docs(admin): add nginx tips for Unix socket proxy and HTTP/3 host detection

[skjnldsv]

☑️ Resolves

• Fix "unix:" remote_addr is being parsed as an IP #12908
• Relates to Nginx and HTTP/3 #12196

What and why

Two new entries added to the nginx "Tips and tricks" section:

1. Unix domain socket trusted proxy (#12908)

When an upstream proxy (Caddy, HAProxy, another nginx) passes requests to
Nextcloud's nginx via a Unix domain socket, REMOTE_ADDR is set to the
literal string unix: which Nextcloud cannot parse as a trusted proxy IP.
This causes a crash (Unsupported operand types: bool & string in IpAddress.php).

Fix: set_real_ip_from unix:; + real_ip_header X-Forwarded-For; in the
server block listening on the socket. Confirmed working by multiple users.

2. HTTP/3 "access through untrusted domain" (#12196)

Under HTTP/3 (QUIC), nginx may not forward HTTP_HOST to PHP-FPM, causing
Nextcloud to show the untrusted domain error even for correctly configured
trusted_domains.

Fix: explicitly add fastcgi_param HTTP_HOST $host; alongside the other
fastcgi_param directives.

🖼️ Screenshots

No visual/layout changes — prose and code block additions only.

✅ Checklist

• I have built the documentation locally and reviewed the output
• Screenshots are included for visual changes
• I have not moved or renamed pages (or added a redirect if I did)
• I have run codespell or similar and addressed any spelling issues

[skjnldsv]

Sources for the socket part https://help.nextcloud.com/t/trusted-proxy-on-unix-domain-socket/162670

[github-actions]

📖 Documentation Preview

🔍 Open preview →

📄 1 changed documentation page

• admin_manual/installation/nginx.rst

Last updated: Thu, 21 May 2026 11:07:42 GMT

[susnux]

seems to be good