx_pagespeed` module, uncomment this line to disable it.
#pagespeed off;
# HTTP response headers borrowed from Nextcloud `.htaccess`
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# Specify how to handle directories -- specifying `/nextcloud/index.php$request_uri`
# here as the fallback means that Nginx always exhibits the desired behaviour
# when a client requests a path that corresponds to a directory that exists
# on the server. In particular, if that directory contains an index.php file,
# that file is correctly served; if it doesn't, then the request is passed to
# the front-end controller. This consistent behaviour means that we don't need
# to specify custom rules for certain paths (e.g. images and other assets,
# `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
# `try_files $uri $uri/ /nextcloud/index.php$request_uri`
# always provides the desired behaviour.
index index.php index.html /nextcloud/index.php$request_uri;
# Rule borrowed from `.htaccess` to handle Microsoft DAV clients
location = /nextcloud {
if ( $http_user_agent ~ ^DavClnt ) {
return 302 /nextcloud/remote.php/webdav/$is_args$args;
}
}
# Rules borrowed from `.htaccess` to hide certain paths from clients
location ~ ^/nextcloud/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
location ~ ^/nextcloud/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
# Ensure this block, which passes PHP files to the PHP process, is above the blocks
# which handle static assets (as seen below). If this block is not declared first,
# then Nginx will encounter an infinite rewriting loop when it prepends
# `/nextcloud/index.php` to the URI, resulting in a HTTP 500 error response.
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
fastcgi_param front_controller_active true; # Enable pretty urls
fastcgi_pass DOCKERHOST:9000;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ \.(?:css|js|svg|gif)$ {
try_files $uri /nextcloud/index.php$request_uri;
expires 6M; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
}
location ~ \.woff2?$ {
try_files $uri /nextcloud/index.php$request_uri;
expires 7d; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
}
location /nextcloud {
try_files $uri $uri/ /nextcloud/index.php$request_uri;
}
}
}At this point, I've done what the docs say to do, and get a 404, presented to the client and also logged on the Nextcloud container:
Then, I try #401 (comment). ln -s /var/www/html/ /var/www/nextcloud
chown www-data:root -h /var/www/nextcloudAfter the above, (I used /var/www/nextcloud instead of /var/www/html/nextcloud because the nextcloud site docs used /var/www as the root instead of /var/www. Doing it any other way continues 404s). So, I get a one time success! I am presented with a screen to create an admin (this shows I'm getting the styles/assets from my proxy). I create an account, and then configuration files are generated (Showing my proxy is reaching the nextcloud server correctly). But... Now I just constantly get 302s! Performing the rest of the steps in the github link doesn't change the constant 302s (that also log on nextcloud). After step 3 of the linked comment, my config.php that was generated looks like this: <?php
$CONFIG = array (
'memcache.local' => '\\OC\\Memcache\\APCu',
'apps_paths' =>
array (
0 =>
array (
'path' => '/var/www/html/apps',
'url' => '/apps',
'writable' => false,
),
1 =>
array (
'path' => '/var/www/html/custom_apps',
'url' => '/custom_apps',
'writable' => true,
),
),
'overwritewebroot' => '/nextcloud',
'instanceid' => 'REDACTED',
'passwordsalt' => 'REDACTED',
'secret' => 'REDACTED',
'trusted_domains' =>
array (
0 => 'example.com',
),
'datadirectory' => '/var/www/html/data',
'dbtype' => 'mysql',
'version' => '20.0.9.1',
'overwrite.cli.url' => 'https://example.com/nextcloud',
'dbname' => 'nextcloud',
'dbhost' => 'db',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'nextcloud',
'dbpassword' => 'PASS',
'installed' => true,
);My .htaccess (after manually adding the rewritebase line) <IfModule mod_headers.c>
<IfModule mod_setenvif.c>
<IfModule mod_fcgid.c>
SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
</IfModule>
<IfModule mod_proxy_fcgi.c>
SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1
</IfModule>
</IfModule>
<IfModule mod_env.c>
# Add security and privacy related headers
# Avoid doubled headers by unsetting headers in "onsuccess" table,
# then add headers to "always" table: https://github.com/nextcloud/server/pull/19002
Header onsuccess unset Referrer-Policy
Header always set Referrer-Policy "no-referrer"
Header onsuccess unset X-Content-Type-Options
Header always set X-Content-Type-Options "nosniff"
Header onsuccess unset X-Download-Options
Header always set X-Download-Options "noopen"
Header onsuccess unset X-Frame-Options
Header always set X-Frame-Options "SAMEORIGIN"
