Solved - as always: don’t just set up the 19 right places when there are 20.
So components:
- unbound (for redirecting lan to lan with external domain - not every setup will require this)
- haproxy
- code docker
- nextcloud integration
- opnsense firewall
I’m running collabora/code and nextcloud from the same debian host in dmz. But I forgot to allow the host to reach the haproxy frontend-ip on lan…
Maybe it would be possible, or even better, to use the unbound overwrite just for the nextcloud-lan and point docker-code to the haproxy frontend-ip on dmz?!