Hello,
Skipping the support guide.
Installation :
- Nextcloud 30.0.5
- Apache2
I had everything installed but ran most of my local network through ‘hosts’ edits (192.168.1.2 myserver.domain.eu) and i had to enter the port manually. like myserver.domain.eu:8888.
I already configured Nextcloud+Collabera+SSL/TLS and .htaccess to be on port 80/443 before, however NPM needs to be there. So i forwarded those ports to NPM and all was fine i thought since it worked when i tried it on my LAN.
When i use my phones data connection to test it remotely:
Chrome :
-ERR_SSL_UNRECOGNIZED_NAME_ALERT
When i turn on SSL with *.domain.eu on NPM:
-502 Bad Gateway
When i turn on Cloudflare proxy for ‘nc.mydomain.eu’ :
with force SSL/http2/hsts on in NPM:
-ERR_TOO_MANY_REDIRECTS
with SSL off in NPM:
Bad Gateway (cloudflare page)
When i turn on VPN on my phone which goes to my wireguard instance it works fine again since it’s local.
I’m afraid when i remove the Certs it will stop working altogether.
Seeing everything else is working i assume it’s a configuration thing with Nextcloud.
I read this part :
https://docs.nextcloud.com/server/30/admin_manual/configuration_server/reverse_proxy_configuration.html
But i have no clue on how to apply this in my situation?
I already put this line in:
‘trusted_proxies’ =>
array (
0 => ‘192.168.1.5’,
but that doesn’t seem to work.
Also recently this message shows up :
Some headers are not set correctly on your instance - The Strict-Transport-Security HTTP header is not set (should be at least 15552000 seconds). For enhanced security, it is recommended to enable HSTS. For more details see the documentation 
And checked my 'nextcloud-le-ssl.conf : Header always set Strict-Transport-Security “max-age=63072000; includeSubDomains; preload”
I don’t recall changing that before but that looks like a lot more then 15552000.
I don’t know if that occ:rewrite:security (forgot exact command) changed it?