Header onsuccess unset X-Permitted-Cross-Domain-Policies
Header always set X-Permitted-Cross-Domain-Policies "none"
Header onsuccess unset X-Robots-Tag
Header always set X-Robots-Tag "none"
Header onsuccess unset X-XSS-Protection
Header always set X-XSS-Protection "1; mode=block"
SetEnv modHeadersAvailable true
</IfModule>
# Add cache control for static resources
<FilesMatch "\.(css|js|svg|gif)$">
Header set Cache-Control "max-age=15778463"
</FilesMatch>
# Let browsers cache WOFF files for a week
<FilesMatch "\.woff2?$">
Header set Cache-Control "max-age=604800"
</FilesMatch>
</IfModule>
<IfModule mod_php7.c>
php_value mbstring.func_overload 0
php_value default_charset 'UTF-8'
php_value output_buffering 0
<IfModule mod_env.c>
SetEnv htaccessWorking true
</IfModule>
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} DavClnt
RewriteBase /nextcloud
RewriteRule ^$ /remote.php/webdav/ [L,R=302]
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule ^\.well-known/host-meta /public.php?service=host-meta [QSA,L]
RewriteRule ^\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L]
RewriteRule ^\.well-known/webfinger /public.php?service=webfinger [QSA,L]
RewriteRule ^\.well-known/nodeinfo /public.php?service=nodeinfo [QSA,L]
RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
RewriteRule ^remote/(.*) remote.php [QSA,L]
RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
RewriteCond %{REQUEST_URI} !^/\.well-known/(acme-challenge|pki-validation)/.*
RewriteRule ^(?:\.|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>
<IfModule mod_mime.c>
AddType image/svg+xml svg svgz
AddEncoding gzip svgz
</IfModule>
<IfModule mod_dir.c>
DirectoryIndex index.php index.html
</IfModule>
AddDefaultCharset utf-8
Options -Indexes
<IfModule pagespeed_module>
ModPagespeed Off
</IfModule>
#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####
ErrorDocument 403 /nextcloud/
ErrorDocument 404 /nextcloud/ |
|
So if I understand correctly you have an Nginx reverse proxy in one docker container and nextcloud in another? In that case, I notice you don't have any nextcloud configuration for the reverse proxy (see my previous post, the one before yours). I have set up an Nginx reverse proxy on one machine, pointing /nextcloud to a docker container on another. I didn't need to change .htaccess or create a symlink, only change the nextcloud config for reverse proxy per the docs and correctly rewrite the url with the proxy configuration in Nginx (reverse proxy, not nextclouds own Nginx instance). P.S. Rereading your comment I'm starting to think you're trying to run nextcloud through Nginx in a different container (judging from your volume mounts), which would be very weird as the nextcloud container hosts its own Nginx instance. Is this the case? |
|
I am using the fpm image, which does not have its own nginx instance. Adding trusted proxies docker environment variable (which adds it to the config) doesn't change the behavior. |
|
Right, if you're just running the single nginx instance you don't need the reverse proxy config. I was misguided because you mentioned 'proxy' in your comment, but in your case it's just a single nginx hosting the files from within the nextcloud container. Have you checked the logs of nginx to find any clue as to why throws 302? |
|
Nginx logs: Nextcloud logs: I don't really see anything else unfortunately. I will try to see if maybe there's a higher level of logging for nextcloud. |
|
Alright, it was custom 301/302 responses on nginx breaking it. That's why everything looks completely errorless. |
|
An updated image has broken this =/ |
|
What stopped the "This page isn't redirecting correctly" error for me was: //config.php
<?php
$CONFIG = array (
'htaccess.RewriteBase' => '/',
'overwriteprotocol' => 'https',
'overwritehost' => 'mysubdomain.mywebsite.com', //you can obviously use just mywebsite.com
'overwritewebroot' => '/nextcloud',
// ... defaults hereNote: I did not apply the RewriteBase /nextcloud fix recommended above The most important part here is pobably the Adding the |
This one (which is almost the same as many other tutorials posted here) is working for me. |
One thing worth mentioning here is that the actual config used are gathered from |
|
Maybe a stupid question but why does the official docker image default to It seems to me like a lot of issues stems from this discrepancy. I am basing my setup on the following example from this repo and I have been struggling to set nextcloud to run in subdir. I have managed to get it to work for the most part but I cannot use occ as it still points to I have spent a bunch of time today clearing volumes and rebuilding images from docker compose trying to get a fresh installation to go to |
|
Because I also faced this problem, here's what worked for me on docker + nextcloud:25.0-apache.
