Giter Site home page Giter Site logo

Nextcloud Optimization about ansible-nas HOT 4 CLOSED

bibberp avatar bibberp commented on June 3, 2024
Nextcloud Optimization

from ansible-nas.

Comments (4)

viktor-c avatar viktor-c commented on June 3, 2024

For my install I added a redis container
I can imagine enabling PHP OPcache
and maybe use php-fpm image instead of apache, but here I have some problem configuring traefik. I thought I can use nextcloud-fpm only with traefik as reverse proxy... I'm still testing there

from ansible-nas.

eugeis avatar eugeis commented on June 3, 2024

I see tow warnings in nextcloud admin overview about reverse proxy:

The reverse proxy header configuration is incorrect, or you are accessing Nextcloud from a trusted proxy. If not, this is a security issue and can allow an attacker to spoof their IP address as visible to the Nextcloud. Further information can be found in the documentation ↗.

I solution is described here:
nextcloud/docker#1384

Would it be possible to integrate the solution to ansible-nas nextcloud deployment?
Thanks

from ansible-nas.

khartahk avatar khartahk commented on June 3, 2024

For my install I added a redis container I can imagine enabling PHP OPcache and maybe use php-fpm image instead of apache, but here I have some problem configuring traefik. I thought I can use nextcloud-fpm only with traefik as reverse proxy... I'm still testing there

@viktor-c Here's my WIP solution: https://github.com/khartahk/ansible-nas/pull/9/files

@eugeis About the trusted_proxies - I've added this to my config.php

'trusted_domains' => 
  array (
    0 => 'xxx.yyy.0.z:8080', //server IP on LAN
    1 => 'nextcloud.domain.tld',
),
'trusted_proxies' => 
  array (
    0 => '172.17.0.0/16', //this is the docker network
    1 => 'xxx.yyy.0.0/24', //my LAN
  ),
  'forwarded_for_headers' => 
  array (
    0 => 'X-Forwarded-For',
    1 => 'HTTP_X_FORWARDED_FOR',
  ),

from ansible-nas.

davestephens avatar davestephens commented on June 3, 2024

I (personally) have no plans to do any work on Nextcloud. I don't use it and have previously wasted a lot of time trying to fix their crappy containers. That said - if someone wants to do some work to make it better (in a non-hacky way) I'm more than happy to accept PRs.

from ansible-nas.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.