helm
helm copied to clipboard
nextcloud
Access through untrusted domain
Describe your Issue
Get "Access through untrusted domain"
Logs and Errors
Accessing the webpage from either the internal network or externally results in the above error.
Describe your Environment
-
Kubernetes distribution: k3s
-
Helm Version (or App that manages helm): 3.14
-
Helm Chart Version: 4.6.2
-
values.yaml:
nextcloud:
host: nextcloud.mydomainname.co.uk
username: admin
password: password
persistence:
enabled: true
existingClaim: nextcloud-ssd
accessMode: ReadWriteOnce
size: 100Gi
configs:
trusted_domains.config.php: |-
<?php
$CONFIG = [
'trusted_domains' => [
0 => 'localhost',
1 => 'nextcloud.mydomainname.co.uk',
2 => '192.168.0.200',
3 => 'nextcloud',
4 => '192.168.0.1'
]
];
proxy.config.php: |-
<?php
$CONFIG = array (
'trusted_proxies' => array(
0 => '127.0.0.1',
1 => '10.0.0.0/8',
2 => '192.168.0.1'
),
'forwarded_for_headers' => array('HTTP_X_FORWARDED_FOR'),
);
Additional context, if any
I'm using metalLB and I also am using NGINX-ingress that is deployed in this yml.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: nextcloud
name: nextcloud-ingress
annotations:
cert-manager.io/cluster-issuer: my-ca-issuer
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For"
spec:
ingressClassName: nginx
tls:
- hosts:
- nextcloud.mydomainname.co.uk
secretName: nextcloud-prod-tls
rules:
- host: nextcloud.mydomainname.co.uk
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: nextcloud
port:
number: 8080
I checked in the pod by running the below, it seems that the config.php files aren't being made? Though I'm extremely new to Kube in general so could be missing something!
ubuntu@k3smaster:~/k3s/nextcloud $ kubectl exec -it -n nextcloud nextcloud-6d48dc68dd-n7j27 -- bash
root@nextcloud-6d48dc68dd-n7j27:/var/www/html# cd config/
root@nextcloud-6d48dc68dd-n7j27:/var/www/html/config# ls
CAN_INSTALL apache-pretty-urls.config.php apcu.config.php apps.config.php autoconfig.php config.php config.sample.php redis.config.php smtp.config.php
https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html#trusted-domains is what you are missing.
https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html#trusted-domains is what you are missing.
How would I apply it? I thought I had done it correctly in my values.yml file? About halfway down the config above.
Ah you are right. Did you deploy again after making the config file changes? Other than that I don't see why the config files wouldn't be present,
Yeah, I tried upgrading the helm install with the file (which I think should have done it) then uninstalled the deployment and chart. Same result both times.
To be sure this is being set, can you, @arphillips06 or @zhangdeshuai1999, please log into your pod and check the output of:
php occ config:system:get trusted_domains
I'd also be interested to see if trusted_domains.config.php actually made it into the config dir? I don't see it in the original post with the output listed there 🤔
Also, semi-related, but we recently added a new nextcloud.trustedDomains helm parameter in 5.4.0:
https://github.com/nextcloud/helm/releases/tag/nextcloud-5.4.0