Issues with Nextcloud Installation and Configuration Behind NGINX Reverse Proxy

Hello All

Problem Description

I’ve been struggling with setting up Nextcloud behind an NGINX reverse proxy. My goal is to run Nextcloud in a subdirectory (/nextcloud) while using a reverse proxy to handle incoming requests. Despite following various guides and tweaking configurations, I am encountering several issues.

I’m relatively new to NGINX, but I’ve managed to fix the 404 errors for static files and the 502 Bad Gateway issue. However, I’m still facing problems with login page redirection, and I’m not sure where to start troubleshooting.

Before these issues, I was able to reach the Nextcloud install page and click the install button. However, I consistently experienced a proxy timeout screen during the installation process. Despite the timeout, I noticed that Nextcloud wrote the database configuration into config.php and observed some CPU activity, indicating that some installation steps were completed. Afterward, I couldn’t access index.php and was redirected to a 404 error page.

I feel like I’m missing something fundamental or misunderstanding some aspect of the setup.

  1. Login Page Redirection Issues:
  • The Nextcloud installation appears to be complete, but when attempting to access the login page, I am redirected to http://my-site.ch/nextcloud/index.php/login, which results in a 404 error.
  • It seems like the PHP files are not being executed properly, and the server is searching for static files instead.

2.404 Errors for Static Files: → Fixed with added nextcloud config overwritewebroot hopefully right approach

  • When accessing static files (e.g., CSS, JS) through the reverse proxy, I get 404 errors.
  • The static files are located in the /var/www/html/nextcloud directory in the backend container.

docker-compose.yml

version: '3'

services:
  dbdev:
    image: mariadb:10.11.7-jammy
    container_name: dbdev
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: $DBPRD_MYSQL_ROOT_PASSWORD
      MYSQL_DATABASE: wordpress
      MYSQL_USER: wordpress
      MYSQL_PASSWORD: wordpress
    volumes:
      - db_dev:/var/lib/mysql
    networks:
      - app-network3

  reverse-proxy:
    image: nginx:alpine
    container_name: reverse-proxy
    volumes:
      - ./reverse-proxy/nginx.conf:/etc/nginx/nginx.conf:ro
    ports:
      - "80:80"
    depends_on:
      - backend-ncdev
    networks:
      - app-network3

  backend-ncdev:
    image: nginx:alpine
    container_name: backend-ncdev
    volumes:
      - ./backend-ncdev/nginx.conf:/etc/nginx/nginx.conf:ro
      - ./ncdev:/var/www/html
    depends_on:
      - ncdev
    networks:
      - app-network3

  ncdev:
    depends_on:
      - dbdev
    image: nextcloud:stable-fpm-alpine
    container_name: ncdev
    restart: unless-stopped
    environment:
      - MYSQL_HOST=dbdev:3306
      - MYSQL_DATABASE=$NEXTDEV_MYSQL_DATABASE
      - MYSQL_USER=$NEXTDEV_MYSQL_USER
      - MYSQL_PASSWORD=$NEXTDEV_MYSQL_PASSWORD

    volumes:
      - ./ncdev:/var/www/html
    networks:
      - app-network3
volumes:
  db_dev:

networks:
  app-network3:
    driver: bridge

Reverse-proxy nginx.conf

worker_processes 1;

events {
    worker_connections 1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout 65;

    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';

    access_log /var/log/nginx/access.log main;
    error_log /var/log/nginx/error.log debug;

    upstream backend {
        server backend-ncdev:80;
    }

    server {
        listen 80;
        server_name my-site.ch;

        location /nextcloud/ {

            proxy_pass http://backend-ncdev/;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
           # proxy_set_header X-Script-Name /nextcloud;
        }

        # Additional configuration for caching, security headers, etc.
    }
}

Backend-ncddev nginx.conf

worker_processes 1;                                                                           
                                                                                              
events {                                                                                      
    worker_connections 1024;                                                                  
}                                                                                             
                                                                                              
http {                                                                                        
    include       mime.types;                                                                 
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout 65;

    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';

    access_log /var/log/nginx/access.log main;
    error_log /var/log/nginx/error.log debug;

    upstream php-handler {
        server ncdev:9000;
    }


    # Set the `immutable` cache control options only for assets with a cache busting `v` argument
map $arg_v $asset_immutable {
    "" "";
    default ", immutable";
}


    server {

listen 80;
        server_name backend-ncdev;

        root /var/www/html;
        index index.php index.html;


        location ~ \.php$ {
           # fastcgi_split_path_info ^(.+?\.php)(/.*)$;
            fastcgi_pass php-handler;
            fastcgi_index index.php;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param PATH_INFO $fastcgi_path_info;
        }

        location ~* \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ {
            try_files $uri =404;
            expires 30d;
            #access_log off;
        }
    }
}

Nextcloud conf

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' => 
  array (
    0 => 
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 => 
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'upgrade.disable-web' => true,
  'instanceid' => 'oc1mssnwm92t',
  'overwritewebroot' => '/nextcloud',
  'passwordsalt' => '*',
  'secret' => '*',
  'trusted_domains' => 
  array (
    0 => 'my-site.ch',
  ),
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'mysql',
  'version' => '28.0.6.1',
  'overwrite.cli.url' => 'http://my-site.ch/nextcloud',
  'dbname' => 'ncdev',
  'dbhost' => 'dbdev:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'ncdev',
  'dbpassword' => 'bF3L7bn0V3Qg63VPNHbpc1nFhe',
  'installed' => true,
);

Logs Reverser proxy

** - - [10/Jun/2024:20:18:44 +0000] "GET /nextcloud/index.php/login HTTP/1.1" 404 555 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/

Logs Backend Webserver Nextcloud

2024/06/10 20:18:44 [error] 30#30: *44 open() "/var/www/html/index.php/login" failed (20: Not a directory), client: 192.168.112.5, server: backend-ncdev, request: "GET /index.php/login HTTP/1.0", host: "my-site.ch"

OCC Status

docker exec -it --user www-data  ncdev sh
/var/www/html $ php occ status                                                            
  - installed: true                                                                       
  - version: 28.0.6.1                                                                     
  - versionstring: 28.0.6                                                                 
  - edition: 
  - maintenance: false
  - needsDbUpgrade: false
  - productname: Nextcloud
  - extendedSupport: false

Troubleshooting Steps Taken

  1. Verified file and directory permissions.
  2. Ensured correct paths in the NGINX configuration files.
  3. Verified connectivity between the reverse proxy and backend server.
  4. Confirmed that PHP-FPM is running and correctly configured.
  5. Tried various combinations of proxy_pass and try_files directives.
  6. Tried the example config from the Nextcloud documentation. I’m unsure about some aspects because I don’t want to create my own Nextcloud Docker image to have the Nextcloud folder inside my root like /var/www/html/nextcloud.

Questions

  • My feeling is that index.php is not being executed anymore, and the server is looking for it as a static file.
  • Is there a better way to configure the NGINX reverse proxy and backend server to handle Nextcloud in a subdirectory? I switched to having two NGINX instances (one as a reverse proxy and the other as a web server) because I encountered other issues that I couldn’t solve.

Any help or insights from the community would be greatly appreciated!

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.