Using Redis docker container can't connect to push server. #678
Description
How to use GitHub
- Please use the 👍 reaction to show that you are affected by the same issue.
- Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
- Subscribe to receive notifications on status change and new comments.
Steps to reproduce
- running NC 32 via Docker Compose, using official NC FPM containers and a Redis container (with password) for caching and notify_push, specifying redis port and password in NC config.php.
- configured nginx container's nginx.conf for push notifications via
- ran ./occ notify_push:set up https://hub.magnificent.nz/push
Expected behaviour
I expect to see:
- redis is configured
- connected to push server
... other positive messages.
Actual behaviour
I see:
- redis is configured
- x can't connect to push server: Server error:
GET https://hub.magnificent.nz/push/test/cookieresulted in a502 Bad Gateway
In the Redis container log, I see the following message:
"Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance. Connection from 172.20.0.1:60848 aborted."
Could this be due to the notify_push:setup script not sending the Redis password? It is set correctly in the relevant part of config.php (and redis works for caching)
Server configuration
Web server: Nginx (container and reverse proxy)
Database: MariaDB
PHP version: 8.3.30
Nextcloud version: 32.0.5
List of activated apps
Enabled: - activity: 5.0.0-dev.0 - admin_audit: 1.22.0 - announcementcenter: 7.3.0 - bbb: 2.9.1 - bruteforcesettings: 5.0.0-dev.0 - calendar: 6.1.5 - circles: 32.0.0 - cloud_federation_api: 1.16.0 - comments: 1.22.0 - contacts: 8.3.1 - contactsinteraction: 1.13.1 - dashboard: 7.12.0 - dav: 1.34.2 - deck: 1.16.3 - federatedfilesharing: 1.22.0 - federation: 1.22.0 - files: 2.4.0 - files_downloadlimit: 5.0.0-dev.0 - files_pdfviewer: 5.0.0-dev.0 - files_reminders: 1.5.0 - files_sharing: 1.24.1 - files_trashbin: 1.22.0 - files_versions: 1.25.0 - firstrunwizard: 5.0.0-dev.0 - forms: 5.2.4 - logreader: 5.0.0-dev.0 - lookup_server_connector: 1.20.0 - mail: 5.6.9 - nextcloud_announcements: 4.0.0-dev.0 - notes: 4.12.4 - notifications: 5.0.0-dev.0 - notify_push: 1.3.0 - oauth2: 1.20.0 - onlyoffice: 9.12.0 - password_policy: 4.0.0-dev.0 - polls: 8.6.3 - privacy: 4.0.0-dev.0 - profile: 1.1.0 - provisioning_api: 1.22.0 - recommendations: 5.0.0-dev.0 - registration: 2.8.0 - related_resources: 3.0.0-dev.0 - richdocumentscode: 25.4.702 - serverinfo: 4.0.0-dev.0 - settings: 1.15.1 - sharebymail: 1.22.0 - spreed: 22.0.8 - support: 4.0.0-dev.0 - survey_client: 4.0.0-dev.0 - suspicious_login: 10.0.0-dev.0 - systemtags: 1.22.0 - text: 6.0.1 - theming: 2.7.0 - twofactor_backupcodes: 1.21.0 - twofactor_email: 2.8.4 - twofactor_nextcloud_notification: 6.0.0-dev.0 - updatenotification: 1.22.0 - user_saml: 7.1.2 - user_status: 1.12.0 - viewer: 5.0.0-dev.0 - weather_status: 1.12.0 - webhook_listeners: 1.3.0 - workflowengine: 2.14.0 Disabled: - app_api: 32.0.0 (installed 32.0.0) - encryption: 2.20.0 - files_external: 1.24.1 - photos: 5.0.0-dev.1 (installed 4.0.0) - twofactor_totp: 14.0.0 - user_ldap: 1.23.0 - whiteboard: 1.5.3 (installed 1.5.3)Nextcloud configuration
{ "system": { "memcache.local": "\\OC\\Memcache\\APCu", "apps_paths": [ { "path": "\/var\/www\/html\/apps", "url": "\/apps", "writable": false }, { "path": "\/var\/www\/html\/custom_apps", "url": "\/custom_apps", "writable": true } ], "memcache.distributed": "\\OC\\Memcache\\Redis", "memcache.locking": "\\OC\\Memcache\\Redis", "redis": { "host": "***REMOVED SENSITIVE VALUE***", "password": "***REMOVED SENSITIVE VALUE***", "port": 6379 }, "upgrade.disable-web": true, "instanceid": "***REMOVED SENSITIVE VALUE***", "passwordsalt": "***REMOVED SENSITIVE VALUE***", "secret": "***REMOVED SENSITIVE VALUE***", "trusted_domains": [ "hub.magnificent.nz" ], "trusted_proxies": "***REMOVED SENSITIVE VALUE***", "datadirectory": "***REMOVED SENSITIVE VALUE***", "default_phone_region": "NZ", "dbtype": "mysql", "version": "32.0.5.0", "overwrite.cli.url": "https:\/\/hub.magnificent.nz", "dbname": "***REMOVED SENSITIVE VALUE***", "dbhost": "***REMOVED SENSITIVE VALUE***", "dbport": "", "dbtableprefix": "oc_", "mysql.utf8mb4": true, "dbuser": "***REMOVED SENSITIVE VALUE***", "dbpassword": "***REMOVED SENSITIVE VALUE***", "installed": true, "mail_from_address": "***REMOVED SENSITIVE VALUE***", "mail_smtpmode": "smtp", "mail_sendmailmode": "smtp", "mail_domain": "***REMOVED SENSITIVE VALUE***", "mail_smtphost": "***REMOVED SENSITIVE VALUE***", "mail_smtpport": "587", "mail_smtpauth": true, "mail_smtpname": "***REMOVED SENSITIVE VALUE***", "mail_smtppassword": "***REMOVED SENSITIVE VALUE***", "maintenance_window_start": 13, "maintenance": false, "loglevel": 2, "defaultapp": "dashboard,files" } }Browser
Browser name: Firefox
Browser version: 147
Operating system: Linux