Owncloud behind Nginx (docker containers) not logging remote client IPNginx proxy pass works for https but not httpnginx load balancer rewrite to listen portnginx proxy redirecting request to different proxyNginx subversion commit failureNginx/Apache: set HSTS only if X-Forwarded-Proto is httpsnginx rewrite throw 404 with last and breaknginx reverse proxy hide login query also on 301 redirect or full qualified urlNginx aliases and proxy_passConfigure NGINX : How to handle 500 Error on upstream itself, While Nginx handle other 5xx errorsNginx reverse proxy to many local servers + webserver duty

Is it a bad idea to to run 24 tap and shock lands in standard

How creative should the DM let an artificer be in terms of what they can build?

Can the removal of a duty-free sales trolley result in a measurable reduction in emissions?

What is the purpose of bonds within an investment portfolio?

How to hide rifle during medieval town entrance inspection?

Why am I Seeing A Weird "Notch" on the Data Line For Some Logical 1s?

What is the color of artificial intelligence?

Specific use case of to_address

Longest bridge/tunnel that can be cycled over/through?

Getting UPS Power from One Room to Another

How to learn Linux system internals

Explain the ending of Black Mirror's "Smithereens"

Fermat's statement about the ancients: How serious was he?

How to publish items after pipeline is finished?

Why do American speakers pronounce "the" as "/ðə/" before vowels?

Return a String containing only alphabets without spaces

Non-aqueous eyes?

What does 思ってやっている mean?

Why not invest in precious metals?

How can I remove material from this wood beam?

How come the nude protesters were not arrested?

Why am I getting a strange double quote (“) in Open Office instead of the ordinary one (")?

Scientist couple raises alien baby

Is it safe to change the harddrive power feature so that it never turns off?



Owncloud behind Nginx (docker containers) not logging remote client IP


Nginx proxy pass works for https but not httpnginx load balancer rewrite to listen portnginx proxy redirecting request to different proxyNginx subversion commit failureNginx/Apache: set HSTS only if X-Forwarded-Proto is httpsnginx rewrite throw 404 with last and breaknginx reverse proxy hide login query also on 301 redirect or full qualified urlNginx aliases and proxy_passConfigure NGINX : How to handle 500 Error on upstream itself, While Nginx handle other 5xx errorsNginx reverse proxy to many local servers + webserver duty






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








1















For some reason my Owncloud container behind an Nginx reverse proxy is not logging the remote client IP but the Nginx IP. Please check below my config files for Nginx. I've tried multiple solutions modifying the Nginx proxy_set_headers directives without success.



The Nginx server is correctly sending the headers to the Owncloud server:



 "HTTP Headers Information": {
 "HTTP Request": "GET /apps/configreport/report HTTP/1.1",
 "X-Real-IP": "CLIENT_IP",
 "X-Forwarded-For": "CLIENT_IP",
 "X-Forwarded-Proto": "https",
 "X-Forwarded-Host": "mydomain:port",
 "X-Forwarded-Ssl": "on",


However, the REMOTE_ADDR var in the Apache environment is being set to the Nginx server IP.



I tried the RemoteIP module loaded in the Owncloud docker image but the Nginx IP still gets logged.



Any ideas?



Nginx.conf:



server 
listen 8989 ssl;
listen [::]:8989 ssl;

server_name _;

add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";
include /config/nginx/ssl.conf;

client_max_body_size 0;

server_tokens off;
more_clear_headers Server;

location / 
 proxy_pass http://owncloud:8080;
 include /config/nginx/proxy.conf;




Proxy.conf:



client_body_buffer_size 128k;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
send_timeout 5m;
proxy_read_timeout 240;
proxy_send_timeout 240;
proxy_connect_timeout 240;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Ssl on;
proxy_redirect http:// $scheme://;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 32 4k;
proxy_headers_hash_bucket_size 128;
proxy_headers_hash_max_size 1024;





nginx proxy reverse-proxy docker owncloud







share|improve this question
























  • Your nginx configuration is fine. You need to be looking at your Apache configuration. Or just get rid of Apache and have nginx serve nextcloud directly.

    – Michael Hampton
    May 24 at 16:22











  • I've manage to catch the real IP by changing the log format of Apache to LogFormat "%X-Forwarded-Fori %h %l %u %t "%r" %>s %b "%Refereri" "%User-Agenti " combine. Is there a way not to re-built the docker Owncloud image in order to make this change permanent?

    – ascub
    May 24 at 17:52











  • Oops, I missed the bit about using a Docker container. You're probably screwed then.

