install Owncloud docker image on an internal server
Setup proxy on apache server facing to internet
Login work normal when accessing to the docker directly
Loop on the login page when trying to access via apache proxy
Expected behaviour
Expect to go pass the login page and accessing to the page with files
Actual behaviour
After entering correct login information the system blank the name and login and loop on the login page
Server configuration
vm Docker on Ubuntu 20.04
vm Apache on Ubuntu 20.04
Owncloud image 10.11
Web server:
Apache 2.4.41 (proxy)
Database:
MySql
PHP version:
Php 7.4.3
ownCloud version: (see ownCloud admin page)
10.11.0.6
fresh install (fresh immage)
Where did you install ownCloud from: docker pull owncloud/server
Are you using encryption: yes/no
Yes
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/…
No
Client configuration
Browser:
firefox
Operating system:
ubuntu 20.04
As login directly on the docker work I suppose the issue is with the Apache 2 proxy. Do we have an example of the correct setup ? What should I look for ?
Can you post your apache proxy configuration?
Personally I haven’t seen one of them in a long time.
I think the Univention Appliance uses apache as a reverse proxy internally, so perhaps you can try to find that.
Also have you checked whether there is something in the log files, when logging in through the proxy?
Check all logs:
Browser (dev console → network tab [-> export as .har])
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/owncloud.objclt.ca/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/owncloud.objclt.ca/privkey.pem
LogLevel alert
10.1.1.100 is the docker server. (VM)
192.168.1.150 is the owncloud internal docker address
10.1.1.40 is the apache server (VM)
External traffic is rooted to apache server via firewall rules
The issue is the same either if you access from internet or internally but is working if you log directly to the docker
Sorry I don’t see an option to upload a file here.
Sharing a Link
firstly I’d advise you to have a look at the Reverse Proxy documentation
Secondly, maybe it comes from the fact you don’t send the X-Forwarded-Proto header to your ownCloud, so ownCloud tries to force HTTPS.
Cheers.
Hi,
Yes I spent many time on the documentation looking for useful tips. The documentation you are referring, is more a theory than a practical doc.Help me and may be we can use this case to make the documentation more practical. I saw quit few issues with “login Loop”.
The documentation said “you can set the following parameters inside the config/config.php.” ok can you give an example ? because the format of the config file an array ?
As this is a container setup, please never manipulate the config.php of the container manually and use the environment variables instead.
For trusted proxies, this needs to be a comma separated list if multiple proxies should be configured e.g. OWNCLOUD_TRUSTED_PROXIES=192.168.0.1,10.0.0.1
Finally I found the issue thank you @cs35 thank you @rkaussow
The environment variables OWNCLOUD_TRUSTED_PROXIES was missing
The apache proxy configuration was incorrect. Here is my current working configuration
DocumentRoot /var/www/html
ServerName owncloud.objclt.ca
ErrorLog /var/www/objclt.ca/logs/owncloud.error.log
CustomLog /var/www/objclt.ca/logs/owncloud.access.log “combined”
<Directory “/var/www/html”>
allow from all
Options None
Require all granted
ProxyPreserveHost On
ProxyPass / http://10.1.1.100:8084/
ProxyPassReverse / http://10.1.1.100:8084/
RequestHeader set X-Forwarded-Port “443”
RequestHeader set X-Forwarded-Proto “https”
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/owncloud.objclt.ca/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/owncloud.objclt.ca/privkey.pem
LogLevel info