Docker Container redirect to https://127.0.0.1/

Do you want to: Problem - Docker Container is redirecting to https://127.0.0.1
Document Server version: docker:latest in podman v4.6.1
OS: AlmaLinux9.3
Browser version: Firefox 115.4.0esr

Hello, I have a fresh install of AlmaLinux 9.3 with a NextCloud (latest) installation running on Apache. Nextcloud runs fine. Now I’m struggeling to get OnlyOffice running correctly. OnlyOffice should run as a location behind Apache configured as a reverseProxy.

First I have created all folders and copied the certs:

mkdir -p /opt/onlyoffice/DocumentServer/{data,db,lib,logs}
mkdir -p /opt/onlyoffice/DocumentServer/data/certs
cp /etc/ssl/private/selfsigned.key /opt/onlyoffice/DocumentServer/data/certs/onlyoffice.key
cp /etc/ssl/certs/selfsigned.pem /opt/onlyoffice/DocumentServer/data/certs/onlyoffice.crt
chown -R 100108:100111 /opt/onlyoffice/DocumentServer/data/certs/

Then installing OnlyOffice Container. I’m using a Dockerfile:

FROM docker.io/onlyoffice/documentserver:latest

RUN sed -i 's/"rejectUnauthorized": true/"rejectUnauthorized": false/' /etc/onlyoffice/documentserver/default.json

…creating a docker image with podman build -t onlyoffice:latest -f Dockerfile. And starting a new Container with:

podman run -i -t -d -p 8888:80 --name=onlyoffice -e JWT_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx -e USE_UNAUTHORIZED_STORAGE=true --add-host nextcloud.example.org:10.0.100.30 -v /opt/onlyoffice/DocumentServer/logs:/var/log/onlyoffice:Z -v /opt/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data:Z -v /opt/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice:Z -v /opt/onlyoffice/DocumentServer/db:/var/lib/postgresql:Z -u root onlyoffice:latest

I’ve setted up the apache vHost like suggested in the OnlyOffice documentation:

<VirtualHost *:80>

    ServerName nextcloud.example.org

    RewriteEngine On
    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=302,L]

</VirtualHost>

<VirtualHost *:443>
    DocumentRoot /var/www/vhosts/nextcloud.example.org/nextcloud

    ServerName nextcloud.example.org


    # SSL Settings
    SSLEngine on

    SSLCertificateFile      /etc/ssl/certs/selfsigned.pem
    SSLCertificateKeyFile   /etc/ssl/private/selfsigned.key

    # enable HTTP/2, if available
    Protocols h2 http/1.1

    CustomLog /var/log/httpd/nextcloud.example.org-access.log combined
    ErrorLog /var/log/httpd/nextcloud.example.org-error.log

    <Directory /var/www/vhosts/nextcloud.example.org/nextcloud>
        AllowOverride all
        Options -Indexes
    </Directory>
    Header always set Strict-Transport-Security "max-age=63072000"

#### OnlyOffice

Define VPATH /very-long-and-secret-string
Define DS_ADDRESS 127.0.0.1:8888

<Location ${VPATH}>
  Require all granted
  SetEnvIf Host "^(.*)$" THE_HOST=$1
  RequestHeader setifempty X-Forwarded-Proto http
  RequestHeader setifempty X-Forwarded-Host %{THE_HOST}e
  RequestHeader edit X-Forwarded-Host (.*) $1${VPATH}
  ProxyAddHeaders Off
</Location>

RewriteEngine on
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule ^\${VPATH}/?(.*) "ws://${DS_ADDRESS}/$1" [P,L]
ProxyPass ${VPATH} "http://${DS_ADDRESS}"
ProxyPassReverse ${VPATH} "http://${DS_ADDRESS}"

</VirtualHost>

When I now open http://nextcloud.example.org/very-long-and-secret-string I always get redirected to https://127.0.0.1

Just to know: The Server runs not public yet, so I only have edited my local hosts file:

10.0.100.30   nextcloud.example.org

Can anyone Help?

hi @Arny80Hexa
At first glance, seem fine.

It’s possible that there might be an issue with DNS settings. I’ll take a closer look a bit later.
If you have any additional details or observations, please share them.

I have already Solved it.

I don’t know if something in this direction changed in the last releases because on a new machine, a few weeks ago, works on this way, like described above.

The Problem is, that when you give the DS some SSL-certs into the mounted /Data/certs dir, the it starts up with ssl enabled. In the nginx-config is a rewrite-rule that redirekts every http-traffic to https://request-url. Since the apache reverse-proxy calls the OnlyOffice-Container with http://127.0.0.1:8888, the nginx in the container redirects always to https://127.0.0.1.

Solution:

Don’t create /opt/onlyoffice/DocumentServer/data/certs/, copy certs in it, and so on.

Way to go (short):

1. create vHost like suggested in OnlyOffice Documentation
2. create Dockerfile and build podman image like described above
3. installingen container

mkdir -p /opt/onlyoffice/DocumentServer/{data,db,lib,logs}

podman run -i -t -d -p 127.0.0.1:8888:80 --name=onlyoffice -e JWT_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx -e USE_UNAUTHORIZED_STORAGE=true --add-host nextcloud.example.com:10.0.111.100 -v /opt/onlyoffice/DocumentServer/logs:/var/log/onlyoffice:Z -v /opt/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data:Z -v /opt/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice:Z -v /opt/onlyoffice/DocumentServer/db:/var/lib/postgresql:Z -u root onlyoffice:latest

Done.