Hello,
I want deploy nextcloud in my personal infrastructure.
I’ve platform with VMware ESXi, I’m teacher of VMware, i prefer explain why i have a vmware vsphere platform in my home .
I choose to deploy the official appliance of nextcloud, because i don’t have time to perform the full installation of this services.
My platform is composed of :
- 2 Servers HaProxy in frontal configuration with KeepAlived (Red Hat 8.5)
- 2 Web Server
- 1 NextCloud Server
It’s work fine, but when i’ve activated SSL (Let’s encrypt certificat). it’s stop work with the following error :
Bad Request
Your browser sent a request that this server could not understand.
Reason: You’re speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.
For my classical website i don’t meet a problem, its work fine…
My configuration of HaProxy :
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
ssl-default-bind-options no-sslv3
tune.ssl.default-dh-param 2048
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
frontend http-in
bind *:80
acl http ssl_fc,not
http-request redirect scheme https if http
frontend https-in
bind *:443 ssl crt-list /etc/haproxy/certs/domains_list.txt
option forwardfor
option forwardfor header X-Real-IP
http-request add-header X-Real-IP %[src]
reqadd X-Forwarded-Proto:\ https
acl letsencrypt-acl path_beg /.well-known/acme-challenge/
use_backend letsencrypt-back if letsencrypt-acl
acl nextcloud hdr_end(host) -i nextcloud.lesdupre.fr
acl www hdr_end(host) -i www.lesdupre.fr
use_backend nextcloud-back if nextcloud
use_backend rhel-web-back if www
default_backend rhel-web-back
backend nextcloud-back
server ubu-nextcloud nextcloud.home.local:443
backend rhel-web-back
redirect scheme https if ! { ssl_fc }
balance roundrobin
server rhel-web01 192.168.1.81:80 check
server rhel-web02 192.168.1.82:80 check
Do you have some idea to help me ?
Thanks lot for any assistance.
Regards,
MrXanderX