Hello there,
I am trying to set up a reverse proxy for the Nextcloud app I installed through the Scale app installer, but after countless hours and dozens of tries, I can’t seem to make it work.
I am using Traefik as a reverse proxy, on a Ubuntu VM. I would have used Nginx Proxy Manager on Scale if it wasn’t for the fact that it doesn’t work with HDDs. (Scale itself runs on a SDD partition but my datasets are on a HDD)
My current setup is :
Proxmox server with 2 VM :
- TrueNAS Scale, Nextcloud is installed there
- Ubuntu Server, Traefik instance is there
I transposed my old Traefik config of Nextcloud (which I was hosting on Docker on my previous setup) into this config.yml :
Nextcloud runs on port 9000.
I have been tweaking these settings a lot, here is what I got right now:
Host : I left blank, but tried with cloud.redacted.com too
Additional Environment Variables :
- OVERWRITECLIURL : cloud.redacted.com
- OVERWRITEHOST : cloud.redacted.com
I had some Bad Gateway errors, but now it’s an Internal Server Error.
Nextcloud logs doesn’t show any errors.
After 4 days struggling, I am here asking for help.
Have anyone managed to setup what I’m trying to do ?
Do you have any idea of what could be wrong ?
Feel free to ask for any detail needed
Thanks in advance
I believe you can access but to confirm, can you access HTTP://192.168.1.233:9000 without any errors?
I usually got the same error but was because Nextcloud was not working. Also, try to ping your Nextcloud IP via Ubuntu VM, could be a network issue.
Also, I am sharing with you my Traefik config.yml.
http:
routers:
nextcloud:
rule: "Host(`cloud.redacted.com`)"
entrypoints:
- "https"
service: nextcloud
middlewares:
- nextcloud-chain
tls:
certresolver: "cloudflare"
services:
nextcloud:
loadBalancer:
servers:
- url: "http://<nextcloudIP>:9000"
middlewares:
nextcloud-secure-headers:
headers:
hostsProxyHeaders:
- "X-Forwarded-Host"
referrerPolicy: "same-origin"
https-redirect:
redirectscheme:
scheme: https
nextcloud-chain:
chain:
middlewares:
- https-redirect
- nextcloud-secure-headers
With this exact configuration, trying to access the raw http://192.168.1.233:9000 redirects me to https://192.168.1.233/ (I think something in Nextcloud redirects it automatically, don’t know what though as I can’t access the php file (it’s in the “ix-applications” dataset)
I tried your exact config, I get a redirection error (not redirected properly). In the network debug tab, I can see it got redirected many times (307 temporary redirects)
That redirect is normal. But ignoring the SSL error can you access your Nextcloud via IP Address?
I can ping it from the VM Traefix is on using telnet (ping at port 9000 results in connection)
Ok, not a network issue. Can you access it, like just see the Nextcloud Home Screen or an error saying that you do not have SSL?
Can’t access it right now because of the automatic redirection. I did access it before trying to setup the reverse proxy though.
(and now that I think of it, will Nextcloud use the TrueNAS certificate or the Traefik one ?)
You should be able to access your Nextcloud IP address.
Have you set a valid certificate on Nextcloud? If not, then I would recommend setting one with Traefik that will be easier.
Can you run the following command on your Truenas Shell to know if it’s running or not?
k3s kubectl get pods -A
Just changed the Overwrite Host env variable to the raw ipv4 adress. Now I can connect HTTPS using the ipv4 adress. Strange enough, the http adress redirects me to the port 80, which is my TrueNas dashboard.
I didn’t get this, can you be more specific?
I detailed here my Nextcloud installation’s details. I have set two environment variable. “Overwrite Host” is pretty much the same as the “Host” field in the config, it’s the URL that is set everytime I click a link within nextcloud.
If this variable is set to “cloud.redacted”, then let’s say I log in with 192.168.1.233, if I click a link to “login” it will send me to “cloud.redactedlogin”
Use just to Host part with your address cloud.redacted.com, and set the Traefik to point the address to your Nextcloud IP and port.
Confirm that your DNS for the address cloud.redacted.com is pointing to the Traefik machine IP.
If doesn’t work, try to set again the following part:
Additional Environment Variables :
- OVERWRITECLIURL : cloud.redacted.com
- OVERWRITEHOST : cloud.redacted.com
That’s pretty much what I already had. After multiple tests and setting the nextcloud app to “Use no certificates” (instead of the TrueNAS one), I found something odd.
Going to ttps://cloud.redacted.com :9000 redirected me to tpps://cloud.redacted.com/login (so something worked) but displayed a certificate error (SSL_ERROR_RX_RECORD_TOO_LONG).
However, the url https://cloud.redacted.com (without port 9000 specified) only showed an internal server error
Have you tried now with my config.yml for Traefik?
Also, could you send some screenshots of your Nextcloud App configurations?
yes, with both yours and mine, same results
all other informations are on my original post
another strange thing, don’t know if it’s normal or not, is in my postgres log
it shows database shut down and I can’t seem to figure out why
Not really into this configuration but why did you use port 9001 and not 9000 as your Traefik config.yml?
I had a weird “port 9000 already used” error (think it was a bug), so I changed everything to port 9001, has nothing to do with the errors I get however
