I recently deployed Nextcloud, and while everything
was more or less working out of the box,
the Android application
didn't want to let me log in at all: it kept hitting a
http 303 and showing me an Access
forbidden State token does not match error.
After having had a ton of fun debugging it, here is the summary:
I'm using a reverse-proxy in front on my instance,
with 'overwrite.cli.url' => 'http://cloud.dustri.org' and 'overwriteprotocol' => 'https'
in my Nextcloud's config/config.php, and it seems that I forgot to pass the correct™ headers
through my reverse-proxy. Throwing the following lines into your nginx
configuration should fix the issue:
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
// […]
}