Authelia Authentication on a VPS for a *local* NextCloud installation
I have a VPS running Caddy and use Fast Reverse Proxy (FRP) with ports xx43 and xx80 backed by a wildcard certificate. The VPS is running Authelia which uses U2F authentication for all Caddy defined “sites”. Any incoming request, if Authelia verified, is parsed in Caddy and forwarded as a reverse proxy via FRP via one of the two xx43 and xx80 ports.
This set-up is used since my ISP will not permit incoming HTTP/S requests.
The FRP client is in a LAN based Proxmox VE and, for NextCloud, is forwarded via port 11000 to a Debian 12 LXC running Apache2 and NextCloud AIO docker. The LXC uses firewalld and I have opened ports 80, 443, 8080, 8443 and 11000.
After doing the “reverse proxy” NextCloud docker install and logging in to AIO using https://local.ip:8080, I attempt to submit a domain using my SSL backed, defined Caddy host and receive the error “Domain does not point to this server or the reverse proxy is not configured correctly…”
The mastercontainer log shows:
NOTICE: PHP message: The response of the connection attempt to "https://*nextcloud.dns.name*:443" was: <a href="https://*authelia.dns.name*/?rd=https%3A%2F%2F*nextcloud.dns.name*%2F&rm=GET">302 Found</a>
NOTICE: PHP message: Expected was: ...
What I read from this is that there can be no interplay between physically separated NextCloud and Authelia installations and that I can only use (or set-up) NextCloud when bypassing Authelia authentication in this kind of environment since I cannot autheticate after the reverse proxy.
Is this a correct premise?