#php #docker #reverse-proxy #traefik #nextcloud
#php #docker #обратный прокси #traefik #nextcloud
Вопрос:
Я совсем новичок в Docker, и я пытаюсь заставить Nextcloud работать как подпапку моего домена за Traefik с обратным прокси.
Проблема немного странная, я могу заставить работать как поддомен моего адреса duckdns nextcloud.XXX.duckdns.org , но не как вложенная папка XXX.duckdns.org/nextcloud . Я предпочитаю подход с вложенными папками, но у меня возникли некоторые проблемы, и это сводит меня с ума ^^
Кто-нибудь может помочь мне понять, как заставить это работать?
Я работаю на Raspberry Pi 4 с 8 ГБ оперативной памяти. Вот мой config.php:
<?php
$CONFIG = array (
'htaccess.RewriteBase' => '/',
'memcache.local' => '\OC\Memcache\APCu',
'apps_paths' =>
array (
0 =>
array (
'path' => '/var/www/html/apps',
'url' => '/apps',
'writable' => false,
),
1 =>
array (
'path' => '/var/www/html/custom_apps',
'url' => '/custom_apps',
'writable' => true,
),
),
'overwritehost' => 'XXX.duckdns.org',
'overwriteprotocol' => 'https',
'overwritewebroot' => '/nextcloud',
'trusted_proxies' =>
array (
0 => 'traefik',
),
'passwordsalt' => 'XXX',
'secret' => 'XXX',
'trusted_domains' =>
array (
0 => 'localhost',
1 => '0.0.0.0:85',
2 => '10.0.0.3:85',
3 => 'XXX.duckdns.org',
),
'datadirectory' => '/var/www/html/data',
'dbtype' => 'mysql',
'version' => '19.0.3.1',
'overwrite.cli.url' => 'https://XXX.duckdns.org/nextcloud',
'loglevel' => 0,
'dbname' => 'nextcloud',
'dbhost' => 'db-nextcloud-maria',
'dbport' => '',
'dbtableprefix' => 'oc_',
'dbuser' => 'nextcloud',
'dbpassword' => 'XXXXXXXXXXX',
'installed' => true,
'instanceid' => 'ocnhvv6wef7n',
);
и когда я пытаюсь получить к нему доступ, журнал docker nextcloud:
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.27.0.9. Set the 'ServerName' directive globally to suppress this message
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.27.0.9. Set the 'ServerName' directive globally to suppress this message
[Wed Sep 23 16:57:39.710120 2020] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.38 (Debian) PHP/7.4.10 configured -- resuming normal operations
[Wed Sep 23 16:57:39.710272 2020] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'
172.27.0.7 - XXX [23/Sep/2020:16:58:27 0200] "GET /nextcloud HTTP/1.1" 302 413 "https://XXX.duckdns.org/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0"
172.27.0.7 - XXX [23/Sep/2020:16:58:27 0200] "GET /nextcloud/ HTTP/1.1" 302 1126 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0"
172.27.0.7 - XXX [23/Sep/2020:16:58:29 0200] "GET /nextcloud/login HTTP/1.1" 302 1018 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0"
172.27.0.7 - XXX [23/Sep/2020:16:58:31 0200] "GET /nextcloud/login HTTP/1.1" 302 1018 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0"
172.27.0.7 - XXX [23/Sep/2020:16:58:34 0200] "GET /nextcloud/login HTTP/1.1" 302 1018 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0"
172.27.0.7 - XXX [23/Sep/2020:16:58:36 0200] "GET /nextcloud/login HTTP/1.1" 302 1018 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0"
172.27.0.7 - XXX [23/Sep/2020:16:58:40 0200] "GET /nextcloud/login HTTP/1.1" 302 1018 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0"
и nextcloud.log:
{"reqId":"hC8j9LCSu628oxhX0Uav","level":2,"time":"2020-09-23T14:58:29 00:00","remoteAddr":"172.27.0.7","user":"--","app":"core","method":"GET","url":"/nextcloud/index.php/","message":"Login failed: 'XXX' (Remote IP: '172.27.0.7')","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0","version":"19.0.3.1"}
{"reqId":"hC8j9LCSu628oxhX0Uav","level":1,"time":"2020-09-23T14:58:29 00:00","remoteAddr":"172.27.0.7","user":"--","app":"core","method":"GET","url":"/nextcloud/index.php/","message":"Bruteforce attempt from "172.27.0.7" detected for action "login".","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0","version":"19.0.3.1"}
{"reqId":"FKD3SVW1NI1VqBUHBwUg","level":2,"time":"2020-09-23T14:58:31 00:00","remoteAddr":"172.27.0.7","user":"--","app":"core","method":"GET","url":"/nextcloud/index.php/login","message":"Login failed: 'XXX' (Remote IP: '172.27.0.7')","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0","version":"19.0.3.1"}
{"reqId":"FKD3SVW1NI1VqBUHBwUg","level":1,"time":"2020-09-23T14:58:31 00:00","remoteAddr":"172.27.0.7","user":"--","app":"core","method":"GET","url":"/nextcloud/index.php/login","message":"Bruteforce attempt from "172.27.0.7" detected for action "login".","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0","version":"19.0.3.1"}
