Nextcloud Nginx reverse proxy error with DDNS domain access

🚧 Installation
,
1

Hi,

I am using Nextcloud (VM2 Ubuntu Server 20.04.4) instance behind reverse Nginx proxy (Ubuntu Server 20.04.4 VM1).

My Nginx VM1 proxy config SSL certificate:

server {
        listen 443 ssl;
        server_name cloud.mydomain.net;
        client_max_body_size 0;
        access_log /var/log/nginx/cloud-access.log;
        error_log /var/log/nginx/cloud-error.log;
        proxy_buffering off;

        location / {
                    proxy_pass http://Nextcloud VM2 internal IP:80;
        }

    ssl_certificate /etc/letsencrypt/live/cloud.mydomain.net/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/cloud.mydomain.net/privkey.pem; # managed by Certbot
}

My Nextcloud VM2 config:

<?php
$CONFIG = array (
  'instanceid' => 'oc9448kkcp78',
  'passwordsalt' => 'h03sH/4g8gdgwfncmHDW96EYdTLw58',
  'secret' => 'ywH3QINeyhrnGEZrbmdBaiKobsi81A6T+8LXPt/scvgMnpDQ',
  'trusted_domains' =>
  array (
    0 => 'nextcloud VM2 IP',
    1 => 'my.domain.net'
  ),
  'datadirectory' => '/var/www/html/nextcloud/data',
  'dbtype' => 'mysql',
  'version' => '22.0.0.11',
  'overwrite.cli.url' => 'http://nextcloud VM2 IP/nextcloud',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'user',
  'dbpassword' => 'password',
  'installed' => true,
);

When i try to access from out side by typing in adress bar adress: my.domain.net, i get an error "host 192.168.1 (nextcloud VM2 IP) is taking to long to respond (connection timed out).

When i try to access this from my internal network, i type my.domain.net in adress bar and immediately get a response, my nextcloud is asking for login and working normaly.

Ports 443 and 80 ports are forwarded to my Nginx reverse proxy VM.

I do not now what am i doing wrong. Thank you for all your help.

2

Can someone give me some info? :smiley:

3

You use a ssl connecion to get to your proxy, and then a non-ssl connection to your Nextcloud-host.

This then shouldn’t be a https-connection? What is the proxy doing when you call via non-ssl?

What can help in such cases, use tcpdump on the server with the proxy, then you can see who starts to call a url, how you get and forward responses.

1 Like
4

EDIT with new Nginx and Nextcloud config file:

NGINX:

server {
listen 443 ssl;

server_name my.domain.net;
ssl_certificate /etc/letsencrypt/live/my.domain.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/my.domain.net/privkey.pem;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://MY.VM2.IP/nextcloud/;
proxy_read_timeout 90;
}

}

Nextcloud:

<?php $CONFIG = array ( 'instanceid' => 'oc9448kkcp78', 'passwordsalt' => 'h03sH/4g8gdgwfncmHDW96EYdTLw58', 'secret' => 'ywH3QINeyhrnGEZrbmdBaiKobsi81A6T+8LXPt/scvgMnpDQ', 'trusted_domains' => array ( 0 => 'VM1 PROXY IP', 1 => 'VM2 NEXTCLOUD IP', 2 => 'MY.DOMAIN.NET:443' ), 'datadirectory' => '/var/www/html/nextcloud/data', 'dbtype' => 'mysql', 'version' => '22.0.0.11', 'overwrite.cli.url' => 'http://MY VM2 NEXTCLOUD IP/nextcloud', 'dbname' => 'nextcloud', 'dbhost' => 'localhost', 'dbport' => '', 'dbtableprefix' => 'oc_', 'mysql.utf8mb4' => true, 'dbuser' => 'USER', 'dbpassword' => 'PASSWORD', 'installed' => true, ); Now I am getting an error, access from untrusted domain. ps. i want to thank moderator for editing my first post so it looks better. :smiley: