kitsab's picture

Hello,

I'm using Promox and installed the nextcloud-turnkey-15.2.1 to an LXC container.

I'm able to SSH into the machine.

I modified /var/www/nextcloud/config/config.php and added IPs from my local network.

  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 => 'bkmpc.duckdns.org',
    2 => '192.168.1.240',
    3 => '192.168.1.252',
    4 => '192.168.1.230',
  ),
*192.168.1.204 is my nextcloud LXC IP address.

.252 is the Proxmox Server / .240 is my notebook / .230 is my tablet.

I restarted apache2 service, during my configuraton I also restared the LXC container a few times.

trying to access the web interface from my local network  leads into a screen which tells me that it is required to configure "trused_domains".

I try to access the webinterface by https://192.168.1.204/nextcloud or https://192.168.1.204/nextcloud:443 from my clients .230 or .240

I haven't got an idea what I can do, to configure the trusted domains correctly.

In my opinion it is already configured well, but still in accessable.

Thanks for tips and suggestions.

Best regards

Kitsab

Forum: 
Jeremy Davis's picture

It looks like the spam trap was catching you and that's probably why you couldn't edit your post. Anyway, I've added you to the "contributors" group so you should be able to skip most of the spam traps now. I also cleaned up one of the other threads and will also remove the other duplicate when I finish posting here. I also edited this one with the updated info for the IP typo.

So it seems like you misunderstand the notion of what the "trusted_domains" is/does. It sets the domains that your server can be contacted on, not the clients connecting! It protects your server from what is referred to as a Host Header Poisoning attack.

So if you want to connect to your nextcloud via IP address and/or bkmpc.duckdns.org, then it just needs to be like this:

'trusted_domains' => 
  array (
    0 => '192.168.1.204',
    1 => 'bkmpc.duckdns.org',
  ),

You'll need to restart Apache to apply the change. I.e.:

systemctl restart apache2

Note I removed localhost as there isn't much point of including localhost when you're running it on a headless server - without a web browser... Although you could always leave it there if you wanted, it won't do any harm...

Add new comment