Merge 622cdd6259 into 6c1075b88d

Runs update.sh
Add FORWARDED_FOR_HEADERS to the reverse-proxy config (#2272 )
2025-07-28 09:28:05 +02:00 · 2024-10-09 12:04:29 -04:00 · 2024-10-08 14:20:13 +00:00 · 2024-10-08 16:19:59 +02:00 · 2020-10-04 16:08:17 +02:00
12 changed files with 54 additions and 3 deletions
--- a/.config/reverse-proxy.config.php
+++ b/.config/reverse-proxy.config.php
@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES');
 if ($trustedProxies) {
  $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
 }
 $forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS');
 if ($forwardedForHeaders) {
  $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders)));
 }
--- a/28/apache/config/reverse-proxy.config.php
+++ b/28/apache/config/reverse-proxy.config.php
@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES');
 if ($trustedProxies) {
  $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
 }
 $forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS');
 if ($forwardedForHeaders) {
  $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders)));
 }
--- a/28/fpm-alpine/config/reverse-proxy.config.php
+++ b/28/fpm-alpine/config/reverse-proxy.config.php
@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES');
 if ($trustedProxies) {
  $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
 }
 $forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS');
 if ($forwardedForHeaders) {
  $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders)));
 }
--- a/28/fpm/config/reverse-proxy.config.php
+++ b/28/fpm/config/reverse-proxy.config.php
@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES');
 if ($trustedProxies) {
  $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
 }
 $forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS');
 if ($forwardedForHeaders) {
  $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders)));
 }
--- a/29/apache/config/reverse-proxy.config.php
+++ b/29/apache/config/reverse-proxy.config.php
@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES');
 if ($trustedProxies) {
  $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
 }
 $forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS');
 if ($forwardedForHeaders) {
  $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders)));
 }
--- a/29/fpm-alpine/config/reverse-proxy.config.php
+++ b/29/fpm-alpine/config/reverse-proxy.config.php
@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES');
 if ($trustedProxies) {
  $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
 }
 $forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS');
 if ($forwardedForHeaders) {
  $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders)));
 }
--- a/29/fpm/config/reverse-proxy.config.php
+++ b/29/fpm/config/reverse-proxy.config.php
@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES');
 if ($trustedProxies) {
  $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
 }
 $forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS');
 if ($forwardedForHeaders) {
  $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders)));
 }
--- a/30/apache/config/reverse-proxy.config.php
+++ b/30/apache/config/reverse-proxy.config.php
@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES');
 if ($trustedProxies) {
  $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
 }
 $forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS');
 if ($forwardedForHeaders) {
  $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders)));
 }
--- a/30/fpm-alpine/config/reverse-proxy.config.php
+++ b/30/fpm-alpine/config/reverse-proxy.config.php
@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES');
 if ($trustedProxies) {
  $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
 }
 $forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS');
 if ($forwardedForHeaders) {
  $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders)));
 }
--- a/30/fpm/config/reverse-proxy.config.php
+++ b/30/fpm/config/reverse-proxy.config.php
@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES');
 if ($trustedProxies) {
  $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
 }
 $forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS');
 if ($forwardedForHeaders) {
  $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders)));
 }
--- a/README.md
+++ b/README.md
@ -261,7 +261,7 @@ To use the hooks triggered by the `entrypoint` script, either
 ```
-## Using the apache image behind a reverse proxy and auto configure server host and protocol
+## Using the image behind a reverse proxy and auto configure server host and protocol
 The apache image will replace the remote addr (IP address visible to Nextcloud) with the IP address from `X-Real-IP` if the request is coming from a proxy in `10.0.0.0/8`, `172.16.0.0/12` or `192.168.0.0/16` by default. If you want Nextcloud to pick up the server host (`HTTP_X_FORWARDED_HOST`), protocol (`HTTP_X_FORWARDED_PROTO`) and client IP (`HTTP_X_FORWARDED_FOR`) from a trusted proxy, then disable rewrite IP and add the reverse proxy's IP address to `TRUSTED_PROXIES`.
@ -276,6 +276,7 @@ If the `TRUSTED_PROXIES` approach does not work for you, try using fixed values
 - `OVERWRITECLIURL` (empty by default): Set the cli url of the proxy (e.g. https://mydnsname.example.com)
 - `OVERWRITEWEBROOT` (empty by default): Set the absolute path of the proxy.
 - `OVERWRITECONDADDR` (empty by default): Regex to overwrite the values dependent on the remote address.
 - `FORWARDED_FOR_HEADERS` (empty by default): HTTP headers with the original client IP address
 Check the [Nexcloud documentation](https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html) for more details.
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@ -60,8 +60,8 @@ file_env() {
    local var="$1"
    local fileVar="${var}_FILE"
    local def="${2:-}"
-    local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
+    local varValue="`env | grep -E \"^${var}=\" | sed -E -e \"s/^${var}=//\"`"
-    local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
+    local fileVarValue="`env | grep -E \"^${fileVar}=\" | sed -E -e \"s/^${fileVar}=//\"`"
    if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
        echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
        exit 1
Author	SHA1	Message	Date
nicobo	def98dc682	Merge `622cdd6259` into `6c1075b88d`	2024-10-09 12:04:29 -04:00
GitHub Workflow	6c1075b88d	Runs update.sh	2024-10-08 14:20:13 +00:00
Dominic Giebert	a9f9885e65	Add FORWARDED_FOR_HEADERS to the reverse-proxy config (#2272 ) * Add FORWARDED_FOR_HEADERS to the reverse-proxy config Signed-off-by: Dominic Giebert <dominic.giebert@suse.com> * Add FORWARDED_FOR_HEADERS to documentation Signed-off-by: Dominic Giebert <dominic.giebert@suse.com> --------- Signed-off-by: Dominic Giebert <dominic.giebert@suse.com>	2024-10-08 16:19:59 +02:00
nicobo	622cdd6259	Fixes nextcloud/docker#1088 Signed-off-by: nicobo <nicobo@users.noreply.github.com>	2020-10-04 16:08:17 +02:00