Caddy (reverse proxy) plugin + Nextcloud AIO

Started by fforstik, August 06, 2024, 01:07:46 PM

Previous topic - Next topic
Print
Go Down Pages1 2
User actions
August 06, 2024, 01:07:46 PM
Hello

For couple of weeks im trying to install Nextcloud AIO but still having issues to get the login page after i enter my domain. Its just blank page, but I got valid Letsencrypt certificate.

In opnsense Im using Caddy plugin as a reverse proxy for Nextcloud which is installed on Windows 11 with docker.  Caddy is using recommended config on nextcloud with reverse proxy. As a DNS im using Nextdns.

Caddy config:


I have tried different browser or different device and the same...

I see that Im hitting the Nextcloud AIO as I see this from CAddy reverse proxy lo


I hope you will be able to help me as I have tried multiple Caddy settings.

Thank you
August 06, 2024, 01:35:26 PM #1
Can you open the Nextcloud without the reverse proxy?
Hardware:
DEC740
August 07, 2024, 12:54:03 PM #2 Last Edit: August 07, 2024, 01:02:57 PM by fforstik
Yes, I can open Nextcloud login page on local server:11000

I have installed nginx plugin and configured the reverse proxy exactly as this: https://forum.opnsense.org/index.php?topic=19305.0

and I can access it even on my domain and externally as well..

There must be some issue with the Caddy config which I have missed... I hope some =one can point me to the right direction.

Caddy:
August 07, 2024, 01:03:32 PM #3
Why did you check TLS in the handler? Disable it and try again.

http://localserver:11000   -> None of the tls options in handler checked.
https://localserver:11000   -> TLS insecure skip verify in handler checked.
Hardware:
DEC740
August 07, 2024, 01:19:28 PM #4
Unchecked:  TLS Insecure Skip Verify
Unchecked: TLS

and the same problem
August 07, 2024, 01:23:40 PM #5
Well then try to check "TLS Insecure Skip Verify".
Hardware:
DEC740
August 07, 2024, 01:25:36 PM #6
same.. I was playing with the TLS earlier like:

Unchecked:  TLS Insecure Skip Verify
Unchecked: TLS

checked:  TLS Insecure Skip Verify
Unchecked: TLS

Unchecked:  TLS Insecure Skip Verify
checked: TLS

checked:  TLS Insecure Skip Verify
checked: TLS


But the same issue
August 07, 2024, 01:28:20 PM #7
the domain name is: subdomain.domainname

I have tried to setup also as domain = domain
and create subdomain and use it in the handler

but it was the same issue..
August 07, 2024, 01:29:12 PM #8
There must be some sort of deeper issue at hand that I probably can't troubleshoot in the scope of this forum.

Try to reverse proxy some other stuff to get a feel for it to see if you can get other things to work.

Try to reverse proxy the OPNsense WebGUI as a start. It's written in the documentation how to do that.
Hardware:
DEC740
August 07, 2024, 01:56:41 PM #9
I have done that based on the configuration https://docs.opnsense.org/manual/how-tos/caddy.html

and still nothing...

Im just wondering if the Caddy plugin works in general :-)
August 07, 2024, 02:43:26 PM #10
Yes the plugin works. A lot of people including myself use it.

It might be a nextcloud misconfiguration, or your infrastructure is set up incorrectly.

Here is an example what Nextcloud needs to be reverse proxied, "trusted proxies" defined.

https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html#defining-trusted-proxies
Hardware:
DEC740
August 07, 2024, 09:58:36 PM #11
i will try once more, but its interesting that nginx works like a charm without additional afford and Caddy based on the guide doesnt work.
    - It doesnt seems like Opnsense misconfiguration
August 08, 2024, 07:47:28 AM #12
I have actually sat down, created a Windows 10 VM, installed the Nextcloud AIO in it with this setup guide:

https://nextcloud.com/blog/your-guide-to-the-nextcloud-all-in-one-on-windows-10-11/

Then I noticed that I had to also follow this guide:

https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#2-use-this-startup-command

Then I noticed how broken and overdesigned this whole thing is.

Good luck if you want to use that and trust it with your data.

Even the Nextcloud SNAP in Ubuntu would be a better choice than using this.


Just look at discussions like these: https://github.com/nextcloud/all-in-one/issues/4001

They go against conventions and are proud of it, it seems. Francis is one of the main Caddy contributers btw.
Hardware:
DEC740
August 08, 2024, 08:11:20 AM #13
Thank.. yes. thats the similar what I have used.. I have also posted on Nextcloud forum where I have listed my config as well..
https://help.nextcloud.com/t/nextclou-aio-install-caddy-reverse-proxy-opnsense-white-login-page/200032/6

Anyway, tried modify the URL handle and still doesnt work..
  - also trie based on the Opnsense giude setup reverse proxy for Opnsense admin GUI portal and doesnt work either..
August 08, 2024, 08:19:23 AM #14
Hmm, at least reverse proxying the Webgui should always work.

Here I even made a small video:

https://www.youtube.com/watch?v=6ip8Sx4zcDA

I used a clean new installed 24.7 in that video. So I /know/ it should work.
Hardware:
DEC740
Print
Go Up Pages1 2
User actions