[GH-ISSUE #282] No redirect with Nexcloud using https #251

New issue

Closed

opened 2026-02-26 06:31:46 +03:00 by kerem · 6 comments

kerem commented 2026-02-26 06:31:46 +03:00

Owner

Copy link

Originally created by @MarAlMe on GitHub (Jan 27, 2020).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/282

I use the proxy manager for several web applications. All can be reached internally in the network via http and are made accessible via the proxy manager via https.
When I go to the Nextcloud page, the logon screen appears, but nothing happens after that. If I refresh the page, I will be forwarded to my files, etc.

When I go to the Nextcloud page via http both internally and externally, the forwarding works without any problems after login. Other web applications do not have this problem. I have already tried to enter the IP of the proxy manager (same host, all services run as docker container) in the config.php of the Nextcloud under trusted_proxies, unfortunately without success.

Originally created by @MarAlMe on GitHub (Jan 27, 2020). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/282 I use the proxy manager for several web applications. All can be reached internally in the network via http and are made accessible via the proxy manager via https. When I go to the Nextcloud page, the logon screen appears, but nothing happens after that. If I refresh the page, I will be forwarded to my files, etc. When I go to the Nextcloud page via http both internally and externally, the forwarding works without any problems after login. Other web applications do not have this problem. I have already tried to enter the IP of the proxy manager (same host, all services run as docker container) in the config.php of the Nextcloud under trusted_proxies, unfortunately without success.

kerem closed this issue 2026-02-26 06:31:46 +03:00

kerem commented 2026-02-26 06:31:46 +03:00

Author

Owner

Copy link

@jc21 commented on GitHub (Jan 27, 2020):

Are you proxying with SSL?
Is the Websocket option turned on for this proxy host?
Is nextcloud also running with SSL?
What version/docker image of nextcloud are you using?
Are there any Javascript console errors after logging in?

I don't use nextcloud but I just spun up a fresh instance, using NPM for SSL termination and pure http for the nextcloud instance. I ran through the setup process no problem, then logged out and now the login won't let me in with my 100% valid password. Even with the wrong credentials it is doing the same thing, redirecting me back to login. Unlike you though, my refresh doesn't get me in.

<!-- gh-comment-id:579010283 --> @jc21 commented on GitHub (Jan 27, 2020): Are you proxying with SSL? Is the Websocket option turned on for this proxy host? Is nextcloud also running with SSL? What version/docker image of nextcloud are you using? Are there any Javascript console errors after logging in? I don't use nextcloud but I just spun up a fresh instance, using NPM for SSL termination and pure http for the nextcloud instance. I ran through the setup process no problem, then logged out and now the login won't let me in with my 100% valid password. Even with the wrong credentials it is doing the same thing, redirecting me back to login. Unlike you though, my refresh doesn't get me in.

kerem commented 2026-02-26 06:31:46 +03:00

Author

Owner

Copy link

@MarAlMe commented on GitHub (Jan 28, 2020):

I´ve configured the NPM as shown:

I using the latest Version of Docker and Nextcloud (i reinstalled the Server two weeks ago).
I get this, when i try to login:

And this, after i reload the site:

I started and configured the Nextcloud Container befor i had run the NPM Container. Today i had run an complete new Nexcloud Container and make the setup over the external https Url, but i got the same behavior.
In the past I had configured a Nginx as a proxy and the login worked without any problems. Since I don't want to write different .conf files again, I wanted to use the NPM.

<!-- gh-comment-id:579438085 --> @MarAlMe commented on GitHub (Jan 28, 2020): I´ve configured the NPM as shown:   I using the latest Version of Docker and Nextcloud (i reinstalled the Server two weeks ago). I get this, when i try to login:  And this, after i reload the site:  I started and configured the Nextcloud Container befor i had run the NPM Container. Today i had run an complete new Nexcloud Container and make the setup over the external https Url, but i got the same behavior. In the past I had configured a Nginx as a proxy and the login worked without any problems. Since I don't want to write different .conf files again, I wanted to use the NPM.

kerem commented 2026-02-26 06:31:46 +03:00

Author

Owner

Copy link

@jc21 commented on GitHub (Jan 29, 2020):

Interesting that the login request shows as cancelled. That config all looks ok but I would probably turn off caching assets, in case these third party apps somehow change their images or js between requests. It's uncommon but worth a try.

Do you have your old nginx config, we might be able to compare options?

<!-- gh-comment-id:579574214 --> @jc21 commented on GitHub (Jan 29, 2020): Interesting that the login request shows as cancelled. That config all looks ok but I would probably turn off caching assets, in case these third party apps somehow change their images or js between requests. It's uncommon but worth a try. Do you have your old nginx config, we might be able to compare options?

kerem commented 2026-02-26 06:31:46 +03:00

Author

Owner

Copy link

@MarAlMe commented on GitHub (Jan 29, 2020):

Without caching assets i got no luck. Yeah, here´s my old config:

server {
listen 80;
listen [::]:80;
server_name my.domain.tld;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name my.domain.tld;
#SSL
ssl_certificate /etc/letsencrypt/live/my.domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/my.domain.tld/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
ssl_prefer_server_ciphers on;
ssl_session_cache off;
ssl_session_timeout 10m;
#HSTS
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
#Webroot
root /usr/share/nginx/my.domain.tld;
index index.php index.htm index.html;
#Synchronisations-URLs CalDAV- und CardDAV
location /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
#Agents/Bots ohne Kennzeichnung blockieren
if ($http_user_agent = "") {
return 444;
}
#Agents/Bots blockieren
if ($bot = 1) {
return 444;
}
#Nur die HTTP Methoden erlauben, welche auch wirklich gebraucht werden
if (request_method !~ ^(DELETE|GET|HEAD|MKCOL|MOVE|OPTIONS|POST|PROPFIND|PROPPATCH|PUT|REPORT))
{
return 444;
}
#Weiterleitung
location / {
proxy_pass http://111.222.333.44:1234;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
#Uploadlimit deaktivieren
client_max_body_size 0;
}
}