    – Michael Hampton
    May 25 at 17:55

















1















For some reason my Owncloud container behind an Nginx reverse proxy is not logging the remote client IP but the Nginx IP. Please check below my config files for Nginx. I've tried multiple solutions modifying the Nginx proxy_set_headers directives without success.



The Nginx server is correctly sending the headers to the Owncloud server:



 "HTTP Headers Information": {
 "HTTP Request": "GET /apps/configreport/report HTTP/1.1",
 "X-Real-IP": "CLIENT_IP",
 "X-Forwarded-For": "CLIENT_IP",
 "X-Forwarded-Proto": "https",
 "X-Forwarded-Host": "mydomain:port",
 "X-Forwarded-Ssl": "on",


However, the REMOTE_ADDR var in the Apache environment is being set to the Nginx server IP.



I tried the RemoteIP module loaded in the Owncloud docker image but the Nginx IP still gets logged.



Any ideas?



Nginx.conf:



server 
listen 8989 ssl;
listen [::]:8989 ssl;

server_name _;

add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";
include /config/nginx/ssl.conf;

client_max_body_size 0;

server_tokens off;
more_clear_headers Server;

location / 
 proxy_pass http://owncloud:8080;
 include /config/nginx/proxy.conf;




Proxy.conf:



client_body_buffer_size 128k;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
send_timeout 5m;
proxy_read_timeout 240;
proxy_send_timeout 240;
proxy_connect_timeout 240;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Ssl on;
proxy_redirect http:// $scheme://;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 32 4k;
proxy_headers_hash_bucket_size 128;
proxy_headers_hash_max_size 1024;





nginx proxy reverse-proxy docker owncloud







share|improve this question
























  • Your nginx configuration is fine. You need to be looking at your Apache configuration. Or just get rid of Apache and have nginx serve nextcloud directly.

    – Michael Hampton
    May 24 at 16:22











  • I've manage to catch the real IP by changing the log format of Apache to LogFormat "%X-Forwarded-Fori %h %l %u %t "%r" %>s %b "%Refereri" "%User-Agenti " combine. Is there a way not to re-built the docker Owncloud image in order to make this change permanent?

    – ascub
    May 24 at 17:52











  • Oops, I missed the bit about using a Docker container. You're probably screwed then.

    – Michael Hampton
    May 25 at 17:55













1












1








1








For some reason my Owncloud container behind an Nginx reverse proxy is not logging the remote client IP but the Nginx IP. Please check below my config files for Nginx. I've tried multiple solutions modifying the Nginx proxy_set_headers directives without success.



The Nginx server is correctly sending the headers to the Owncloud server:



 "HTTP Headers Information": {
 "HTTP Request": "GET /apps/configreport/report HTTP/1.1",
 "X-Real-IP": "CLIENT_IP",
 "X-Forwarded-For": "CLIENT_IP",
 "X-Forwarded-Proto": "https",
 "X-Forwarded-Host": "mydomain:port",
 "X-Forwarded-Ssl": "on",


However, the REMOTE_ADDR var in the Apache environment is being set to the Nginx server IP.



I tried the RemoteIP module loaded in the Owncloud docker image but the Nginx IP still gets logged.



Any ideas?



Nginx.conf:



server 
listen 8989 ssl;
listen [::]:8989 ssl;

server_name _;

add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";
include /config/nginx/ssl.conf;

client_max_body_size 0;

server_tokens off;
more_clear_headers Server;

location / 
 proxy_pass http://owncloud:8080;
 include /config/nginx/proxy.conf;




Proxy.conf:



client_body_buffer_size 128k;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
send_timeout 5m;
proxy_read_timeout 240;
proxy_send_timeout 240;
proxy_connect_timeout 240;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Ssl on;
proxy_redirect http:// $scheme://;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 32 4k;
proxy_headers_hash_bucket_size 128;
proxy_headers_hash_max_size 1024;





nginx proxy reverse-proxy docker owncloud







share|improve this question
















For some reason my Owncloud container behind an Nginx reverse proxy is not logging the remote client IP but the Nginx IP. Please check below my config files for Nginx. I've tried multiple solutions modifying the Nginx proxy_set_headers directives without success.



The Nginx server is correctly sending the headers to the Owncloud server:



 "HTTP Headers Information": {
 "HTTP Request": "GET /apps/configreport/report HTTP/1.1",
 "X-Real-IP": "CLIENT_IP",
 "X-Forwarded-For": "CLIENT_IP",
 "X-Forwarded-Proto": "https",
 "X-Forwarded-Host": "mydomain:port",
 "X-Forwarded-Ssl": "on",


However, the REMOTE_ADDR var in the Apache environment is being set to the Nginx server IP.



