Hi,
I am trying to setup a Nextcloud System on my TrueNAS Server (10.0.0.2) behind a NGINX Reverse Proxy Server (10.0.0.3) .
I want the Reverse Proxy to handle all the SSL Things.
After the installation I could connect to Nextcloud over the internal IP (10.0.0.2:8282). I switched off redirection to HTTPS, so that the Reverse Proxy Server accesses Nextcloud over HTTP. So far so good.
After multiple attempts I also could reach Nextcloud over the external URL (domain.com/cloud/).
The “only” problems left are:
-If I access Nextcloud over the external URL without trailing slash (domain.com/cloud) Chrome downloads this file, and does not load a page:
<?php
die('{"installed":true,"maintenance":false,"needsDbUpgrade":false,"version":"23.0.0.10","versionstring":"23.0.0","edition":"","productname":"Nextcloud","extendedSupport":false}');
?>
-If I go into Settings (https://domain.com/cloud/settings/admin/overview/) in Nextcloud it shows me the “page not found”-page
I already tried multiple workarounds and tutorials in different forums but so far nothing worked.
Here my Config Files:
config.php
<?php
$CONFIG = array (
'apps_paths' =>
array (
0 =>
array (
'path' => '/usr/local/www/nextcloud/apps',
'url' => '/apps',
'writable' => true,
),
1 =>
array (
'path' => '/usr/local/www/nextcloud/apps-pkg',
'url' => '/apps-pkg',
'writable' => false,
),
),
'logfile' => '/var/log/nextcloud/nextcloud.log',
'memcache.local' => '\\OC\\Memcache\\APCu',
'one-click-instance' => true,
'one-click-instance.user-limit' => 100,
'memcache.distributed' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => 'localhost',
),
'passwordsalt' => 'XXXXXXXX',
'secret' => 'XXXXXXXX',
'trusted_domains' =>
array (
0 => 'localhost',
1 => '10.0.0.2',
2 => 'domain.com',
),
'trusted_proxies' => ['10.0.0.3'],
'datadirectory' => '/usr/local/www/nextcloud/data',
'dbtype' => 'mysql',
'version' => '28.0.3.2',
'overwrite.cli.url' => 'https://domain.com/cloud',
'overwritehost' => 'domain.com',
'overwriteprotocol' => 'https',
'overwritewebroot' => '/cloud',
'overwritecondaddr' => '^10\.0\.0\.3$',
'forwarded_for_headers' => ['HTTP_X_FORWARDED', 'HTTP_FORWARDED_FOR'],
'dbname' => 'nextcloud',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'oc_ncadmin',
'dbpassword' => 'XXXXXXXX',
'installed' => true,
'instanceid' => 'XXXXXXXX',
);
nginx/conf.d/nextcloud.inc on Nextcloud Server
upstream php-handler {
server unix:/var/run/nextcloud-php-fpm.sock;
}
# Redirect to HTTPS
#server {
# listen 80 default_server;
# listen [::]:80;
#
# location ^~ /.well-known/acme-challenge {
# # Path to the root of your installation
# root /usr/local/www/nextcloud/;
# try_files $uri $uri/ =404;
# }
#
# location / {
# return 301 https://$host:443$request_uri;
# }
#}
server {
# listen 443 ssl http2;
listen 80 default_server;
server_name _;
# HSTS settings
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
# add_header Strict-Transport-Security "max-age=15768000; includeSubDomains;" always;
include conf.d/nextcloud.inc;
}
nginx/sites-enabled/default on Reverse Proxy Server
location /cloud/ {
proxy_pass http://10.0.0.2:8282/;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Accept-Encoding "";
proxy_set_header Host $host;
}