External Sites feature as reverse proxy to use nextcloud as authentication suite

stewartwebb · September 23, 2016, 12:51pm

Hi all,
I’d really like to be able to use something like the external sites feature, but combined with reverse proxy.
This way I could set up a smaller webserver internally, which could only listen on localhost.

This would allow me to run a lot of the webapps I run in my LAN on my local machine, but don’t trust on the internet because they have no authentication to run inside of nextcloud’s authentication, which I find more trustworthy.

Has anyone done anything similar or know of any way (or controversially another application) which would allow me to do this?

Regards
Stewart

drewgreat · October 17, 2016, 3:56am

I’d like exactly the same thing. I’ve looked at php proxy options and haven’t had much success.

What I’m currently exploring is using the auth_request module of nginx to provide authentication on the reverse proxy from Nextcloud. If you aren’t familiar auth_request will grant the visitor access to the resources based on a http 200 response from an external website, in this case an app running on Nextcloud. The proxied site could then be added as an external app in Nextcloud or given direct access via a domain name.

I’m not aware of an app that does it and my PHP (etc.) skills are rusty at best but i might give it a go.

Simone · April 7, 2021, 7:24am

I know this question is very old, is there any chance something has been found?

devnull · April 7, 2021, 9:18am

@simone

Perhaps you search a web proxy.

GitHub - joshdick/miniProxy: 🚨⚠️ UNMAINTAINED! ⚠️🚨 A simple PHP web proxy.
GitHub - heiswayi/web-proxy-script: Minimalist web proxy script
GitHub - vincentclee/glype: Glype proxy is a free, web-based proxy script written in PHP
GitHub - riotkit-org/web-proxy: Anonymous HTTP proxy that forwards all requests through one or multiple proxy servers, with a proxy servers auto-discovery

Also you can perhaps use for only a few web apps the reverse proxy functions from apache2 or nginx.

Can you post an example? Please open an own thread.

Simone · April 7, 2021, 10:00am

Yes, sure.
I’m already using nginx as proxy in front of nextcloud, but I would like something closer to the original question in this thread.

Use case
What I have:

a web application without authentication that provides small and specific features
authentication already present in nextcloud

I would like to leverage nextcloud authentication to perform authentication (better with custom ACLs) for access the other web application.

EDIT: I have already implemented a small custom plugin (far away from being elegant) to implement a part of this. I was wondering if there’s an elegant plugin where you can just setup proxy routes and groups checking.