{"reqId":"U8xWlVN1rX4aM46TpxWK","level":2,"time":"2020-09-23T14:58:34 00:00","remoteAddr":"172.27.0.7","user":"--","app":"core","method":"GET","url":"/nextcloud/index.php/login","message":"Login failed: 'XXX' (Remote IP: '172.27.0.7')","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0","version":"19.0.3.1"}
{"reqId":"U8xWlVN1rX4aM46TpxWK","level":1,"time":"2020-09-23T14:58:34 00:00","remoteAddr":"172.27.0.7","user":"--","app":"core","method":"GET","url":"/nextcloud/index.php/login","message":"Bruteforce attempt from "172.27.0.7" detected for action "login".","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0","version":"19.0.3.1"}
{"reqId":"HTYtffzeLAghfkSjUcuA","level":2,"time":"2020-09-23T14:58:36 00:00","remoteAddr":"172.27.0.7","user":"--","app":"core","method":"GET","url":"/nextcloud/index.php/login","message":"Login failed: 'XXX' (Remote IP: '172.27.0.7')","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0","version":"19.0.3.1"}
{"reqId":"HTYtffzeLAghfkSjUcuA","level":1,"time":"2020-09-23T14:58:36 00:00","remoteAddr":"172.27.0.7","user":"--","app":"core","method":"GET","url":"/nextcloud/index.php/login","message":"Bruteforce attempt from "172.27.0.7" detected for action "login".","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0","version":"19.0.3.1"}
{"reqId":"tGKAlT6DUn9cVTYbZUmd","level":2,"time":"2020-09-23T14:58:40 00:00","remoteAddr":"172.27.0.7","user":"--","app":"core","method":"GET","url":"/nextcloud/index.php/login","message":"Login failed: 'XXX' (Remote IP: '172.27.0.7')","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0","version":"19.0.3.1"}
{"reqId":"tGKAlT6DUn9cVTYbZUmd","level":1,"time":"2020-09-23T14:58:40 00:00","remoteAddr":"172.27.0.7","user":"--","app":"core","method":"GET","url":"/nextcloud/index.php/login","message":"Bruteforce attempt from "172.27.0.7" detected for action "login".","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0","version":"19.0.3.1"}
{"reqId":"bApTkgFPNyNyHhY87pw7","level":2,"time":"2020-09-23T14:58:45 00:00","remoteAddr":"172.27.0.7","user":"--","app":"core","method":"GET","url":"/nextcloud/index.php/login","message":"Login failed: 'XXX' (Remote IP: '172.27.0.7')","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0","version":"19.0.3.1"}
{"reqId":"bApTkgFPNyNyHhY87pw7","level":1,"time":"2020-09-23T14:58:45 00:00","remoteAddr":"172.27.0.7","user":"--","app":"core","method":"GET","url":"/nextcloud/index.php/login","message":"Bruteforce attempt from "172.27.0.7" detected for action "login".","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0","version":"19.0.3.1"}
Мой docker-compose для nextcloud
nextcloud:
image: nextcloud
container_name: nextcloud
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKERCONFDIR}/nextcloud:/var/www/html
depends_on:
- db-nextcloud-maria
environment:
- MYSQL_HOST=db-nextcloud-maria
- MYSQL_DATABASE=${MARIADB_MYSQL_DATABASE}
- MYSQL_USER=${MARIADB_MYSQL_USER}
- MYSQL_PASSWORD=${MARIADB_MYSQL_PASSWORD}
- NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN_USER}
- NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD}
- NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_TRUSTED_DOMAINS}
- TRUSTED_PROXIES=traefik
- OVERWRITEHOST=${NEXTCLOUD_OVERWRITEHOST}
- OVERWRITEPROTOCOL=https
- OVERWRITEWEBROOT=${NEXTCLOUD_OVERWRITEWEBROOT}
ports:
- 85:80
labels:
- "traefik.enable=true"
- "traefik.http.routers.nextcloud.rule=(Host(`XXX.duckdns.org`) amp;amp; PathPrefix(`/nextcloud`))"
- "traefik.http.routers.nextcloud.entrypoints=websecure"
- "traefik.http.routers.nextcloud.tls.certresolver=myresolver"
db-nextcloud-maria:
image: linuxserver/mariadb
container_name: db-nextcloud-maria
hostname: ${DOCKERHOSTNAME}
environment:
- PGID=${PGID}
- PUID=${PUID}
- MYSQL_ROOT_PASSWORD=${MARIADB_MYSQL_ROOT_PASSWORD}
- MYSQL_DATABASE=${MARIADB_MYSQL_DATABASE}
- MYSQL_USER=${MARIADB_MYSQL_USER}
- MYSQL_PASSWORD=${MARIADB_MYSQL_PASSWORD}
- TZ=${TZ}
logging:
driver: json-file
options:
max-file: ${DOCKERLOGGING_MAXFILE}
max-size: ${DOCKERLOGGING_MAXSIZE}
restart: unless-stopped
ports:
- ${MARIADB_PORT_3306}:3306
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKERCONFDIR}/db-nextcloud-maria:/config
У кого-нибудь есть идеи, что происходит и как это решить?
Большое спасибо всем, кто пытается помочь, это сводит меня с ума: slight_smile:
Комментарии:
1. есть ли у вас какие-либо успехи в этом? застрял с той же проблемой
2. @MaxZavodniuk У меня нет никакого успеха с этим. Однако на другом форуме мне посоветовали избегать использования вложенных папок, потому что они менее безопасны. Я также получил тот же совет от друга, который работает в области кибербезопасности. Поскольку использование вложенных папок для меня не важно (это только удобнее), я использую поддомены.