I tried the RemoteIP module loaded in the Owncloud docker image but the Nginx IP still gets logged.



Any ideas?



Nginx.conf:



server 
listen 8989 ssl;
listen [::]:8989 ssl;

server_name _;

add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";
include /config/nginx/ssl.conf;

client_max_body_size 0;

server_tokens off;
more_clear_headers Server;

location / 
 proxy_pass http://owncloud:8080;
 include /config/nginx/proxy.conf;




Proxy.conf:



client_body_buffer_size 128k;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
send_timeout 5m;
proxy_read_timeout 240;
proxy_send_timeout 240;
proxy_connect_timeout 240;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Ssl on;
proxy_redirect http:// $scheme://;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 32 4k;
proxy_headers_hash_bucket_size 128;
proxy_headers_hash_max_size 1024;





nginx proxy reverse-proxy docker owncloud




nginx proxy reverse-proxy docker owncloud






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited May 25 at 17:50







ascub

















asked May 24 at 14:41









ascubascub

63




63












  • Your nginx configuration is fine. You need to be looking at your Apache configuration. Or just get rid of Apache and have nginx serve nextcloud directly.

    – Michael Hampton
    May 24 at 16:22











  • I've manage to catch the real IP by changing the log format of Apache to LogFormat "%X-Forwarded-Fori %h %l %u %t "%r" %>s %b "%Refereri" "%User-Agenti " combine. Is there a way not to re-built the docker Owncloud image in order to make this change permanent?

    – ascub
    May 24 at 17:52











  • Oops, I missed the bit about using a Docker container. You're probably screwed then.

    – Michael Hampton
    May 25 at 17:55

















  • Your nginx configuration is fine. You need to be looking at your Apache configuration. Or just get rid of Apache and have nginx serve nextcloud directly.

    – Michael Hampton
    May 24 at 16:22











  • I've manage to catch the real IP by changing the log format of Apache to LogFormat "%X-Forwarded-Fori %h %l %u %t "%r" %>s %b "%Refereri" "%User-Agenti " combine. Is there a way not to re-built the docker Owncloud image in order to make this change permanent?

    – ascub
    May 24 at 17:52











  • Oops, I missed the bit about using a Docker container. You're probably screwed then.

    – Michael Hampton
    May 25 at 17:55
















Your nginx configuration is fine. You need to be looking at your Apache configuration. Or just get rid of Apache and have nginx serve nextcloud directly.

– Michael Hampton
May 24 at 16:22





Your nginx configuration is fine. You need to be looking at your Apache configuration. Or just get rid of Apache and have nginx serve nextcloud directly.

– Michael Hampton
May 24 at 16:22













I've manage to catch the real IP by changing the log format of Apache to LogFormat "%X-Forwarded-Fori %h %l %u %t "%r" %>s %b "%Refereri" "%User-Agenti " combine. Is there a way not to re-built the docker Owncloud image in order to make this change permanent?

– ascub
May 24 at 17:52





I've manage to catch the real IP by changing the log format of Apache to LogFormat "%X-Forwarded-Fori %h %l %u %t "%r" %>s %b "%Refereri" "%User-Agenti " combine. Is there a way not to re-built the docker Owncloud image in order to make this change permanent?

– ascub
May 24 at 17:52













Oops, I missed the bit about using a Docker container. You're probably screwed then.

– Michael Hampton
May 25 at 17:55





Oops, I missed the bit about using a Docker container. You're probably screwed then.

– Michael Hampton
May 25 at 17:55










1 Answer
1






active

oldest

votes


















0














I've manage to catch the real IP by changing the log format of Apache to 



LogFormat "%X-Forwarded-Fori %h %l %u %t "%r" %>s %b "%Refereri" "%User-Agenti " combine





share|improve this answer























    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "2"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f968724%2fowncloud-behind-nginx-docker-containers-not-logging-remote-client-ip%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    I've manage to catch the real IP by changing the log format of Apache to 



    LogFormat "%X-Forwarded-Fori %h %l %u %t "%r" %>s %b "%Refereri" "%User-Agenti " combine





    share|improve this answer



























      0














      I've manage to catch the real IP by changing the log format of Apache to 



      LogFormat "%X-Forwarded-Fori %h %l %u %t "%r" %>s %b "%Refereri" "%User-Agenti " combine





      share|improve this answer

























        0












        0








        0







        I've manage to catch the real IP by changing the log format of Apache to 



        LogFormat "%X-Forwarded-Fori %h %l %u %t "%r" %>s %b "%Refereri" "%User-Agenti " combine





        share|improve this answer













        I've manage to catch the real IP by changing the log format of Apache to 



        LogFormat "%X-Forwarded-Fori %h %l %u %t "%r" %>s %b "%Refereri" "%User-Agenti " combine






