Nextcloud version (eg, 20.0.5): 25.0.6
Operating system and version (eg, Ubuntu 20.04): Debian GNU/Linux 11 (bullseye)
Apache or nginx version (eg, Apache 2.4.25): Apache/2.4.56 (Debian)
PHP version (eg, 7.4): 7.4.33
The issue you are facing:
I have Nextcloud installed in Container1 on my Proxmox server, and nginx reverse proxy set up in Container2. I want to route requests to my Nextcloud subdomain (i.e. nextcloud.example.com
) through my reverse proxy. My nginx host controls ports 80 and 443 on my router. I have read through many guides but haven’t found an answer that works for me. Could someone look through my setup below and let me know what I’ve done wrong?
For context, currently I can access Nextcloud via local IP only while connected to my local network. When attempting to access nextcloud.example.com
from my iOS Firefox browser, I get NSURLErrorDomain
on regardless of which network I am connected to. Interestingly, Windows computers on my local network can access Nextcloud via subdomain and local IP.
Domain name (changed from actual): nextcloud.example.com
Container1 (Nextcloud): 10.0.0.117
Container2 (Nginx): 10.0.0.10
Is this the first time you’ve seen this error? (Y/N): Y
The output of my config.php file in /var/www/nextcloud/config/config.php
:
<?php
$CONFIG = array (
'passwordsalt' => 'xxx',
'secret' => 'yyy',
'trusted_domains' =>
array (
0 => 'localhost',
1 => '10.0.0.117',
2 => 'nextcloud.example.com',
3 => '10.0.0.10',
),
'trusted_proxies' =>
array (
0 => '10.0.0.10',
),
'datadirectory' => '/var/www/nextcloud-data',
'dbtype' => 'mysql',
'version' => '25.0.3.2',
'overwritehost' => 'nextcloud.example.com',
'overwritewebroot' => '/',
'overwrite.cli.url' => 'https://nextcloud.example.com',
'overwriteprotocol' => 'https',
'overwritecondaddr' => '^10\.0\.0\.10$',
'forwarded-for-headers' =>
array (
0 => 'HTTP_X_FORWARDED',
1 => 'HTTP_FORWARDED_FOR',
),
'htaccess.RewriteBase' => '/',
'dbname' => 'nextcloud',
[...removed the rest for brevity]
);
The output of my Apache config in /etc/apache2/sites-available/nextcloud.conf
:
ServerName localhost
<VirtualHost *:80>
UseCanonicalName Off
ServerAdmin webmaster@localhost
DocumentRoot /var/www/nextcloud/
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/.well-known
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
ServerAdmin webmaster@localhost
DocumentRoot /var/www/nextcloud/
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
</VirtualHost>
<Directory /var/www/nextcloud/>
Options +FollowSymLinks
AllowOverride All
Require all granted
</Directory>
The output of my Nginx config in Container2 (ngnix reverse proxy dedicated host):
server {
listen 80;
server_name nextcloud.example.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name nextcloud.example.com;
access_log /var/log/nginx/cloud.example.com.access.log;
error_log /var/log/nginx/cloud.example.com.error.log;
client_max_body_size 0;
underscores_in_headers on;
# Let's Encrypt SSL
include /etc/nginx/conf.d/include/letsencrypt-acme-challenge.conf;
include /etc/nginx/conf.d/include/ssl-ciphers.conf;
ssl_certificate /etc/letsencrypt/live/npm-1/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/npm-1/privkey.pem;
location / {
proxy_headers_hash_max_size 512;
proxy_headers_hash_bucket_size 64;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
add_header Front-End-Https on;
proxy_pass https://10.0.0.117;
}
}
And finally, here is the output of the curl command run on my a different machine:
$ curl -i https://nextcloud.example.com
curl: (7) Failed to connect to nextcloud.example.com port 443 after 21044 ms: Connection refused
Thanks!