[SOLVED] Can't set reverse proxy on my Unraid Server

jokerigno · September 25, 2020, 9:16am

Nextcloud version (eg, 19.0.3.1):
Operating system and version (eg, Unraid 6.8.3):
Apache or nginx version (nginx runnin inside swag container - aka known as letsencrypt container made by linuxserver):

The issue you are facing:

I can’t set nextcloud for net access? (Lan access is working well).

Steps to replicate it:

I created a subdomain cloud.mydomain.it and changed config.php in nextcloud folder and nextcloud.subdomain.conf in nginx folder under swag container using this config:

config.php

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => 'ocz3l2jujtz6',
  'passwordsalt' => 'xxxxxxxxxxxx',
  'secret' => 'xxxxxxxxxxxx',
  'trusted_domains' => 
  array (
    0 => 'xxxxxxxxxxxxxxx:444',
    1 => 'cloud.xxxxxxxxxxxxxxx.it',
  ),
  'dbtype' => 'mysql',
  'version' => '19.0.3.1',
  'dbname' => 'nextcloud',
  'dbhost' => 'xxxxxxxxxxxxxxx:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => 'xxxxxxxxxxxxxxx',
  'installed' => true,
  'maintenance' => false,
  'loglevel' => 2,
  'mail_from_address' => 'admin',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => 'xxxxxxxxxxxxxxx.it',
  'mail_smtpauthtype' => 'LOGIN',
  'mail_smtphost' => 'authsmtp.securemail.pro',
  'mail_smtpport' => '465',
  'mail_smtpauth' => 1,
  'mail_smtpname' => 'xxxxxxxxxxxxxxx@xxxxxxxxxxxxxxx.it',
  'mail_smtppassword' => 'xxxxxxxxxxxxxxx',
  'mail_smtpsecure' => 'ssl',
  'theme' => '',
  'trusted_proxies' => ['swag'],
  'overwrite.cli.url' => 'https://cloud.xxxxxxxxxxxxxxx.it/',
  'overwritehost' => 'cloud.xxxxxxxxxxxxxxx.it',
  'overwriteprotocol' => 'https',
);

nextcloud.subdomain.conf

# make sure that your dns has a cname set for nextcloud
# assuming this container is called "swag", edit your nextcloud container's config
# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
#  'trusted_proxies' => ['swag'],
#  'overwrite.cli.url' => 'https://nextcloud.your-domain.com/',
#  'overwritehost' => 'nextcloud.your-domain.com',
#  'overwriteprotocol' => 'https',
#
# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
#  array (
#    0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
#    1 => 'nextcloud.your-domain.com',
#  ),

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name cloud.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app nextcloud;
        set $upstream_port 443;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

        proxy_max_temp_file_size 2048m;
    }
}

Thank you in advance!

devnull · September 25, 2020, 10:32am

Can you post your errors and logs?
1.) Have you set the DNS from cloud.xxxxxxxxxxxxxxx.it to the external ip-address or are you using CNAME? (test e.g. nslookup cloud.xxxxxxxxxxxxxxx.it)
2.) Do you find logs in nginx while accessing from real outside?
3.) Do you find logs in nextcloud while accessing from real outside?

Use a browser from outside and post network-communications in network-analysis (F12)

jokerigno · September 25, 2020, 11:13am

Hi,

thank you for the support.

Below the answers:

I Use cloudfare to redirect cloud.* to my public ip adress where letsencrypt is running. I think this part is working because if navigate to cloud.xxxxxxxxxxxxxxx.it I see my default landing page.

Here’s the log of nginx inside letsencrypt:

2020/09/25 13:06:30 [error] 417#417: *151 nextcloud could not be resolved (3: Host not found), client: 188.114.102.61, server: cloud.*, request: "GET / HTTP/1.1", host: "cloud.xxxxxxxxxxxxxxx.it"
2020/09/25 13:06:31 [error] 417#417: *153 nextcloud could not be resolved (3: Host not found), client: 188.114.103.194, server: cloud.*, request: "GET /favicon.ico HTTP/1.1", host: "cloud.xxxxxxxxxxxxxxx.it", referrer: "https://cloud.xxxxxxxxxxxxxxx.it/"
2020/09/25 13:06:42 [error] 417#417: *154 nextcloud could not be resolved (3: Host not found), client: 188.114.103.194, server: cloud.*, request: "GET /favicon.ico HTTP/1.1", host: "cloud.xxxxxxxxxxxxxxx.it", referrer: "https://cloud.xxxxxxxxxxxxxxx.it/"
2020/09/25 13:07:15 [error] 417#417: *163 nextcloud could not be resolved (3: Host not found), client: 188.114.103.154, server: cloud.*, request: "GET / HTTP/1.1", host: "cloud.xxxxxxxxxxxxxxx.it"
2020/09/25 13:07:16 [error] 417#417: *164 nextcloud could not be resolved (3: Host not found), client: 188.114.103.194, server: cloud.*, request: "GET /favicon.ico HTTP/1.1", host: "cloud.xxxxxxxxxxxxxxx.it", referrer: "https://cloud.xxxxxxxxxxxxxxx.it/"

No error in nginx log or nextcloud log inside nextcloud container. Only this notice. I think is related to the reboot of the service.

[25-Sep-2020 13:05:25] NOTICE: Terminating …
[25-Sep-2020 13:05:25] NOTICE: exiting, bye-bye!
[25-Sep-2020 13:05:55] NOTICE: fpm is running, pid 352
[25-Sep-2020 13:05:55] NOTICE: ready to handle connections

For the test I used a smartphone. I don’t have another “real” connection to use. The message I see in the browser is cloudfare page reporting :

Error 502 Bad gateway

I hope is enough.

PS : I tried to connect to nextcloud using local lan adress and is not working neither.

jokerigno · September 27, 2020, 8:04am

Up?

Can anyone help me please fixing this?

Joapen · October 1, 2020, 4:12pm

Hi, I was getting the same issue as you. It’s marked as resolved but i don’t see the post that helped you. So just in case here’s what solved the issues for me.

It was because my docker container name did not match with $upstream_app in nextcloud.subdomain.conf due to a typo.

It’s a silly mistake but they’re the worst to find.

jokerigno · October 2, 2020, 12:27pm

LOL

I have the same feeling. In my case I didn’t used let’s encrypt proxy network to the container. Once I selected it nexcloud became avaliable.

AK2021 · March 4, 2021, 6:55am

I do not see a solution, so why is this tagged as solved? I am having similar issue. I noticed and made changes according to exactly what SPACEINVADER’s youtube videos guided. I am unable to get to my nextcloud from anywhere, not even within the network anymore. Any help would be greatly appreciated.
If I attempt from outside, I get SWAG’s landing page and that’s it.

jokerigno · March 4, 2021, 2:00pm

As mentioned, in my case, I didn’t use specific proxy network (the one spaceinvader wants you to create and use). After this change I restarted docker and it worked.

In your case maybe you miss some steps. I think you should set SWAG to route your connection to the specific adress:port of you application.