        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered May 25 at 17:49









        ascubascub

        63




        63



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Server Fault!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f968724%2fowncloud-behind-nginx-docker-containers-not-logging-remote-client-ip%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            How to write a 12-bar blues melodyI-IV-V blues progressionHow to play the bridges in a standard blues progressionHow does Gdim7 fit in C# minor?question on a certain chord progressionMusicology of Melody12 bar blues, spread rhythm: alternative to 6th chord to avoid finger stretchChord progressions/ Root key/ MelodiesHow to put chords (POP-EDM) under a given lead vocal melody (starting from a good knowledge in music theory)Are there “rules” for improvising with the minor pentatonic scale over 12-bar shuffle?Confusion about blues scale and chords

            Image
            Why is a set not a partition of itself? Would an 8% reduction in drag outweigh the weight addition from this custom CFD-tested winglet? Labeling matrices/rectangles and drawing Sigma inside rectangle Unexpected Netflix account registered to my Gmail address - any way it could be a hack attempt? 51% attack - apparently very easy? refering to CZ's "rollback btc chain" - How to make sure such corruptible scenario can never happen so easily? Missouri raptors have wild hairdos Can someone explain homicide-related death rates? Why is tomato paste so cheap? What are the implications of the new alleged key recovery attack preprint on SIMON? Effects of ~10atm pressure on engine design Is taking modulus on both sides of an equation valid? Jumping frame contents with beamer and pgfplots Are there any established rules for splitting books into parts, chapters, sections etc? Anatomically Correct Carnivorous Tree Why do I get two different answers when solvi...
            Read more

            What if the end-user didn't have the required library?What is setup.py?What is a clean, pythonic way to have multiple constructors in Python?What does Ruby have that Python doesn't, and vice versa?What is the reason for having '//' in Python?How do I create a namespace package in Python?How to package shared objects that python modules depend on?setuptools vs. distutils: why is distutils still a thing?Navigation in Windows 10 vs code not going to virtualenv library when the same library is installed at user levelPython create package for local usePackaging a project that uses multiple python versionsWhy is permission denied on pip install except for when “--user” is included at end of command?

            Image
            Can a tourist shoot a gun in the USA? Will a coyote attack my dog on a leash while I'm on a hiking trail? Labeling matrices/rectangles and drawing Sigma inside rectangle How can I answer high-school writing prompts without sounding weird and fake? Is there ever any indication in the MCU as to how Spider-Man got his powers? Jumping frame contents with beamer and pgfplots Would an 8% reduction in drag outweigh the weight addition from this custom CFD-tested winglet? Is it possible to create different colors in rocket exhaust? German characters on US-International keyboard layout Does gravity affect the time evolution of a QM wave function? 51% attack - apparently very easy? refering to CZ's "rollback btc chain" - How to make sure such corruptible scenario can never happen so easily? Why are solar panels kept tilted? Is Germany still exporting arms to countries involved in Yemen? Unexpected Netflix account registered to my Gmail address - any wa...
            Read more

            Esgonzo ibérico Índice Descrición Distribución Hábitat Ameazas Notas Véxase tamén "Acerca dos nomes dos anfibios e réptiles galegos""Chalcides bedriagai"Chalcides bedriagai en Carrascal, L. M. Salvador, A. (Eds). Enciclopedia virtual de los vertebrados españoles. Museo Nacional de Ciencias Naturales, Madrid. España.Fotos

            Image
            escíncidospenínsula Ibéricaesgonzo comúnJacques von Bedriagaesgonzo comúndimorfismo sexualovovivíparaendémicaPenínsula IbéricaCordilleira CantábricaAsturiasPaís VascoGaliciaRías BaixasMurosCarnotaillas CíesOnsAtlánticoIllas CíesIlla de Onsilla do PesegueiroIlla de Sancti PetriMediterráneoMar MenorIlla de TabarcaGaliciaCantabriaBurgossolosdestrución do hábitatIUCN Abrir o menú principal Procurar Esgonzo ibérico Ler noutra lingua Vixiar esta páxina Editar function mfTempOpenSection(id)var block=document.getElementById("mf-section-"+id);block.className+=" open-block";block.previousSibling.className+=" open-block"; Esgonzo ibérico Estado de conservación Case ameazada Clasificaci...
            Read more