Don´t get access to Nextcloud behind reverse proxy

Hello to all of you,

after running Nextcloud on a Pi for a long time, I wanted to install the whole thing in a VM. Since I run two systems in parallel I needed a reverse proxy here. When I installed it yesterday, access was also possible. Unfortunately not today.
The apache error.log contains the following messages:

Wed Nov 27 10:40:45.811334 2019] [mpm_prefork:notice] [pid 23034] AH00169:          caught SIGTERM, shutting down
[Wed Nov 27 10:41:13.310035 2019] [mpm_prefork:notice] [pid 254] AH00163: Apach/2.4.29 (Ubuntu) configured -- resuming normal operations
[Wed Nov 27 10:41:13.311210 2019] [core:notice] [pid 254] AH00094: Command line: '/usr/sbin/apache2'

In the forum I could not find a solution that would have worked for me.

<?php
$CONFIG = array (
'instanceid' => '',
'passwordsalt' =>  '*****',
'secret' =>  '****',
'trusted_domains' => 
array (
0 => 'subdomain.domain.com‘,
1 => '192.168.178.125',
2 => 'nc1.local',
),
'datadirectory' => '/mnt/hdd',
'dbtype' => 'mysql',
'version' => '17.0.1.1',
'overwrite.cli.url' => 'http://subdomain.domain.com',
'dbname' => 'nextcloud',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'nextclouduser',
'dbpassword' => '********',
'installed' => true,
'maintenance' => false,
'trusted_proxies'=> array(
0 => '192.168.178.105'
),
);

My virtual host config on the proxy

 <VirtualHost *:80>
ServerName subdomain.domain.com
ProxyPreserveHost On
DocumentRoot /var/www/html
ProxyPass /.well-known !
ProxyPass / http://192.168.178.125:80/
ProxyPassReverse / http://192.168.178.125:80/
RewriteEngine on
RewriteCond %{SERVER_NAME} =subdomain.domain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

Please let me know if more information is needed.

Thanks for the help in advance.

Hi,

Nowadays I use a nginx proxy instead (performance seems to be a lot better with nextcloud) but I do have my old apache config available. I hope it helps:

<VirtualHost *:443>
 ErrorLog logs/ssl_error_log
 TransferLog logs/ssl_access_log
 LogLevel warn
 SSLEngine on
 SSLProtocol all -SSLv2 -SSLv3
# These need updating as it is an old list
 SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"

 SSLCertificateFile /<certpath>/cert.pem
 SSLCertificateKeyFile /<certpath>/privkey.pem
 SSLCertificateChainFile /<certpath>/chain.pem

# Enable this if if you use letsencrypt in a specific folder
# Alias /.well-known "/var/www/html/le/.well-known"
# ProxyPass /.well-known !

 Servername nextcloud.example.com
 Serveralias nextcloud

 <IfModule mod_headers.c>
  Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
 </IfModule>

 ProxyPreserveHost On
 SSLProxyEngine On
 ProxyRequests Off
 SSLProxyVerify none
 SSLProxyCheckPeerCN off
 SSLProxyCheckPeerName off
 SSLProxyCheckPeerExpire off

 ProxyPass / https://nextcloud.internal.hostname/
 ProxyPassReverse / https://nextcloud.internal.hostname/
# Or use an IP address by keeping the https and just replace the hostname. 
 ProxyPass / !
 ProxyPassReverse / !
</VirtualHost>

Hi try traefik… this is a very simple and almost selfconfiguring reverse proxy…

Did you enable mod_proxy?

a2enmod proxy
systemctl restart apache2