Nginx reverse proxy settings when running nextcloud on apache2 server

pieter · April 11, 2020, 7:37pm

When searching this forum, stackexchange/overflow, google I can find a lot on how to setup nginx and all when on a same server but hardly when nginx has to act as a reverse proxy to different machines (IP-addresses) in the network.

What I have now:

router (xxx.xxx.xxx.001) ->portforwarding 80/443 (http(s) and 3478/8443 (turn/stun) ->server with several hosts on (xxx.xxx.xxx.003): nextcloud.domain.com, collabora.domain.com or open documentserver with onlyoffice and some other webservices other than nextcloud related.

collabora.comain.com has an entry in the hosts file of the machine. So I figure this will nog jump outside and since the 9980 port for collabora isn’t open and all functions I can conclude that works fine.

because of the other webservices I would like to split these from the server running nextcloud.
then it would look like.

router (xxx.xxx.xxx.001) -> port forwarding 80/443 -> reverse proxy (xxx.xxx.xxx.002) -> several webservers (xxx.xxx.xxx.0xx), the nextcloud machine amongst others…
router (xxx.xxx.xxx.001 -> port forwarding 3478/8443 -> machine with nextcloud.

That would not look to interesting as this seems to work:

server {

		listen 443 ssl;
        server_name nextcloud.domain.com;
		    ssl_certificate         pathto/cert.cert;
            ssl_certificate_key     pathto/key.key;
        location / {
			proxy_buffering off;
			proxy_pass_request_headers      on;
			proxy_set_header Host $host;
			proxy_pass_header    Server;
            proxy_pass https://xxx.xxx.xxx.003:443/;
						
        }
}

but even thoug “talk” still works, collabora nor onlyoffice/opendocumentserver seem to function.

Am I missing something in the setup? what should be the correct nginx reverse proxy settings?

kevdog · April 13, 2020, 1:11am

Hi

I’m not sure if I can help all that much but here is a few things to troubleshoot
#1. Take https out of it for now – it just complicates things – meaning do a
proxy pass http://xxx.xxx.xxx.003:80/; for now. Make sure you can just do a reverse proxy first prior to adding TLS stuff.
#2. Syntax should it just be xxx.xxx.xxx.3 instead of xxx.xxx.xxx.003?
#3. What site did you reference to compose the server block on your reverse proxy? Do you need to set those headers?

pieter · April 13, 2020, 11:26am

#1. proxying to :80 or :443 is not the problem… that works just fine.
#2. true but just the syntax for this sample… sequential numbers I am aware of x instead of 00x
#3. I need to set and pass since the machine is running multiple vhosts. Whithout the setting and passing the server will just show the default site from that server.

server is running nextcloud.domain.com and collabora.domain.com amongst some other vhosts

while the local DNS on the machine has its own entry for collabora.domain.com it is connecting to the collabora internally. Still, nothing on Collabora is showing in the browser. Switching to open document server and only office results in same “nothing”.

It is most probably some extra’s I need for collabora/only office I am missing.