OPNsense Forum

Hello

For couple of weeks im trying to install Nextcloud AIO but still having issues to get the login page after i enter my domain. Its just blank page, but I got valid Letsencrypt certificate.

In opnsense Im using Caddy plugin as a reverse proxy for Nextcloud which is installed on Windows 11 with docker.  Caddy is using recommended config on nextcloud with reverse proxy. As a DNS im using Nextdns.

Caddy config:
(https://help.nextcloud.com/uploads/default/original/3X/b/0/b0333388c4e1e7003cd891f3c7ff1c4b4cfc9b0e.png)

I have tried different browser or different device and the same...

I see that Im hitting the Nextcloud AIO as I see this from CAddy reverse proxy lo
(https://help.nextcloud.com/uploads/default/original/3X/6/f/6f45ecb45a36776bbd7b55853bb0cc1b6ac04326.png)

I hope you will be able to help me as I have tried multiple Caddy settings.

Thank you

Can you open the Nextcloud without the reverse proxy?

Yes, I can open Nextcloud login page on local server:11000

I have installed nginx plugin and configured the reverse proxy exactly as this: https://forum.opnsense.org/index.php?topic=19305.0

and I can access it even on my domain and externally as well..

There must be some issue with the Caddy config which I have missed... I hope some =one can point me to the right direction.

Caddy:

Why did you check TLS in the handler? Disable it and try again.

http://localserver:11000   -> None of the tls options in handler checked.
https://localserver:11000   -> TLS insecure skip verify in handler checked.

Unchecked:  TLS Insecure Skip Verify
Unchecked: TLS

and the same problem

Well then try to check "TLS Insecure Skip Verify".

same.. I was playing with the TLS earlier like:

Unchecked:  TLS Insecure Skip Verify
Unchecked: TLS

checked:  TLS Insecure Skip Verify
Unchecked: TLS

Unchecked:  TLS Insecure Skip Verify
checked: TLS

checked:  TLS Insecure Skip Verify
checked: TLS


But the same issue

the domain name is: subdomain.domainname

I have tried to setup also as domain = domain
and create subdomain and use it in the handler

but it was the same issue..

There must be some sort of deeper issue at hand that I probably can't troubleshoot in the scope of this forum.

Try to reverse proxy some other stuff to get a feel for it to see if you can get other things to work.

Try to reverse proxy the OPNsense WebGUI as a start. It's written in the documentation how to do that.

I have done that based on the configuration https://docs.opnsense.org/manual/how-tos/caddy.html

and still nothing...

Im just wondering if the Caddy plugin works in general :-)

Yes the plugin works. A lot of people including myself use it.

It might be a nextcloud misconfiguration, or your infrastructure is set up incorrectly.

Here is an example what Nextcloud needs to be reverse proxied, "trusted proxies" defined.

https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html#defining-trusted-proxies

i will try once more, but its interesting that nginx works like a charm without additional afford and Caddy based on the guide doesnt work.
    - It doesnt seems like Opnsense misconfiguration

I have actually sat down, created a Windows 10 VM, installed the Nextcloud AIO in it with this setup guide:

https://nextcloud.com/blog/your-guide-to-the-nextcloud-all-in-one-on-windows-10-11/

Then I noticed that I had to also follow this guide:

https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#2-use-this-startup-command

Then I noticed how broken and overdesigned this whole thing is.

Good luck if you want to use that and trust it with your data.

Even the Nextcloud SNAP in Ubuntu would be a better choice than using this.


Just look at discussions like these: https://github.com/nextcloud/all-in-one/issues/4001

They go against conventions and are proud of it, it seems. Francis is one of the main Caddy contributers btw.

Thank.. yes. thats the similar what I have used.. I have also posted on Nextcloud forum where I have listed my config as well..
https://help.nextcloud.com/t/nextclou-aio-install-caddy-reverse-proxy-opnsense-white-login-page/200032/6

Anyway, tried modify the URL handle and still doesnt work..
  - also trie based on the Opnsense giude setup reverse proxy for Opnsense admin GUI portal and doesnt work either..

Hmm, at least reverse proxying the Webgui should always work.

Here I even made a small video:

https://www.youtube.com/watch?v=6ip8Sx4zcDA

I used a clean new installed 24.7 in that video. So I /know/ it should work.

I would like to install a very similar setup for Nextcloud. Except, that I don't want to use AIO, but good old manual compose file. I set up a working installation in the past with NGINX. Now, with Caddy on the FW, I am going to install Docker on a VM, and use a compose file to run Nextcloud and Caddy on it. So I have a scenario, where my FW-Caddy would redirect to the Docker-Caddy. Is it correct, that for instance the caldav and carddav thing needs to be setup on Docker-Caddy?
https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html

Maybe you have some other hints on doing this.

Sorry I don't have much experience with reverse proxying Nextcloud.

Nextcloud has become kind of a dumpster fire with so many modules and they completely forgot about their core use, serving files.

Thanks..

Have tried and didnt work, so i might have something wrong with my Opnsense even I have reinstalled the plugin..


So I have switched to Ngnix for now as it worked without any isssue. I might try Caddy in a short future again.