Could someone please confirm the travis error:

The command "bash -c "[[ $hash_before = $(git add -A && git write-tree) ]]"" exited with 1.
Skipping the after_script stage due to the configuration.

is related to my change? I'm happy to dig further to figure it out. Just checking that I'm not chasing a gost ;-)

For the record, I have manually tested the changes with

• cd docker/13.0/apache
• sudo docker build -t nextcloud:apache .
• cd docker/.examples/docker-compose/with-nginx-proxy/postgres/apache
• sudo docker-compose up app
• login with a wrong password
• login with the right password
• go to /settings/admin/logging and verify the failed login attempt is recorded with the remote-ip instead of the local ip

This file is generated by script.
Could you add your change to https://github.com/nextcloud/docker/blob/master/update.sh#L20
(then in another commit, run the script itself to update the images)

Nice to see you contribute here, I've been following your work on ceph.

This file is generated by script.

Oh, thanks for the hint, will do!

Nice to see you contribute here, I've been following your work on ceph.

Thank you for the kind words, makes me feel very welcome :-)

the 2 commits, can be in the same PR, it just ease the reviewing to separate them.

@pierreozoux Ok, will do, thanks for the advice :-D

All pass except https://travis-ci.org/nextcloud/docker/jobs/360574391 because travis has trouble reaching the keyserver. Should I force-repush to trigger another build? It looks like that kind of transient error is fairly common so maybe you prefer to force-merge instead of wasting additional CI runs? I'm happy either way, just let me know ;-)

 gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 28806A878AE423A28372792ED75899B9A724937A
gpg: keybox '/tmp/tmp.AEdOLd/pubring.kbx' created
gpg: keyserver receive failed: Address not available

One last question, in nginx, you have to tell from whom to trust who can set this header, here in apache, there is no such mechanism? It will just trust everybody including me?

in apache, there is no such mechanism?

There is but I misread the documentation and incorrectly concluded it would only allow internal IPs by default. Fixing that, thanks for catching this mistake!

Added the suggested internal IP ranges and manually tested they work as expected on a live instance.

RemoteIPHeader X-Real-IP
RemoteIPTrustedProxy 10.0.0.0/8
RemoteIPTrustedProxy 172.16.0.0/12
RemoteIPTrustedProxy 192.168.0.0/16

• https://travis-ci.org/nextcloud/docker/jobs/360632955
• https://travis-ci.org/nextcloud/docker/jobs/360632956
• https://travis-ci.org/nextcloud/docker/jobs/360632957
• https://travis-ci.org/nextcloud/docker/jobs/360632958

W: Failed to fetch http://deb.debian.org/debian/dists/jessie-updates/main/binary-amd64/Packages  Hash Sum mismatch

transient error apparently. I won't repush since it seems more effective for someone with access to re-start the failed jobs instead.

@dachary i removed the Fixes: #294 because this only fixes it for apache and not fpm

@tilosp modified and repushed, thanks for your review :-)

@tilosp thanks for the detailed instructions, it makes it super easy for me :-) Amended and repushed !

Thanks both of you for the nice work!

@pierreozoux silly question: when and how is this going to show in the docker hub?

I think the docker bot runs once a day.