<!-- gh-comment-id:579970280 --> @MarAlMe commented on GitHub (Jan 29, 2020): Without caching assets i got no luck. Yeah, here´s my old config: >server { listen 80; listen [::]:80; server_name my.domain.tld; return 301 https://$server_name$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name my.domain.tld; #SSL ssl_certificate /etc/letsencrypt/live/my.domain.tld/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/my.domain.tld/privkey.pem; ssl_protocols TLSv1.2; ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256; ssl_prefer_server_ciphers on; ssl_session_cache off; ssl_session_timeout 10m; #HSTS add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; #Webroot root /usr/share/nginx/my.domain.tld; index index.php index.htm index.html; #Synchronisations-URLs CalDAV- und CardDAV location /.well-known/carddav { return 301 $scheme://$host/remote.php/dav; } location /.well-known/caldav { return 301 $scheme://$host/remote.php/dav; } #Agents/Bots ohne Kennzeichnung blockieren if ($http_user_agent = "") { return 444; } #Agents/Bots blockieren if ($bot = 1) { return 444; } #Nur die HTTP Methoden erlauben, welche auch wirklich gebraucht werden if ($request_method !~ ^(DELETE|GET|HEAD|MKCOL|MOVE|OPTIONS|POST|PROPFIND|PROPPATCH|PUT|REPORT)$) { return 444; } #Weiterleitung location / { proxy_pass http://111.222.333.44:1234; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $host; #Uploadlimit deaktivieren client_max_body_size 0; } }

kerem commented 2026-02-26 06:31:46 +03:00

Author

Owner

Copy link

@damianog commented on GitHub (Mar 27, 2020):

Have a look at #340 and try if it solve this issue too?

<!-- gh-comment-id:604896918 --> @damianog commented on GitHub (Mar 27, 2020): Have a look at #340 and try if it solve this issue too?

kerem commented 2026-02-26 06:31:46 +03:00

Author

Owner

Copy link

@MarAlMe commented on GitHub (Apr 19, 2020):

Adding 'overwriteprotocol' => 'https' to Nextcloud's config.php solved the problem.

<!-- gh-comment-id:616222039 --> @MarAlMe commented on GitHub (Apr 19, 2020): Adding 'overwriteprotocol' => 'https' to Nextcloud's config.php solved the problem.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

dependabot/npm_and_yarn/backend/liquidjs-10.25.7

dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987

dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41

dependabot/npm_and_yarn/backend/basic-ftp-5.3.0

dependabot/npm_and_yarn/test/follow-redirects-1.16.0

dependabot/npm_and_yarn/test/axios-1.15.0

dependabot/npm_and_yarn/frontend/lodash-4.18.1

dependabot/npm_and_yarn/backend/lodash-4.18.1

dependabot/npm_and_yarn/test/lodash-4.18.1

dependabot/npm_and_yarn/frontend/vite-7.3.2

dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21

dependabot/npm_and_yarn/frontend/lodash-es-4.18.1

dependabot/npm_and_yarn/frontend/happy-dom-20.8.9

dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0

dependabot/npm_and_yarn/frontend/picomatch-4.0.4

dependabot/npm_and_yarn/backend/picomatch-2.3.2

dependabot/npm_and_yarn/frontend/yaml-1.10.3

dependabot/npm_and_yarn/test/flatted-3.4.2

dependabot/npm_and_yarn/test/tar-7.5.11

dependabot/npm_and_yarn/frontend/immutable-5.1.5

master

dependabot/npm_and_yarn/test/glob-10.5.0

dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1

dependabot/npm_and_yarn/test/form-data-4.0.4

v3-abandoned

bump-freedns

openidc

ssl-passthrough-hosts

static-content

v2.14.0

v2.13.7

v2.13.6

v2.13.5

v2.13.4

v2.13.3

v2.13.2

v2.13.1

v2.13.0

v2.12.6

v2.12.5

v2.12.4

v2.12.3

v2.12.2

v2.12.1

v2.12.0

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.22

v2.9.21

v2.9.20

v2.9.19

v2.9.18

v2.9.17

v2.9.16

v2.9.15

v2.9.14

v2.9.13

v2.9.12

v2.9.11

v2.9.10

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.8.1

v2.8.0

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.2

v2.6.1

v2.6.0

v2.5.0

v2.4.0

v2.3.1

v2.3.0

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.2

v2.1.1

v2.1.0

2.0.14

2.0.13

2.0.12

2.0.11

2.0.10

2.0.9

2.0.8

2.0.7

2.0.6

2.0.5

2.0.4

2.0.3

2.0.2

2.0.0

v2.0.0

1.1.2

1.1.1

1.0.1

Labels

Clear labels   

awaiting feedback

  

bug

  

cannot reproduce

  

dns provider request

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

good first issue

  

help wanted

  

invalid

  

need more info

  

no certbot plugin available

  

product-support

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

stale

  

troll

  

upstream issue

  

v2

  

v2

  

v2

  

v3

  

wontfix

No labels

awaiting feedback

bug

cannot reproduce

dns provider request

duplicate

enhancement

enhancement

enhancement

good first issue

help wanted

invalid

need more info

no certbot plugin available

product-support

pull-request

question

stale

troll

upstream issue

v2

v2

v2

v3

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#251

No description provided.