How can I correctly configure Nextcloud and Apache, to have correct URL redirection?
I have configured Apache for redirection of HTTP to HTTPS, using a simple Redirect
directive:
<VirtualHost *:80>
ServerName "example.com"
Redirect permanent "/" "https://example.com/"
</VirtualHost> # *:80
<VirtualHost *:443>
ServerName "example.com"
ServerAdmin "[email protected]"
SSLEngine On
SSLCertificateFile "/etc/ssl/certs/example.com/server.cert.fullchain.pem"
SSLCertificateKeyFile "/etc/ssl/private/example.private-key.pem"
Alias "/nextcloud" "/srv/nextcloud/html"
DocumentRoot "/srv/nextcloud/html"
<Directory "/srv/nextcloud/html">
Require all granted
Options +FollowSymlinks
AllowOverride all
# …
</Directory> # /srv/nextcloud/html
</VirtualHost> # *:443
NextCloud configuration specifies that it should (via automatically generated .htaccess
file) rewrite URIs to drop the PHP module filename:
<?php
$CONFIG = array (
// …
'trusted_domains' => array (
0 => 'example.com',
),
'overwrite.cli.url' => 'https://example.com/nextcloud',
'htaccess.RewriteBase' => '/nextcloud',
// …
?>
The server fails to redirect, instead getting into a redirect loop. With LogLevel debug
I see these error messages:
[Mon Nov 01 06:42:46.246002 2021] [ssl:info] [pid 68035] [client 198.51.100.38:55158] AH01964: Connection to child 7 established (server example.com:443)
[Mon Nov 01 06:42:46.246850 2021] [ssl:debug] [pid 68035] ssl_engine_kernel.c(2393): [client 198.51.100.38:55158] AH02043: SSL virtual host for servername example.com found
[Mon Nov 01 06:42:46.247069 2021] [core:debug] [pid 68035] protocol.c(2428): [client 198.51.100.38:55158] AH03155: select protocol from , choices=h2,http/1.1 for server example.com
[Mon Nov 01 06:42:46.365492 2021] [ssl:debug] [pid 68035] ssl_engine_kernel.c(2252): [client 198.51.100.38:55158] AH02041: Protocol: TLSv1.3, Cipher: TLS_AES_128_GCM_SHA256 (128/128 bits)
[Mon Nov 01 06:42:46.365893 2021] [socache_shmcb:debug] [pid 68035] mod_socache_shmcb.c(508): AH00831: socache_shmcb_store (0x01 -> subcache 1)
[Mon Nov 01 06:42:46.366041 2021] [socache_shmcb:debug] [pid 68035] mod_socache_shmcb.c(745): AH00842: expiring 1 and reclaiming 0 removed socache entries
[Mon Nov 01 06:42:46.366168 2021] [socache_shmcb:debug] [pid 68035] mod_socache_shmcb.c(765): AH00843: we now have 0 socache entries
[Mon Nov 01 06:42:46.366270 2021] [socache_shmcb:debug] [pid 68035] mod_socache_shmcb.c(862): AH00847: insert happened at idx=0, data=(0:32)
[Mon Nov 01 06:42:46.366369 2021] [socache_shmcb:debug] [pid 68035] mod_socache_shmcb.c(865): AH00848: finished insert, subcache: idx_pos/idx_used=0/1, data_pos/data_used=0/207
[Mon Nov 01 06:42:46.366466 2021] [socache_shmcb:debug] [pid 68035] mod_socache_shmcb.c(530): AH00834: leaving socache_shmcb_store successfully
[Mon Nov 01 06:42:46.370419 2021] [ssl:debug] [pid 68035] ssl_engine_kernel.c(415): [client 198.51.100.38:55158] AH02034: Initial (No.1) HTTPS request received for child 7 (server example.com:443)
[Mon Nov 01 06:42:46.371270 2021] [authz_core:debug] [pid 68035] mod_authz_core.c(815): [client 198.51.100.38:55158] AH01626: authorization result of Require all granted: granted
[Mon Nov 01 06:42:46.371449 2021] [authz_core:debug] [pid 68035] mod_authz_core.c(815): [client 198.51.100.38:55158] AH01626: authorization result of <RequireAny>: granted
[Mon Nov 01 06:42:46.371837 2021] [core:info] [pid 68035] [client 198.51.100.38:55158] AH00128: File does not exist: /srv/nextcloud/html/favicon.ico
[Mon Nov 01 06:42:46.372023 2021] [authz_core:debug] [pid 68035] mod_authz_core.c(815): [client 198.51.100.38:55158] AH01626: authorization result of Require all granted: granted
[Mon Nov 01 06:42:46.372108 2021] [authz_core:debug] [pid 68035] mod_authz_core.c(815): [client 198.51.100.38:55158] AH01626: authorization result of <RequireAny>: granted
[Mon Nov 01 06:42:46.373282 2021] [core:error] [pid 68035] [client 198.51.100.38:55158] AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.
[Mon Nov 01 06:42:46.373383 2021] [core:debug] [pid 68035] core.c(3947): [client 198.51.100.38:55158] AH00121: r->uri = /nextcloud/index.php
[Mon Nov 01 06:42:46.373461 2021] [core:debug] [pid 68035] core.c(3953): [client 198.51.100.38:55158] AH00122: redirected from r->uri = /nextcloud/index.php
[Mon Nov 01 06:42:46.373535 2021] [core:debug] [pid 68035] core.c(3953): [client 198.51.100.38:55158] AH00122: redirected from r->uri = /nextcloud/index.php
[Mon Nov 01 06:42:46.373608 2021] [core:debug] [pid 68035] core.c(3953): [client 198.51.100.38:55158] AH00122: redirected from r->uri = /nextcloud/index.php
[Mon Nov 01 06:42:46.373680 2021] [core:debug] [pid 68035] core.c(3953): [client 198.51.100.38:55158] AH00122: redirected from r->uri = /nextcloud/index.php
[Mon Nov 01 06:42:46.373754 2021] [core:debug] [pid 68035] core.c(3953): [client 198.51.100.38:55158] AH00122: redirected from r->uri = /nextcloud/index.php
[Mon Nov 01 06:42:46.373826 2021] [core:debug] [pid 68035] core.c(3953): [client 198.51.100.38:55158] AH00122: redirected from r->uri = /nextcloud/index.php
[Mon Nov 01 06:42:46.373898 2021] [core:debug] [pid 68035] core.c(3953): [client 198.51.100.38:55158] AH00122: redirected from r->uri = /nextcloud/index.php
[Mon Nov 01 06:42:46.373971 2021] [core:debug] [pid 68035] core.c(3953): [client 198.51.100.38:55158] AH00122: redirected from r->uri = /nextcloud/index.php
[Mon Nov 01 06:42:46.374044 2021] [core:debug] [pid 68035] core.c(3953): [client 198.51.100.38:55158] AH00122: redirected from r->uri = /nextcloud/
[Mon Nov 01 06:42:46.374116 2021] [core:debug] [pid 68035] core.c(3953): [client 198.51.100.38:55158] AH00122: redirected from r->uri = /favicon.ico
[Mon Nov 01 06:42:46.374214 2021] [headers:debug] [pid 68035] mod_headers.c(890): AH01503: headers: ap_headers_error_filter()
The intention is to use Nextcloud's configuration to rewrite its URLs nicely, and to use Apache Redirect
to redirect HTTP requests to the equivalent HTTPS. What is wrong here, and how do I achieve this correctly?
0 Answers