And that's it. Now nextcloud should be accessible on |
|
i am struggling with the same question. could anyone please help an get a working updated version here? i tried that Docker- Image: https://github.com/nextcloud/docker/tree/master/.examples/docker-compose/with-nginx-proxy/postgres/fpm Then i want to move this installation to /nextcloud subdirectory and add some new Service to the top- page of a different docker-image. I tried to use in .yaml / web: than set in nextcloud config.php: That way, the server works with the given subdirectory basically (nextcloud page shows). I know, there are a lot of options above, but i either could not find them in my setup, or they would not work. But first i do not understand how to add different services to that configuration. I would expect the nginx- proxy to be configured to redirect / to another container-service. But i have not found a config file for the proxy. How do i do that with this setup? (BTW i don't want to move files in /var/www/html to /var/www/html/nextcloud as this may destroy data in the future as described by some users). Second - maybe related to this: .wellknown won't work and either redirects to non-subdirectory (webfinger) or to nothing (caldav, carddav). So where to adjust those links now? Maybe just a hint missing how to configure nging- proxy in that setup. Last, there is a strange error accessing many links, e.g. webdav will not work at all and files cannot be accessed at all. The error message ist like: "Requested uri (/nextcloud/remote.phpp/webdav) is out of base uri (/nextcloud/remote.php/webdav/)" There seems to be a "p" inserted in remote.phpp, which wont work, making t impossible to access files at all. Could anybody explain how to do this right? |
joshtrichards
added
examples
|
Let me also add my problems to this thread: I am in the progress from nginx (on the host) to traefik (in docker) as rev-proxy. My nextcloud is running in a subdir because of historical reasons. For now I would like to keep it like that to not break calendar-URLs etc ( think "wife acceptance factor" here ... wife and phone away right now because of holidays etc). I fiddle with various settings and don't get it working. configsnc docker-composenc config.phpYes, some redundancy there because of my fiddling. Whenever I access https://oc.oops.co.at/nextcloud I get a nc-page saying "page not found" and 404-errors in traefik logs Is it maybe related to PHP? Do I need the FPM-image maybe .. now that nginx with fpm isn't in place anymore? EDIT: some more observations: tried to access the nc-container from the shell: So there is some http->https redirection tried here. EDIT 2: current state: SOLVED by following https://community.traefik.io/t/https-routing-404-page-not-found-docker-file/19561/9 |
|
@StokeHead @m00nwtchr @SteffRhes @dstroinski I have tried all variants of these symlink solutions and in versions like 25 it works but in 28 or 29 it doesn't work? Does anyone know why? Seems like a regression The errors in the screenshot occur just when I click on a file, as in this case, an image. Errors on the server:
|
joshtrichards
added
needs review
|
There is no need to move files around in the image or do anything weird. All that is needed:
See #2276 for a working example for reverse proxies { Caddy or Nginx } with the FPM image. |
|
Closing since there's nothing left to do here. If we opt to add any formal documentation (TBD), it'll be tracked through #2276. If anyone wishes to test the configurations noted in that Issue, please do so there. |
and others
How do you tell nextcloud that it's in a sub-directory? Currently each service on my machine is in its own docker instance, and I use Traefik to expose them to different sub-directories on my server:
mydomain/service1
mydomain/service2
Current Behaviour
all links are "/index.php/*"
Desired Behavior
all links are "/nextcloud/index.php/*"
The text was updated successfully, but these errors were encountered: