this post was submitted on 21 Jul 2023
2 points (100.0% liked)

Nextcloud

326 readers
1 users here now

A community for discussing all things related to Nextcloud.

Other resources:

founded 1 year ago
MODERATORS
 

I was looking for a way to use a reverse Proxy with my nextcloud snap install, this guid was what I needed. https://github.com/nextcloud-snap/nextcloud-snap/wiki/Putting-the-snap-behind-a-reverse-proxy

First change, what ports nextcloud listens to: sudo snap set nextcloud ports.http=81 ports.https=444

Install haproxy and append this to the config file in /etc/haproxy/haproxy.cfg

backend nextcloud-http                                                                                                                                                                                                                        
        mode http                                                                                                      
        balance roundrobin                                                                                                                                                                                                                    
        option forwardfor                                  
        option httpchk HEAD /
        http-check send ver HTTP/1.1 hdr Host localhost
        server nextcloud 127.0.0.1:81 check                                                                            
        timeout connect 4s                                 
        timeout server 4s                 
                                                           
backend nextcloud-https                                    
        mode tcp                                                                                                       
        balance roundrobin
        option httpchk HEAD /                                                                                                                                                                                                                 
        http-check send ver HTTP/1.1 hdr Host localhost                                                                                                                                                                                       
        option ssl-hello-chk                   
        server nextcloud 127.0.0.1:444 check                                                                                                                                                                                                  
        timeout connect 4s                                                                                             
        timeout server 4s      

And this for the front end, don't forget to change to your domain. nextcloud.example.org

frontend http                                                                                                          
        bind *:80                                                                                                      
        mode http                                                                                                                                                                                                                             
                                                                                                                                                                                                                                              
        acl host_nextcloud hdr(host) -i <domain name>                                                                  
        use_backend nextcloud-http if host_nextcloud       
        timeout client 4s                                                                                              
                                                                                                                       
frontend https                                             
        bind *:443                                         
        mode tcp                                                                                                       
                                                                                                                       
        tcp-request inspect-delay 5s                       
        tcp-request content accept if { req_ssl_hello_type 1 }
                                                                                                                       
        acl host_nextcloud req_ssl_sni -i <domain name>                                                                
        use_backend nextcloud-https if host_nextcloud                                                                  
        timeout client 4s

Check if everything is correct with sudo haproxy -c -f /etc/haproxy/haproxy.cfg and start it.

sudo systemctl enable haproxy
sudo systemctl start haproxy

just do the lets-encrypt stuff again: nextcloud.enable-https And it worked for me(Apache)

top 1 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 1 year ago

I'll just stick with docker