diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index 7ac5d955..18dc9b48 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -516,6 +516,9 @@ fi chmod 775 -R /var/www/html/custom_apps/notify_push/bin/ php /var/www/html/occ config:system:set trusted_proxies 0 --value="127.0.0.1" php /var/www/html/occ config:system:set trusted_proxies 1 --value="::1" +if [ -n "$ADDITIONAL_TRUSTED_PROXY" ]; then + php /var/www/html/occ config:system:set trusted_proxies 2 --value="$ADDITIONAL_TRUSTED_PROXY" +fi php /var/www/html/occ config:app:set notify_push base_endpoint --value="https://$NC_DOMAIN/push" # Collabora @@ -561,6 +564,11 @@ if [ "$COLLABORA_ENABLED" = 'yes' ]; then if ! echo "$COLLABORA_ALLOW_LIST" | grep -q "$PRIVATE_IP_RANGES"; then COLLABORA_ALLOW_LIST+=",$PRIVATE_IP_RANGES" fi + if [ -n "$ADDITIONAL_TRUSTED_PROXY" ]; then + if ! echo "$COLLABORA_ALLOW_LIST" | grep -q "$ADDITIONAL_TRUSTED_PROXY"; then + COLLABORA_ALLOW_LIST+=",$ADDITIONAL_TRUSTED_PROXY" + fi + fi php /var/www/html/occ config:app:set richdocuments wopi_allowlist --value="$COLLABORA_ALLOW_LIST" else echo "Warning: wopi_allowlist is empty which should not be the case!" diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh index b3525ece..54f78987 100755 --- a/nextcloud-aio-helm-chart/update-helm.sh +++ b/nextcloud-aio-helm-chart/update-helm.sh @@ -233,6 +233,8 @@ cat << EOL > /tmp/additional.config value: "{{ .Values.SUBSCRIPTION_KEY }}" - name: APPS_ALLOWLIST value: "{{ .Values.APPS_ALLOWLIST }}" + - name: ADDITIONAL_TRUSTED_PROXY + value: "{{ .Values.ADDITIONAL_TRUSTED_PROXY }}" EOL # shellcheck disable=SC1083 find ./ -name '*nextcloud-deployment.yaml' -exec sed -i "/^.*\- env:/r /tmp/additional.config" \{} \; @@ -280,6 +282,7 @@ cat << ADDITIONAL_CONFIG >> /tmp/sample.conf SUBSCRIPTION_KEY: # This allows to set the Nextcloud Enterprise key via ENV APPS_ALLOWLIST: # This allows to configure allowed apps that will be shown in Nextcloud's Appstore. You need to enter the app-IDs of the apps here and separate them with spaces. E.g. 'files richdocuments' +ADDITIONAL_TRUSTED_PROXY: # Allows to add one additional ip-address to Nextcloud's trusted proxies and to the Office WOPI-allowlist automatically. Set it e.g. like this: 'your.public.ip-address'. You can also use an ip-range here. SMTP_HOST: # (empty by default): The hostname of the SMTP server. SMTP_SECURE: # (empty by default): Set to 'ssl' to use SSL, or 'tls' to use STARTTLS. SMTP_PORT: # (default: '465' for SSL and '25' for non-secure connections): Optional port for the SMTP connection. Use '587' for an alternative port for STARTTLS.