nextcloud + broken reverse proxy

[phier]

hi,
i installed nextcloud using @danb35 script (https://www.truenas.com/community/threads/nextcloud-lets-encrypt-missing.102973/page-2#post-708859)
but i am having issue to setup proper reverse proxy.

I do not understand how can my proxy access only nextcloud running on port 80;
@danb35 created somehow Caddy hook into install script ... but i dont wanna use caddy on nextcloud instance, the certificates etc will be handled by reverse proxy ...

issue described also here>

Reverse proxy - nginx not working

hi, i have separate VM with nginx acting as reverse proxy 10.0.1.204 all other reverse proxies works fine … but … nextcloud doesnt work at all… and i am desperate already. nextcloud has ip 10.0.1.163 https://cloxxx.duckdns.org from internal network: when i execute this from outside of the...

help.nextcloud.com

is it possible to somehow stop/remove caddy from @danb35 install and run only nextcloud on port 80; so i can in next step use reverse proxy with lets encrypt and will handle access of nextcloud via 443?

also from the script i cant see http server caddy is used..

freenas-iocage-nextcloud/nextcloud-jail.sh at master · danb35/freenas-iocage-nextcloud

Script to create an iocage jail on FreeNAS for the latest Nextcloud 28 release, including Caddy, MariaDB or PostgreSQL, and Let's Encrypt - danb35/freenas-iocage-nextcloud

github.com

edit2: seems the webserver is caddy here ...
root caddy 3078 6 tcp4 127.0.0.1:2019 *:*
root caddy 3078 7 tcp46 *:80 *:*
root caddy 3078 8 tcp46 *:443 *:*


apparently still do not understand how to integrate whole stuff with nginx reverse proxy ...
ie how to make remove caddy and replace by nginx or apache ;... acting on to of the nextcloud. .. there is no point to run caddy server... .

second step would be run proper nginx from other box as reverse proxy -> reaching nginx/apache on top of the nextcloud

ANy idea?


thanks!

 

[danb35]

but i dont wanna use caddy on nextcloud instance,

Then you don't want to use my script. But perhaps you aren't aware that Caddy is a full-featured web server that can also act as a reverse proxy (like Apache and nginx in that regard), not only a reverse proxy like Traefik or HAProxy.

 

[phier]

@danb35 i dont see why it cant be replaced with apache.

i have other box running nginx as reverse proxy so i need to use that box ; not a caddy ;

all i need is to have properly working nextcloud with proper web server listening on 80 or something like that...

here they are mixing apache and caddy no idea why ...

all-in-one/Containers/apache at main · nextcloud/all-in-one

The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance. - nextcloud/all-in-one

github.com

i think all has to be set here somehow/somewhere to listen on 80 ; so to remove domain alias ... and alsol TLS directive?

Code:

{
        # debug
        #acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
        email xxx@pm.me
        default_sni cloxxx.duckdns.org
}

cloxxx.duckdns.org {
        root * /usr/local/www/nextcloud
        file_server
        log {
                output file /var/log/cloxxx.duckdns.org.log
        }

        php_fastcgi 127.0.0.1:9000 {
                env front_controller_active true
        }

        tls {
                dns duckdns 90ad2f4b-f57b-4f4b-8094-1b04eba21b82
        }

        header {
                # enable HSTS
                # Strict-Transport-Security max-age=31536000;
        }

        # client support (e.g. os x calendar / contacts)
        redir /.well-known/carddav /remote.php/dav 301
        redir /.well-known/caldav /remote.php/dav 301
        redir /.well-known/webfinger /index.php/.well-known/webfinger 301
        redir /.well-known/nodeinfo /index.php/.well-known/nodeinfo 301

....

}

is that really rocket science to have option run script with caddy(incl letsencrypt) or run it with base web server listening on port 80?
thx

 

[phier]

@danb35 could you please advise? you created the script so i believe it wont be that hard for u to point what needs to be re-configured?

appreciate.

 

[danb35]

i dont see why it cant be replaced with apache.

Of course Nextcloud will run with Apache or nginx--but my script uses Caddy. If you want to use a different web server, you'd be looking for a different installation.

