Nginx SSL Reverse Proxy Doesn't Serve Static Files on Subdomains (Nextcloud, Organizr, Plex, etc.)

Jrjy3

Dabbler
Joined
Jan 3, 2015
Messages
23
Hello,

I recently upgraded my system from 11.1 to 11.2 and I decided to re-create all of my jails using iocage instead of the warden system. I've successfully gotten everything working on my local network, but I'm having trouble getting it to work outside of my network through my domain name. I'm trying to set up each service as a subdomain using the reverse proxy functions of Nginx. I also want to make sure all of my subdomains can load using HTTPS, which I have working through Let's Encrypt. I am able to successfully load the HTML from each of the services using the reverse proxy, but none of the subdomain services are able to load any static files (css, js, etc.).

Below is a screenshot of what I can see when I visit Nextcloud from my public domain (https://nextcloud.domain.com)
9AFzxGT.png


Those first couple of errors are occurring because it's expecting a CSS file, but when I actually go to the link, it's an HTML 404 page.

I used nginxconfig.io to help me generate all of the relevant conf files and adjusted to fit my server. Below are the nginx.conf file and nextcloud.domain.com.conf files

Code:
user www;
pid /var/run/nginx.pid;
worker_processes 4;
worker_rlimit_nofile 65535;

events {
    multi_accept on;
    worker_connections 65535;
}

http {
    charset utf-8;
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    server_tokens off;
    log_not_found off;
    types_hash_max_size 2048;
    client_max_body_size 16M;

    # MIME
    include mime.types;
    default_type application/octet-stream;

    # logging
    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log warn;

    # SSL
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:50m;
    ssl_session_tickets off;

    # Diffie-Hellman parameter for DHE ciphersuites
    ssl_dhparam /usr/local/etc/nginx/dhparam.pem;

    # OWASP B (Broad Compatibility) configuration
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256;
    ssl_prefer_server_ciphers on;

    # OCSP Stapling
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220 valid=60s;
    resolver_timeout 2s;

    # load configs
    include /usr/local/etc/nginx/sites-enabled/*;
}




And here's nextcloud.domain.com.conf:
Code:
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name nextcloud.domain.com;

    # SSL
    ssl_certificate /usr/local/etc/letsencrypt/live/nextcloud.domain.com/fullchain.pem;
    ssl_certificate_key /usr/local/etc/letsencrypt/live/nextcloud.domain.com/privkey.pem;
    ssl_trusted_certificate /usr/local/etc/letsencrypt/live/nextcloud.domain.com/chain.pem;

    # security
    include /usr/local/etc/nginx/nginxconfig.io/security.conf;

    # reverse proxy
    location / {
        proxy_pass http://NEXTCLOUD_IP:80;
        include /usr/local/etc/nginx/nginxconfig.io/proxy.conf;
    }

    # additional config
    include /usr/local/etc/nginx/nginxconfig.io/general.conf;
}

# HTTP redirect
server {
    listen 80;
    listen [::]:80;

    server_name nextcloud.domain.com;

    include /usr/local/etc/nginx/nginxconfig.io/letsencrypt.conf;

    location / {
        return 301 https://nextcloud.domain.com$request_uri;
    }
}




I can post some of the other includes if anyone thinks they would be helpful to see.

Can anyone give me any advice as to why it isn't working properly? I've been searching for hours trying to figure this out, but everything else I've found online either has the services running in a subfolder (domain.com/nextcloud) where the issue is with trailing slashes or issues not being able to load the sites at all through the reverse proxy. I haven't been able to find any other threads where anyone was having issues only loading some content, but not all.
 
Last edited:

Jrjy3

Dabbler
Joined
Jan 3, 2015
Messages
23
Were you able to resolve this?
I was never able to figure out what was specifically wrong. I eventually was able to fix the issue by deleting all of my jails and reconfiguring them in the exact same way I did before (as far as I know). As I'm writing this, I'm realizing it probably would've been helpful to look at the nginx logs, but since I'm no longer experiencing the issue, it's too late for that now.

If I do start having the issue again, I'll post back here and include any relevant logs.
 
Top