Hello! First time posting here. Iāve managed to run an instance of Nextcloud using Nginx as a reverse proxy successfully for over a year now, however it was always on the same server. Iāve decided to have Nginx running on a dedicated Pi and am having a hard time getting it working correctly with Nextcloud. Every other app Iām using with my new Nginx setup is working great.
Is it possible to have Nginx on a separate server (and VLAN) than my Nextcloud instance? If anyone could provide some basic guidance or point me to a conversation that would help it would be greatly appreciated! Iām not sure if the root considers the proxy_pass to the IP address or if Iām needing to specify the root being on the other machine (http://nextcloud_ip/usr/share/nextcloud/). Iāve tried quite a few things and just canāt seem to get anywhere. Iām a little surprised I couldnāt find more people trying to achieve this same thing, which has me thinking Iām just completely missing something obvious (or maybe this just isnāt possible). Am a little new to this homebrew world so please be kind lol.
āReverse Proxyā is the keyword you are looking for. You can run your Nextcloud in one VLAN and the reverse proxy in another. However, Nextcloud needs a web server to work. This means that you have to run two web servers. One on the same server where your nextcloud is installed (wich you already have) and one on the other server in a reverse proxy configuration, which forwards the requests to the Nextcloud web server.
If your Nextcloud server is already accessible from the Internet and you are using SSL certificates, the easiest way is to disable SSL on the Nextcloud server and reacquire the certificates on the reverse proxy. And of course the port forwarding from the Internet must point to the server with the reverse proxy on it, instead of the Nextcloud server.
If you want the connection between the reverse proxy and the Nextcloud server to be encrypted as well, the setup becomes more complicated. But this is also possible. However, I would start with the simpler variant and, if necessary, deal with ssl on the Nextcloud server afterwards.
Thank you so much for the quick response! Iām going to look into this when I get home from work tonight.
Iām dealing with a single internet connection. As far as I know, web servers listen on ports 80 & 443. Does this mean I will need to have the server paired with the Nextcloud instance listening on one of these ports and the reverse proxy server listening on the other? Iām guessing port 80 would be reverse proxy (since the proxy should force HTTPS) and port 443 would be on the Nextcloud server? Or do I need to use custom ports and deal with the headaches that could create on the access end?
Any suggestions on whether to go apache/nginx on the Nextcloud server?
Thank you again! Iāll follow up here within the next couple days with results.
All the requests for your Nextcloud from the internet should go to Port 443 of the reverse proxy. The reverse proxy then forwards the request to to the Nextcloud server. The Nextcloud server delivers the requested resource back to the proxy, which delivers it to the client. Since Nextcloud is running on a diffrent server, both servers can listen on Port 443.
I would use the web server that you most familiar with. But If I understood correctly, you already have a working Nextcloud installation? If so, you donāt have to change anything there, except for the things that are described in the link to the Nextcloud Docs that I posted in the previous post.
If you need more specific help, please post detailed information about your existing setup. It may also help to search the forum. There are already various threads on the subject of reverse proxy.