Get 5XX or page not found while using nginx as reverse proxy on a different machine

I use docker/.examples/docker-compose/insecure/postgres/fpm at master · nextcloud/docker · GitHub on my 192.168.1.34 debian machine, which located in a 192.168.1.4 pve mathine, the docker compose file is(I only modify the ip on template)

version: '3'

services:
  db:
    image: postgres:alpine
    restart: always
    volumes:
      - db:/var/lib/postgresql/data:z
    env_file:
      - db.env

  redis:
    image: redis:alpine
    restart: always

  app:
    image: nextcloud:fpm-alpine
    restart: always
    volumes:
      - nextcloud:/var/www/html:z
    environment:
      - POSTGRES_HOST=db
      - REDIS_HOST=redis
    env_file:
      - db.env
    depends_on:
      - db
      - redis

  web:
    build: ./web
    restart: always
    ports:
      - 192.168.1.34:8080:80
    volumes:
      - nextcloud:/var/www/html:z,ro
    depends_on:
      - app

  cron:
    image: nextcloud:fpm-alpine
    restart: always
    volumes:
      - nextcloud:/var/www/html:z
    entrypoint: /cron.sh
    depends_on:
      - db
      - redis

volumes:
  db:
  nextcloud:

other files I only add a POSTGRES_PASSWORD password.

My master router, also called gateway, is my home router, only have ipv6, already have ddns with domain nextcloud.XXX.com. The router local ip is 192.168.1.2, and use nginx as revserse proxy. The OS is openwrt.

when I use frp on my 192.168.1.34 and my ipv4 public server to visit my nextcloud, I could have my login page, but when it comes to domain, it comes nextcloud view page not found or 5xx.

I have *.XXX.com proxied on cloudflare, opened the little yellow cloud as cdn and ipv6-ipv4 converter. and also have modify the config/config.php as below

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' => 
  array (
    0 => 
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 => 
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' => 
  array (
    'host' => 'redis',
    'password' => '',
    'port' => 6379,
  ),
  'upgrade.disable-web' => true,
  'instanceid' => 'oco00k31oiuk',
  'passwordsalt' => 'J4O1rOCbiK1nmsWS+mpW5NbPeTb81m',
  'secret' => '6Fhg91dX7O6wDKGEjpboKiu8QUkPF/eFHH60hNVxgbPaYyKK',
  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 => '192.168.1.34:8080',
    2 => '120.54.50.240:9988',
    3 => '*.XXX.com',
  ),
  'trusted_proxies' => ['192.168.1.2', '2409:8a28:c9d:f690::/60', '120.54.50.240'],
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'pgsql',
  'version' => '28.0.2.5',
  'overwrite.cli.url' => 'https://nextcloud.XXX.com:8443',
  'dbname' => 'nextcloud',
  'dbhost' => 'db',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'oc_nextcloud',
  'dbpassword' => '903Puh74VcmXmtHiNMbphaTMX8ScrM',
  'installed' => true,
);

as I had tested, trusted_proxies seems have no effect on the result but trusted_domains have. I guess the config above have no effect on the accessibility of my nextcloud server, the problem may be on my openwrt nginx(192.168.1.2)

now I tested two config on my openwrt nginx config, but none of which work out.

The one below I got error code like 504/524

map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}

server {
    	listen 8443 ssl;
    	listen [::]:8443 ssl;
    	server_name nextcloud.XXX.com;
    	
		error_log /var/log/nginx/nextcloud.XXX.com.error.log debug;

    	ssl_certificate /etc/acme/XXX.com/fullchain.cer;
    	ssl_certificate_key /etc/acme/XXX.com/XXX.com.key;

    	ssl_session_timeout 1d;
    	ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
    	ssl_session_tickets off;

    	ssl_protocols TLSv1.2 TLSv1.3;
    	ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
    	ssl_prefer_server_ciphers on;
    	
    location / {
    	proxy_pass http://192.168.1.34:8080$request_uri;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Port $server_port;
        proxy_set_header X-Forwarded-Scheme $scheme;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Accept-Encoding "";
        proxy_set_header Host $host;
        
        client_body_buffer_size 512k;
        proxy_read_timeout 86400s;
        client_max_body_size 0;

        # Websocket
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
    }
}

but the access.log on my openwrt shows

GET https://nextcloud.XXX.com/custom_apps/richdocumentscode/proxy.php?req=/hosting/capabilities => 200 (192B in 0.003s) <- - -- -
GET https://nextcloud.XXX.com/custom_apps/richdocumentscode/proxy.php?req=/hosting/capabilities => 200 (192B in 0.003s) <- - -- -
GET https://nextcloud.XXX.com/login => 499 (0B in 43.811s) <- - -- -
GET https://nextcloud.XXX.com/login => 504 (562B in 60.036s) <- - -- -
GET https://nextcloud.XXX.com/custom_apps/richdocumentscode/proxy.php?req=/hosting/capabilities => 200 (192B in 0.003s) <- - -- -
GET https://nextcloud.XXX.com/custom_apps/richdocumentscode/proxy.php?req=/hosting/capabilities => 200 (192B in 0.003s) <- - -- -

The other below I got nextcloud view page not found

server {
    	listen 8443 ssl;
    	listen [::]:8443 ssl;
    	server_name nextcloud.XXX.com;
    	
		error_log /var/log/nginx/nextcloud.XXX.com.error.log debug;

    	ssl_certificate /etc/acme/XXX.com/fullchain.cer;
    	ssl_certificate_key /etc/acme/XXX.com/XXX.com.key;

    	ssl_session_timeout 10m;
    	ssl_ciphers HIGH:!aNULL:!MD5;
    	ssl_prefer_server_ciphers on;
    	
    location / {
    	proxy_pass http://192.168.1.34:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

I also have other server behind my 192.168.1.2 and those servers are accessible.

Can anyone figure out what’s the problem? I would appreciate it very much.

I think the reverse nginx proxy path have problems.

server {
    	listen 8443 ssl;
    	listen [::]:8443 ssl;
    	server_name nextcloud.XXX.com;
    	
		error_log /var/log/nginx/nextcloud.XXX.com.error.log debug;

    	ssl_certificate /etc/acme/XXX.com/fullchain.cer;
    	ssl_certificate_key /etc/acme/XXX.com/XXX.com.key;

    	ssl_session_timeout 10m;
    	ssl_ciphers HIGH:!aNULL:!MD5;
    	ssl_prefer_server_ciphers on;
    	
    location / { 
      proxy_pass http://192.168.1.34:8080; 
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header Host $host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_redirect off;
      proxy_buffering off;
    }
}

I can access login page by frp using http://public-ip:9988/login,
but when it cames to https://nextcloud.XXX.com:8443/login, it report
504 timeout, but if I use other wrong paths, it show nextcloud view page not found.

after retrying, it suddenly got login page, may be the all problems above is because my poor network.

now the problem is template engine render error

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.