From ca4fd7be304d055e2cbafd2d77810240903e03c1 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 23 Mar 2026 02:27:38 +0000 Subject: [PATCH] fix: hardcode OO domain in Traefik label; Coolify does not expand vars in labels MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - nextcloud/docker-compose.yml: X-Forwarded-Host=onlyoffice.sherlockhomeless.net (was ${OO_DOMAIN} which Coolify leaves unexpanded → OnlyOffice loads assets from https://${oo_domain}/ and editor breaks entirely) - nextcloud/stack.env: update placeholder domains to real ones - COOLIFY-TEMPLATE.md: add Gotcha 6 about label variable expansion Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- COOLIFY-TEMPLATE.md | 18 ++++++++++++++++++ nextcloud/docker-compose.yml | 2 +- nextcloud/stack.env | 8 ++++---- 3 files changed, 23 insertions(+), 5 deletions(-) diff --git a/COOLIFY-TEMPLATE.md b/COOLIFY-TEMPLATE.md index bbdeec2..3aa3280 100644 --- a/COOLIFY-TEMPLATE.md +++ b/COOLIFY-TEMPLATE.md @@ -235,3 +235,21 @@ ls /opt// # ej: /opt/adguard/, /opt/authentik/, /opt/gitea/, etc. Si existe el directorio con datos → usar bind mount a esa ruta. Si no existe → crear el directorio antes de desplegar, o usar named volume. + +### Gotcha 6 — Variables en labels de Traefik NO se expanden en Coolify + +Coolify expande `${VAR}` en la sección `environment:` pero NO en `labels:`. + +```yaml +# ❌ MAL: quedará como literal ${OO_DOMAIN} en el label del contenedor +labels: + - traefik.http.middlewares.foo.headers.customRequestHeaders.X-Forwarded-Host=${OO_DOMAIN} + +# ✅ BIEN: hardcodear el valor real +labels: + - traefik.http.middlewares.foo.headers.customRequestHeaders.X-Forwarded-Host=onlyoffice.sherlockhomeless.net +``` + +Esto afecta especialmente a headers `X-Forwarded-Host` de OnlyOffice — si queda +como literal, el JS de OnlyOffice intenta cargar assets de `https://${oo_domain}/...` +y el editor de documentos falla completamente. diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index 5ca8725..12740c3 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -154,7 +154,7 @@ services: - traefik.http.middlewares.oo-secure-headers.headers.contentTypeNosniff=true - traefik.http.middlewares.oo-forwarded.headers.customRequestHeaders.X-Forwarded-Proto=https - - traefik.http.middlewares.oo-forwarded.headers.customRequestHeaders.X-Forwarded-Host=${OO_DOMAIN} + - traefik.http.middlewares.oo-forwarded.headers.customRequestHeaders.X-Forwarded-Host=onlyoffice.sherlockhomeless.net - traefik.http.middlewares.oo-forwarded.headers.customRequestHeaders.X-Forwarded-Port=443 - traefik.http.middlewares.oo-forwarded.headers.customRequestHeaders.X-Forwarded-Ssl=on diff --git a/nextcloud/stack.env b/nextcloud/stack.env index 821e0e2..53b40b0 100644 --- a/nextcloud/stack.env +++ b/nextcloud/stack.env @@ -1,6 +1,6 @@ TZ=Europe/Madrid -NC_DOMAIN=nextcloud.example.com -OO_DOMAIN=onlyoffice.example.com +NC_DOMAIN=nextcloud.sherlockhomeless.net +OO_DOMAIN=onlyoffice.sherlockhomeless.net TRAEFIK_CERTRESOLVER=letsencrypt TRUSTED_PROXIES=10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 MYSQL_ROOT_PASSWORD=change_me_mysql_root_password_long_and_secure @@ -17,5 +17,5 @@ SMTP_SECURE=tls SMTP_AUTHTYPE= SMTP_NAME= SMTP_PASSWORD= -MAIL_FROM_ADDRESS=nextcloud -MAIL_DOMAIN=example.com +MAIL_FROM_ADDRESS=nextcloud@thehomelesssherlock.com +MAIL_DOMAIN=thehomelesssherlock.com