Nextcloud AppAPI

sziasztok,

Nextcloud 32.0.2-hoz szeretném beállítani az AppAPI-t. a Nextcloud dockerben fut, ugyanoda telepítettem konténerbe a HaRP Proxy-t Docker Compose-zal:

services:
 harp:
   container_name: appapi-harp
   hostname: appapi-harp
   image: ghcr.io/nextcloud/nextcloud-appapi-harp:latest
   restart: unless-stopped
   volumes:
     - /var/run/docker.sock:/var/run/docker.sock
     - ./certs:/certs
   environment:
     - HP_SHARED_KEY="secret"
     - NC_INSTANCE_URL="http://nextcloud.local"
#      - HP_EXAPPS_ADDRESS="0.0.0.0:8780"
   ports:
     - 8780:8780
     - 8782:8782
#    network_mode: host
networks:
 default:
   name: nextcloud
   external: true

container log:

###############################################################################
# FRONTEND: ex_apps_https (only enabled if /certs/cert.pem exists)
###############################################################################
#_HTTPS_FRONTEND_ frontend ex_apps_https
#_HTTPS_FRONTEND_     mode http
#_HTTPS_FRONTEND_     bind 0.0.0.0:8781 ssl crt /certs/cert.pem
#_HTTPS_FRONTEND_     filter spoe engine exapps-spoe config /etc/haproxy/spoe-agent.conf
#_HTTPS_FRONTEND_     http-request silent-drop if { var(txn.exapps.bad_request) -m int eq 1 }
#_HTTPS_FRONTEND_     http-request return status 401 content-type text/plain string "401 Unauthorized" if { var(txn.exapps.unauthorized) -m int eq 1 }
#_HTTPS_FRONTEND_     http-request return status 403 content-type text/plain string "403 Forbidden" if { var(txn.exapps.forbidden) -m int eq 1 }
#_HTTPS_FRONTEND_     http-request return status 404 content-type text/plain string "404 Not Found" if { var(txn.exapps.not_found) -m int eq 1 }
#_HTTPS_FRONTEND_     use_backend %[var(txn.exapps.backend)]
###############################################################################
# BACKENDS: ex_apps & ex_apps_backend_w_bruteforce
###############################################################################
backend ex_apps_backend
   mode http
   server frp_server 0.0.0.0
   http-request set-path %[var(txn.exapps.target_path)]
   http-request set-dst var(txn.exapps.target_ip)
   http-request set-dst-port var(txn.exapps.target_port)
   http-request set-header EX-APP-ID %[var(txn.exapps.exapp_id)]
   http-request set-header EX-APP-VERSION %[var(txn.exapps.exapp_version)]
   http-request set-header AUTHORIZATION-APP-API %[var(txn.exapps.exapp_token)]
   http-request set-header AA-VERSION "32"  # TO-DO: temporary, remove it after we update all ExApps.
backend ex_apps_backend_w_bruteforce
   mode http
   server frp_server 0.0.0.0
   http-request set-path %[var(txn.exapps.target_path)]
   http-request set-dst var(txn.exapps.target_ip)
   http-request set-dst-port var(txn.exapps.target_port)
   http-request set-header EX-APP-ID %[var(txn.exapps.exapp_id)]
   http-request set-header EX-APP-VERSION %[var(txn.exapps.exapp_version)]
   http-request set-header AUTHORIZATION-APP-API %[var(txn.exapps.exapp_token)]
   http-request set-header AA-VERSION "32"  # TO-DO: temporary, remove it after we update all ExApps.
   filter spoe engine exapps-bruteforce-protection-spoe config /etc/haproxy/spoe-agent.conf
###############################################################################
# BACKEND: nextcloud_control (HTTP)
###############################################################################
backend nextcloud_control_backend
   mode http
   server nextcloud_control 127.0.0.1:8200
   http-request set-path %[var(txn.exapps.target_path)]
###############################################################################
# BACKEND: docker_engine (HTTP)
###############################################################################
backend docker_engine_backend
   mode http
   server frp_server 127.0.0.1
   http-request set-dst-port var(txn.exapps.target_port)
   http-request set-path %[var(txn.exapps.target_path)]
   # docker system _ping
   http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/_ping$ } METH_GET
   # docker inspect image
   http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/images/.*/json } METH_GET
   # container inspect: GET containers/%s/json
   http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/nc_app_[a-zA-Z0-9_.-]+/json } METH_GET
   # container inspect: GET containers/%s/logs
   http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/nc_app_[a-zA-Z0-9_.-]+/logs } METH_GET
   # image pull: POST images/create?fromImage=%s
   http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/images/create } METH_POST
   http-request deny
backend agents


   mode tcp
   timeout connect 5s
   timeout server  3m
   option spop-check
   server agent1 127.0.0.1:9600 check
INFO: FRP server configuration generated at /frps.toml.
INFO: Detected /var/run/docker.sock, generating /frpc-docker.toml configuration file...
INFO: Starting Python HaProxy Agent on 127.0.0.1:8200 and 127.0.0.1:9600...
INFO: Waiting for HaRP Agent HTTP (GET http://127.0.0.1:8200/info) to be ready...
INFO: Waiting for SPOA port 127.0.0.1:9600...
INFO: Starting FRP server on 0.0.0.0:8782...
INFO: Waiting for FRP server port 127.0.0.1:8782...
INFO: Starting FRP client for Docker Engine...
INFO: Starting HAProxy...
error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string into Go value of type v1.ClientConfig
[NOTICE]   (1) : Initializing new worker (46)
[NOTICE]   (1) : haproxy version is 3.1.2-cda631a
[WARNING]  (1) : Process 39 exited with code 1 (Exit)
[NOTICE]   (1) : Loading success.
[2025-11-29T17:56:08+0000] [WARNING] Recorded failure for IP 172.23.0.4. Failures in window: 1
[2025-11-29T18:39:49+0000] [WARNING] Recorded failure for IP 172.23.0.4. Failures in window: 1
[2025-11-29T18:47:45+0000] [ERROR] Invalid request path, cannot find AppID: /v1.41/_ping
[2025-11-29T18:47:45+0000] [WARNING] Recorded failure for IP 172.23.0.4. Failures in window: 1
[2025-11-29T18:50:22+0000] [WARNING] Recorded failure for IP 172.23.0.4. Failures in window: 2
[2025-11-29T18:51:07+0000] [WARNING] Recorded failure for IP 172.23.0.4. Failures in window: 3
[2025-11-29T18:51:17+0000] [WARNING] Recorded failure for IP 172.23.0.4. Failures in window: 4
[2025-11-29T18:51:54+0000] [WARNING] Recorded failure for IP 172.23.0.4. Failures in window: 5
[2025-12-01T13:09:22+0000] [WARNING] Recorded failure for IP 172.23.0.4. Failures in window: 1

Nextcloud Register Deploy-daemon:

Daemon configuration template: HaRP Proxy (Docker)
Surname: harp_proxy_docker
Display name: HaRP Proxy (Docker)
Deployment method: docker-install
HaRP host: appapi-harp:8782
HaRP shared key: secret
Nextcloud URL: cloud.FQDN.com
FRP server address: appapi-harp:8782
Docker socket proxy port: 24000
Docker network: nextcloud
Compute device: CPU

Nextcloud log:

ClientExceptionClient error: `GET http://appapi-harp:8780/exapps/app_api/v1.41/_ping` resulted in a `401 Unauthorized` response: 401 Unauthorized

Could not connect to Docker daemon via http://appapi-harp:8780/exapps/app_api/v1.41/_ping

valakinek sikerült már ezt életre keltenie? mi a titok?

köszi.