Nextcloud AIO Installation: Domain Verification

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP, AIO)
, ,
1

Ubuntu 22.04.3 in multipass VM
Docker 24.0.7
Caddy Version 2.7.6
NC AIO Version 7.9.1

I am trying to set up Nextcloud AIO in a VM because I want to run multiple AIO instances on the same server (as descriped here). I get the AIO Admin working, but I can’t verify the domain (even after following the steps in “6. How to debug this”). When I finally set the variable SKIP_DOMAIN_VALIDATION=true, I can install all the containers fine, but when I am trying to open the instance, I get a HTTP 502 Error.

Docker Compose file:

services:
  nextcloud-aio-mastercontainer:
    image: nextcloud/all-in-one:latest
    restart: unless-stopped
    container_name: nextcloud-aio-mastercontainer
    volumes:
      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
      - /var/run/docker.sock:/var/run/docker.sock:ro
    ports:
      - 8080:8080
    environment: 
      - APACHE_PORT=11000
      - APACHE_IP_BINDING=0.0.0.0 #Tried localhost and 127.0.0.1 as well but since I added an IP in my caddyfile, I am assuming this is the right choice
      - NEXTCLOUD_DATADIR=/home/ubuntu/cloud/data # Folder exists in VM
volumes:
  nextcloud_aio_mastercontainer:
    name: nextcloud_aio_mastercontainer

Caddy file on Server:

cloud.foo:443 {
	reverse_proxy 10.45.123.221:11000 #10.45.123.221 is the internal IP of the VM
}

# AIO Admin works fine
admin.cloud.foo {
	reverse_proxy https://10.45.123.221:8080 {
		transport http {
            		tls_insecure_skip_verify
        	}
	}
}

# Not important for Nextcloud, comes out of the box with the docker multipass image.
portainer.cloud.foo {
	reverse_proxy 10.45.123.221:9000
}

Error Log when trying to verify domain:

nextcloud-aio-mastercontainer  | NOTICE: PHP message: The response of the connection attempt to "https://nebula.los.ch:443" was: 
nextcloud-aio-mastercontainer  | NOTICE: PHP message: Expected was: d0a19f0cb51fb89a1f0ba7e50b84604f85cac88153e2558f
nextcloud-aio-mastercontainer  | NOTICE: PHP message: The error message was:

Any suggestions? Thx for your help in advance!

2

likely you mix different things.

the docs you reference doesn’t meant to install multiple VMs each running a single AiO instance - the goal is to setup miltiple AiO instances on one server… the result might be the same but the way is completely different…

if you run an application (aio in this case) behind reverse proxy like caddy you must perform tls certificate management on the reverse proxy. AiO can not issue letsencrypt (and other automated certificates with ACME protocol) from “backend” - it must happen on the first line. for this reason you should follow AiO reverse proxy documentation and setup your caddy to request certificates…

3

Hi @wwe

Thanks for you reply! I am not quite sure I understand correctly tho: The docs I referenced explicitly say

The normal way is creating multiple VMs, installing AIO in reverse proxy mode in each of them and having one reverse proxy in front of them that points to each VM

From what I understand (and please forgive me if I use the wrong lingo, I am by no means an expert) it is the point to run multiple VMs, each running an instance of AIO. So I currently have caddy as my reverse proxy running outside of any VM, which handles certificates and takes care of pointing to the AIO instance. Or am I misunderstanding?

Thanks for your help!

1 Like
4

Hi @wwe

Please don’t ask me what I changed. But I simply rebuilt the entire VM again (for an nth time) and all of a sudden, it worked. I didn’t change anything about my configuration but now, it works. Curious :woman_shrugging:

Marking this as solved. For future reference: My configuration (see above) works.

1 Like