nginx 進行 https 反向代理 nextcloud 後 APP 不能訪問的解決辦法

litte_frog發表於2020-11-28
NginxHTTPCloudAPP

問題描述:

nextcloud 執行在 docker 中,之前一直是通過 http 協議 ip 埠方式訪問沒有問題。
修改為 nginx 反向代理並設定為 https 協議訪問後,手機 app 和 pc 端均不能訪問。

解決辦法:

修改 nextcloud 配置檔案,在 /var/www/html/config 目錄下的 config.php,新增如下內容

'overwriteprotocol' => 'https',

修改完不需要重啟。

配置檔案(參考)

nginx配置如下:

server {
    listen      80;   
    server_name 個人域名;
    return 301 https://$server_name$request_uri;
}
server {
  listen       443 ssl;
  server_name  個人域名;
 
  ssl_certificate      /home/nginx/ssl/4834759_cloud.wo66.cc.pem;
  ssl_certificate_key  /home/nginx/ssl/4834759_cloud.wo66.cc.key;
 
  ssl_session_cache    shared:SSL:1m;
  ssl_session_timeout  5m;
  ssl_protocols        TLSv1 TLSv1.1 TLSv1.2; 
  ssl_ciphers          ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
  ssl_prefer_server_ciphers  on;
  
  
  add_header X-Content-Type-Options nosniff;
  add_header X-XSS-Protection "1; mode=block";
  add_header X-Robots-Tag none;
  add_header X-Download-Options noopen;
  add_header X-Permitted-Cross-Domain-Policies none;
  add_header Strict-Transport-Security "max-age=15768000";
 
   
  location = /.well-known/carddav {
      return 301 $scheme://$host/remote.php/dav;
  }
  location = /.well-known/caldav {
      return 301 $scheme://$host/remote.php/dav;
  }
  
  client_max_body_size 512M;
  fastcgi_buffers 64 4K;
 
  gzip on;
  gzip_vary on;
  gzip_comp_level 3;
  gzip_min_length 1024;
  gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
  gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; 
 
  location / {
      # proxy_http_version 1.1;
      proxy_buffering off;
      proxy_set_header Host $http_host;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      # proxy_redirect off;
      proxy_pass http://localhost:8088;
  }
}

config.php

<?php
$CONFIG = array (
  'htaccess.RewriteBase' => '/',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' => 
  array (
    0 => 
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 => 
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'instanceid' => 'ocw62342d2k88i',
  'passwordsalt' => 'BV+nOt7p2342ahvRnjGCv+GUZKq',
  'secret' => 'SRpMeX8N3VJWD433232YH6SL3B852G9CWlqKedK9fLXA',
  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 => '個人的域名',
  ),
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'mysql',
  'version' => '20.0.1.1',
  'overwrite.cli.url' => 'http://127.0.0.1:8088',
  'overwriteprotocol' => 'https',
  'dbname' => 'nextcloud',
  'dbhost' => 'mysql',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'oc_admin',
  'dbpassword' => 'rLJQWt2U9KF4242342C9FZjbSYr',
  'installed' => true,
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' => 
  array (
    'host' => 'redis',
    'port' => 6379,
  ),
);

相關文章