Starting Nextcloud v29 the error "Data directory and your files are probably accessible from the Internet".
Cause
root@prdanc2049:/var/www/nextcloud/config# pwd
/var/www/nextcloud/config
root@prdanc2049:/var/www/nextcloud/config#
root@prdanc2049:/var/www/nextcloud/config# cat config.php
<?php
$CONFIG = array (
'passwordsalt' => 'Redacted',
'secret' => 'Redacted',
'trusted_domains' =>
array (
0 => 'localhost',
1 => '10.68.127.123',
2 => 'nextcloud',
3 => 'mypublic.domain.com',
),
'datadirectory' => '/mnt/ncdata',
'dbtype' => 'pgsql',
[...]
Solution
Remove the ip addresses, "localhost" and "nextcloud" from the trusted_domains in /var/www/nextcloud/config/config.php
root@prdanc2049:/var/www/nextcloud/config# pwd
/var/www/nextcloud/config
root@prdanc2049:/var/www/nextcloud/config#
root@prdanc2049:/var/www/nextcloud/config# cat config.php
<?php
$CONFIG = array (
'passwordsalt' => 'Redacted',
'secret' => 'Redacted',
'trusted_domains' =>
array (
0 => 'mypublic.domain.com',
),
'datadirectory' => '/mnt/ncdata',
'dbtype' => 'pgsql',
[...]
Information regarding trusted_domains in the config.php: https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/config_sample_php_parameters.html#trusted-domains
Your list of trusted domains that users can log into. Specifying trusted domains prevents host header poisoning. Do not remove this, as it performs necessary security checks.
You can specify:
the exact hostname of your host or virtual host, e.g. demo.example.org.
the exact hostname with permitted port, e.g. demo.example.org:443. This disallows all other ports on this host
use * as a wildcard, e.g. ubos-raspberry-pi*.local will allow ubos-raspberry-pi.local and ubos-raspberry-pi-2.local
the IP address with or without permitted port, e.g. [2001:db8::1]:8080 Using TLS certificates where commonName=<IP address> is deprecated
No comments:
Post a Comment