Nextcloud always giving HTTP URL to Collabora despite HTTPS overwrite #2548
Description
When running behind a reverse proxy which has "Force SSL" enabled, Collabora fails to load because it tries to fetch the documents via HTTP instead of HTTPS and fails when it encounters the redirection response.
Here are the environment variables for the NextCloud container, where I have set both the HTTP protocol overwrite and URL overwrite, but no matter what Collabora still only received the HTTP version of the URL and not HTTPS.
"OVERWRITEPROTOCOL=https",
"POSTGRES_PASSWORD=*******",
"POSTGRES_HOST=postgres:5432",
"UMASK_SET=002",
"TZ=America/Montreal",
"OVERWRITECLIURL=https://cloud.*******",
"REDIS_HOST_PORT=6379",
"NEXTCLOUD_TRUSTED_DOMAINS=127.0.0.1 localhost nextcloud cloud.*******",
"NEXTCLOUD_DATA_DIR=/var/www/html/data",
"REDIS_HOST_PASSWORD=*******",
"REDIS_HOST=redis",
"OVERWRITECONDADDR=^192\\.168\\.18\\.[0-9]+$",
"PHP_MEMORY_LIMIT=512M",
"PHP_UPLOAD_LIMIT=3G",
"POSTGRES_USER=nextcloud",
"NEXTCLOUD_ADMIN_USER=admin",
"NVIDIA_VISIBLE_DEVICES=void",
"TRUSTED_PROXIES=[\"192.168.18.0/24\"]",
"POSTGRES_DB=nextcloud",
"UMASK=002",
"NEXTCLOUD_ADMIN_PASSWORD=*******",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"PHPIZE_DEPS=autoconf \t\tdpkg-dev \t\tfile \t\tg++ \t\tgcc \t\tlibc-dev \t\tmake \t\tpkg-config \t\tre2c",
"PHP_INI_DIR=/usr/local/etc/php",
"APACHE_CONFDIR=/etc/apache2",
"APACHE_ENVVARS=/etc/apache2/envvars",
"PHP_CFLAGS=-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64",
"PHP_CPPFLAGS=-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64",
"PHP_LDFLAGS=-Wl,-O1 -pie",
"GPG_KEYS=*******",
"PHP_VERSION=8.4.18",
"PHP_URL=https://www.php.net/distributions/php-8.4.18.tar.xz",
"PHP_ASC_URL=https://www.php.net/distributions/php-8.4.18.tar.xz.asc",
"PHP_SHA256=957a9b19b4a8e965ee0cc788ca74333bfffaadc206b58611b6cd3cc8b2f40110",
"PHP_OPCACHE_MEMORY_CONSUMPTION=128",
"APACHE_BODY_LIMIT=1073741824",
"NEXTCLOUD_VERSION=33.0.0"
From the Collabora logs:
wsd-00001-00033 2026-03-19 09:06:57.392925 -0400 [ websrv_poll ] ERR #30: Exception while processing incoming request: POSTHTTP/1.1 /browser/dist/fetch-settings-file, length: 434, chunked: false, closeConnection false, Connection: keep-alive / Host: docs.******* / X-Forwarded-Scheme: https / X-Forwarded-Proto: https / X-Forwarded-For: 192.168.18.27 / X-Real-IP: 192.168.18.27 / Content-Length: 434 / User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:146.0) Gecko/20100101 Firefox/146.0 / Accept: */* / Accept-Language: fr-CA,en-US;q=0.7,en;q=0.3 / Accept-Encoding: gzip, deflate, br, zstd / Authorization: Bearer ******* / Content-Type: multipart/form-data; boundary=----geckoformboundary643108b2179f605098399c4dc7068914 / Origin: https://docs.******* / Sec-GPC: 1 / Sec-Fetch-Dest: empty / Sec-Fetch-Mode: cors / Sec-Fetch-Site: same-origin / Priority: u=4, socket-data: []: Integrator wopi call failed: Moved Permanently. Response: <html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>openresty</center>
</body>
</html>
| wsd/ClientRequestDispatcher.cpp:1285
wsd-00001-00033 2026-03-19 09:07:18.335971 -0400 [ websrv_poll ] ERR Failed to get settings json from [http://cloud.*******/index.php/apps/richdocuments/wopi/settings?type=systemconfig&access_token=*******&fileId=-1] with status[Moved Permanently]| wsd/DocumentBroker.cpp:2005
When NextCloud is configured work behind a remote proxy providing HTTPS, and even says on the Office settings page that the URL used by Collabora is HTTPS, it is surprising that it is really giving it an HTTP URL.
P.S.
It would really be great if we were able to configure that URL from the Office Settings page instead of having NextCloud forcing the use of the server's public address, that way not only could this issue be easily solved but we could have Collabora access Nextcloud through the local network instead to retrieve the documents being edited which would be more efficient.