Access AIO on 127.0.0.1 and LAN-internal IP address

CloudyFH · February 9, 2024, 6:16pm

Hello,

I’m extending Caddy’s setup as reverse-proxy to allow (internal) access to AIO additionally by (local) IP addresses.

This Caddyfile works:

https://<myDomain>:443,
https://localhost:443
{
   ...
}

If I extend it to:

https://<myDomain>:443,
https://localhost:443,
https://127.0.0.1:443,
https://10.0.0.5:443   (LAN IP address)
{
   ...
}

and connecting to one of these two IP addresses, I get an error by Caddy that there is no certificate for “172.17.0.2”.
That’s one of two mastercontainer-internal IP addresses.

When I further add “https://172.17.0.2:443” to Caddyfile, then I can connect AIO on 127.0.0.1 and 10.0.0.5 (LAN IP address).

I don’t know exactly why the container-internal IP address has to be added to Caddyfile, which is not accessible neither on the local host, nor the LAN.

Is this related to “allowed clients” or “trusted proxies” or “overwrite …” settings of the AIO? (I haven’t used them yet so far)
Could please someone explain that? Thank you

szaimen · February 9, 2024, 6:22pm

Hi, see GitHub - nextcloud/all-in-one: The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

CloudyFH · February 9, 2024, 6:36pm

I’m sorry I don’t understand it.
Host-/domain names do work, so not a DNS issue.
The local IP addresses do not work, until I add the container-internal one to the reverse-proxy.
Could you please further point into right direction? Thank you

Edit: no cloudflare involved