Nextcloud + reverse proxy nginx

Sejtan

New Member
Oct 3, 2020
18
3
3
Hey all

Trying to set up reverse proxy and and not working as I thought.
Setup goes well, but when I have to change nginx file then it does not work as it should.
I want to know how to set my nginx file to access my plex, unifi, heimdall and grafana.
 
Last edited:

JJ27

New Member
Oct 24, 2018
8
1
3
You will probably need to create the thread on the software side of the forum, and also put some kind of information like:
*Basic diagram
*NGINX config files

etc, so someone can pick it up and take a look at it.

Cheers,
 

Sejtan

New Member
Oct 3, 2020
18
3
3
Hi everyone,

have a little problem that I do not know how to solve it.
Installed reverse proxy and want to access my Nextcloud.
Everything works if I put my Nexcloud ip address in trusted domains. If I delete the ip address then I get a message (see picture).
 

Attachments

cageek

Member
Jun 22, 2018
46
34
18
I've never done what you're talking about, but, have you looked at the admin manual:


It sounds like you might need to set the nextcloud config.php parameters - trusted_proxies, overwritehost, overwriteprotocol, overwritewebroot, overwritecondaddr, if you haven't already done so.

Also in nginx.config, setting the
proxy_set_header X-Forwarded-For $remote_addr;
See: Set the X-Forwarded-For header on a nginx reverse proxy setup - Networking HowTos
 

StevenDTX

Active Member
Aug 17, 2016
471
162
43
This is the settings I use for nginx Nextcloud.

Code:
### nextcloud
server {
        listen 443 ssl;
        server_name nextcloud.domain.org;
        client_max_body_size 20G;
    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";

        location / {
              proxy_pass https://10.1.1.20:4430;
              proxy_max_temp_file_size 2048M;
          proxy_buffering off;
              proxy_read_timeout 256;
        }

    location = /.well-known/carddav {
      return 301 $scheme://$host:$server_port/remote.php/dav;
    }
    location = /.well-known/caldav {
      return 301 $scheme://$host:$server_port/remote.php/dav;
    }

   }

And you also need to add the domain(s) to Nextcloud config.php

Code:
  array (
    0 => 'localhost',
    1 => '10.1.1.20:4430',
    2 => 'nextcloud',
    3 => 'nextcloud.domain.org',
  ),
  'dbtype' => 'mysql',
  'version' => '18.0.7.1',
  'overwrite.cli.url' => 'https://nextcloud.domain.org/',
  'overwritehost' => 'nextcloud.domain.org',
 
  • Like
Reactions: nasi

Sejtan

New Member
Oct 3, 2020
18
3
3
Hi,

Code for nginx reverse proxy:

server {

server_name cloud.mydns.com;

location / {
proxy_pass https://10.101.115.30;
proxy_buffering off;
proxy_set_header X-Real-IP $remote_addr;
}

listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/cloud.mydns.com-0001/fullchain.pem; # >
ssl_certificate_key /etc/letsencrypt/live/cloud.mydns.com-0001/privkey.pem; >
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
if ($host = cloud.mydns.com) {
return 301 https://$host$request_uri;
} # managed by Certbot


listen 80;
listen [::]:80;

server_name cloud.mydns.com;
return 404; # managed by Certbot


}



Nextcloud config.php code:

<?php
$CONFIG = array (
'apps_paths' =>
array (
0 =>
array (
'path' => '/snap/nextcloud/current/htdocs/apps',
'url' => '/apps',
'writable' => false,
),
1 =>
array (
'path' => '/var/snap/nextcloud/current/nextcloud/extra-apps',
'url' => '/extra-apps',
'writable' => true,
),
),
'supportedDatabases' =>
array (
0 => 'mysql',
),
'memcache.locking' => '\\OC\\Memcache\\Redis',
'memcache.local' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => '/tmp/sockets/redis.sock',
'port' => 0,
),
'log_type' => 'file',
'logfile' => '/var/snap/nextcloud/current/logs/nextcloud.log',
'logfilemode' => 416,
'passwordsalt' => 'iygsb5ljnjgXFYzcFHLx28UyxlYYBd',
'secret' => 'dvW8kP8mN2ZH9Wq73uf2D/DqeQVQbJB/iL+sIvnePk7SmSkj',
'trusted_domains' =>
array (
1 => '10.101.115.30',
),
'datadirectory' => '/var/snap/nextcloud/common/nextcloud/data',
'dbtype' => 'mysql',
'version' => '20.0.7.1',
'overwrite.cli.url' => 'https://cloud.mydns.com',
'dbname' => 'nextcloud',
'dbhost' => 'localhost:/tmp/sockets/mysql.sock',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'nextcloud',
'dbpassword' => '43-gyWKjENXejiF7K6RaF4DKRXPdax6DAxvDFGHoMvKx7o7bNHGFDShOxSXw_9XDiUikhZJVM',
'installed' => true,
'instanceid' => 'ocoiq96ectps',
'maintenance' => false,
);
 

Sejtan

New Member
Oct 3, 2020
18
3
3
Hello


Everything works except: Strict-Transport-Security.
Where should i put this line in my nginx config, to avoid warnings.

add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";