nginx 进行 https 反向代理 nextcloud 后 APP 不能访问的解决办法

最新推荐文章于 2025-10-02 03:29:22 发布

原创最新推荐文章于 2025-10-02 03:29:22 发布 · 1.3w 阅读

26 ·

CC 4.0 BY-SA版权

文章标签：

#nginx #https #nextcloud #nginx反向代理 #nextcloud不能登录

Linux 同时被 2 个专栏收录

5 篇文章

订阅专栏

插件和工具

4 篇文章

订阅专栏

本文介绍如何将Nextcloud从HTTP升级到HTTPS，并通过Nginx反向代理进行配置的方法。主要内容包括修改Nextcloud配置文件以支持HTTPS，以及Nginx服务器的详细配置步骤。

问题描述：

nextcloud 运行在 docker 中，之前一直是通过 http 协议 ip 端口方式访问没有问题。
修改为 nginx 反向代理并设置为 https 协议访问后，手机 app 和 pc 端均不能访问。

解决办法：

修改 nextcloud 配置文件，在 /var/www/html/config 目录下的 config.php，添加如下内容

'overwriteprotocol' => 'https',

修改完不需要重启。

配置文件（参考）

nginx配置如下：

server {
    listen      80;   
    server_name 个人域名;
    return 301 https://$server_name$request_uri;
}
server {
  listen       443 ssl;
  server_name  个人域名;
 
  ssl_certificate      /home/nginx/ssl/4834759_cloud.wo66.cc.pem;
  ssl_certificate_key  /home/nginx/ssl/4834759_cloud.wo66.cc.key;
 
  ssl_session_cache    shared:SSL:1m;
  ssl_session_timeout  5m;
  ssl_protocols        TLSv1 TLSv1.1 TLSv1.2; 
  ssl_ciphers          ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
  ssl_prefer_server_ciphers  on;
  
  
  add_header X-Content-Type-Options nosniff;
  add_header X-XSS-Protection "1; mode=block";
  add_header X-Robots-Tag none;
  add_header X-Download-Options noopen;
  add_header X-Permitted-Cross-Domain-Policies none;
  add_header Strict-Transport-Security "max-age=15768000";
 
   
  location = /.well-known/carddav {
      return 301 $scheme://$host/remote.php/dav;
  }
  location = /.well-known/caldav {
      return 301 $scheme://$host/remote.php/dav;
  }
  
  client_max_body_size 512M;
  fastcgi_buffers 64 4K;
 
  gzip on;
  gzip_vary on;
  gzip_comp_level 3;
  gzip_min_length 1024;
  gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
  gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; 
 
  location / {
      # proxy_http_version 1.1;
      proxy_buffering off;
      proxy_set_header Host $http_host;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      # proxy_redirect off;
      proxy_pass http://localhost:8088;
  }
}

config.php

<?php
$CONFIG = array (
  'htaccess.RewriteBase' => '/',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' => 
  array (
    0 => 
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 => 
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'instanceid' => 'ocw62342d2k88i',
  'passwordsalt' => 'BV+nOt7p2342ahvRnjGCv+GUZKq',
  'secret' => 'SRpMeX8N3VJWD433232YH6SL3B852G9CWlqKedK9fLXA',
  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 => '个人的域名',
  ),
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'mysql',
  'version' => '20.0.1.1',
  'overwrite.cli.url' => 'http://127.0.0.1:8088',
  'overwriteprotocol' => 'https',
  'dbname' => 'nextcloud',
  'dbhost' => 'mysql',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'oc_admin',
  'dbpassword' => 'rLJQWt2U9KF4242342C9FZjbSYr',
  'installed' => true,
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' => 
  array (
    'host' => 'redis',
    'port' => 6379,
  ),
);