Hi All,
I have a cloudflared tunnel with full (strict) with origin certs downloaded that I’ve confirmed can get to my Rpi4 and have installed Nextcloudpi through the install script. My Rpi4 is Raspbian OS 64 Bullseye. The ddns site is registered to a .ml domain, as the config of the tunnel differs with this domain type.
I could be persuaded to install the nextcloudpi through the docker image method, as I now have an SSD in the pi and don’t need to have the data directory on the storage USB drive (not an option in docker image) and I can arrange for the external drive to backup data from connected devices through the nextcloud interface.
The main issue that I’m having is that I cannot seem to have the ddns direct to the nextcloud instance and I keep getting the redirect error message that doesn’t allow it to securely bring up the page.
Apache2 site redacted below:
<IfModule mod_ssl.c>
<VirtualHost *:80>
ServerName 192.168.1.XX
Redirect permanent / https://sub.domain.com/
</VirtualHost>
<VirtualHost *:443>
ServerName sub.domain.com
DocumentRoot /var/www/nextcloud
CustomLog /var/log/apache2/nc-access.log combined
ErrorLog /var/log/apache2/nc-error.log
SSLEngine on
SSLProxyEngine on
SSLCertificateFile /home/$USER/Documents/sub.domain.com.pem
SSLCertificateKeyFile /home/$USER/Documents/sub.domain.com.key
# For notify_push app in NC21
ProxyPass /push/ws ws://127.0.0.1:7867/ws
ProxyPass /push/ http://127.0.0.1:7867/
ProxyPassReverse /push/ http://127.0.0.1:7867/
</VirtualHost>
<Directory /var/www/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
LimitRequestBody 0
SSLRenegBufferSize 10486000
</Directory>
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15768000; includeSubDo>
</IfModule>
</IfModule>
And my Cloudflare Tunnel redacted is:
tunnel: $tunnel-ID
credentials-file: /home/$USER/.cloudflared/$tunnel-ID.json
ingress:
- hostname: sub.domain.com
service: http://192.168.1.XX
- service: http_status:404