 

[phier]

Of course Nextcloud will run with Apache or nginx--but my script uses Caddy. If you want to use a different web server, you'd be looking for a different installation.

hm you are bit repeating yourself.

web server is web server ... doesnt matter if apache / nginx or Caddy ...

all that needs to be done and is asked here is to Change Current Caddy config to dont use lets encrypt and expose nextcloud to port 80.
thats it.

if u are not willing to provide details - just say it ... but not repeating nonsese about web server etc.

 

[Samuel Tai]

@phier, you're being rude. @danb35's script is freely available for modification to your own situation. Hassling him to make the script conform to your circumstances is insulting. Knock it off, or I'll assess points against your account.

 

[danb35]

all that needs to be done and is asked here is to Change Current Caddy config to dont use lets encrypt and expose nextcloud to port 80.

The answers to both of these questions are in the docs, but these are completely different questions from what you were previously asking. Good luck.

*plonk*

 

[phier]

@phier, you're being rude. @danb35's script is freely available for modification to your own situation. Hassling him to make the script conform to your circumstances is insulting. Knock it off, or I'll assess points against your account.

i never did that.

i was only asking if thats possible ...

 

[Samuel Tai]

- YouTube

Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

www.youtube.com

hm you are bit repeating yourself.

web server is web server ... doesnt matter if apache / nginx or Caddy ...

all that needs to be done and is asked here is to Change Current Caddy config to dont use lets encrypt and expose nextcloud to port 80.
thats it.

if u are not willing to provide details - just say it ... but not repeating nonsese about web server etc.

You've been pestering him to modify his script not to use Caddy, or to help you replace Caddy with nginx or apache. This is against the Forum Rules.

Be Respectful, Keep It Clean and Family-Friendly

Be respectful to others. Abuse, cursing, derogatory comments, insults, or personal attacks are not allowed. This is a dynamic community serving many different types of people from all over the world, and we all should be able to participate politely. Forum moderators will edit or remove inappropriate comments. In extreme cases, posters will be warned or banned.

In addition to these rules, everyone is asked to take a relaxed approach to helping others while posting at the TrueNAS Community. If you're having trouble talking in a calm and clear manner, please take a break and do not post. Come back later after the frustration has passed. Overly terse, derogatory, or insulting messages will be deleted and may lead to account suspension.

In particular, your denigrating his reasonable responses as "nonsense about web server, etc." is abusive, and will not be tolerated.

As you've not apologized, but have denied this behavior, I'll assess 2 demerit points, which will expire in 3 months.

 

[phier]

You've been pestering him to modify his script not to use Caddy, or to help you replace Caddy with nginx or apache. This is against the Forum Rules.

no,
i said>
all that needs to be done and is asked here is to Change Current Caddy config to dont use lets encrypt and expose nextcloud to port 80.
thats it.

That doesnt mean that he HAS TO DO THAT. He was saying his script has no usage for such /requested scenario. I was saying thats not true and the only issue is with WEB SERVER and therefore it should be done (whoever does the change).

In particular, your denigrating his reasonable responses as "nonsense about web server, etc." is abusive, and will not be tolerated.

yes, because he said it cant be used and all what i said was IT CAN BE USED ; the only issue is WEB server has to be replaced or properly configured.

Are you judge here? just read carefully problem.


I just successfully replaced Caddy inside his script with apache using link provided below and all works OK, which is proof that Script can be used and only Web server has to be replaced. So apparently response wasnt reasonable enough.

https://www.samueldowling.com/2020/07/24/install-nextcloud-on-freenas-iocage-jail-with-hardened-security/

I cant apologize - but i dont know for what. I was asking how to run nextcloud and i came with url provided above. I was told that truenas integration with nextcloud is broken / no supported and provided with the script with statement that link is out of date.

I used script configured solution - but then i found out solution doesnt meet requirements ; ie to run nextclound in jail, and run nginx reverse proxy on other machine ... i was proposing that all that needs to be done is to "update/change/ Caddy conf.
I believe million other people also run nginx reverse proxy on other box or under other jail where nextcloud is installed. I was not saying he has to do that .... i was asking just if thats doable - but i got response its not .. ?

I just proved its doable ... so thats how the things are ... but ok sorry .
bye

 

[phier]

can confirm that using article https://www.samueldowling.com/2020/07/24/install-nextcloud-on-freenas-iocage-jail-with-hardened-security/ to replace Caddy with apache works okay.

afterwards installation of nginx + lets necrypt as reverse proxy works fine -> pointed to nexcloud instance with apache web server. All works smoothly.