[Solved] Nextcloud Reverse Proxy Not Working!


Wong

Recommended Posts

 

I have followed 2 of SpaceivanderOne videos as shown in the two links below:

I manage to get my LetsEncrypte to work with the log as shown below:

I am using my own domain of protech.my and I have set the cname to be nextcloud.protech.my

 

Problem: when I try to access my url, it stated "The site can't be reached. nextcloud.protech.my took too long to respond." Could anyone help me to solve what is cause of this ? I am still a newbie to this.

 

1) 

 

2) 

 

 

Brought to you by linuxserver.io
-------------------------------------

To support the app dev(s) visit:
Certbot: https://supporters.eff.org/donate/support-work-on-certbot

To support LSIO projects visit:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid: 99
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
Variables set:
PUID=99
PGID=100
TZ=Asia/Singapore
URL=protech.my
SUBDOMAINS=wildcard
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=true
VALIDATION=dns
DNSPLUGIN=cloudflare
EMAIL=*********@gmail.com
STAGING=

SUBDOMAINS entered, processing
Wildcard cert for only the subdomains of protech.my will be requested
E-mail address entered: wongzhiwei1@gmail.com
dns validation via cloudflare plugin is selected
Certificate exists; parameters unchanged; starting nginx
Starting 2019/12/30, GeoIP2 databases require personal license key to download. Please retrieve a free license key from MaxMind,
and add a new env variable "MAXMINDDB_LICENSE_KEY", set to your license key.
[cont-init.d] 50-config: exited 0.
[cont-init.d] 60-renew: executing...
The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am).
[cont-init.d] 60-renew: exited 0.
[cont-init.d] 99-custom-files: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)
Server ready

 

 

image.thumb.png.cd95eed0ca0f9fcb8c74fc577477c085.png

Edited by Wong
Topic Solved
Link to comment

@Energen I did try port forwarding port 80 to 180 and 443 to 1443. However, whenever I forward port 80 to 180, I was unable to load Unraid on my browser so as Nextcloud.

 

I attached the port of my docker and router as well for reference. I am not sure if I done it correctly. Also, I was under the impression that if we use DNS verification as shown by Ed (Spaceinvader) as port 80 is been blocked by ISP, do we still have to port forward in our router? 

 

I also try using the Window Network Diagnose, I attached the error report below as well.

image.png.911e92d346b97c956f3692f52797ad4a.pngimage.thumb.png.76812acfed61d3f7d89f1dee55e5828b.png

image.png.51c8b87e7673a0bc82048877a736c8ef.png

Link to comment

@Danuel Yes, I followed exactly according to Space Invader video. I have my registrar changed to the Cloudflare NS and added a new record of CNAME pointing to my duckdns.org domain with the setting changed from Proxied to DNS only. However, I will be also contacting the ISP people to ask them about their port forwarding policy tomorrow to see if they are able to configure for me. And I will update the forum. However, I am open to try any possible solution.

Link to comment
2 hours ago, Wong said:

@Danuel Yes, I followed exactly according to Space Invader video. I have my registrar changed to the Cloudflare NS and added a new record of CNAME pointing to my duckdns.org domain with the setting changed from Proxied to DNS only. However, I will be also contacting the ISP people to ask them about their port forwarding policy tomorrow to see if they are able to configure for me. And I will update the forum. However, I am open to try any possible solution.

well, what i have done in close flare i enabled proxyed 

and i used a wildcard

 

but you have to use a A name if your IP is static and if is dynamic a CNAME

Opera Snapshot_2020-08-02_211822_dash.cloudflare.com.png

Edited by Danuel
Link to comment
3 hours ago, Wong said:

@Danuel My Public IP is dynamic but my private IP for my Unraid is static. I assume you are saying that if my Public IP is static then I use A else if my Public IP is dynamic then I should use CNAME, right?

You have your own domain, there's no need to use duckdns with Cloudflare.

 

Try this: Get an API code from Cloudflare then go to the Unraid app store and look for the Cloudflare docker and use the API and domain info to set up Cloudflare DDNS with the docker.

 

You can use A record with dynamic IP and even DDNS with static IP. CNAME has nothing to do with whether you have static or dynamic IP.

  • A record points your root domain to a certain IP. (e.g. protech.my to 123.456.789.012).
    • You can manually change your A record when your dynamic IP changes but obviously that's not the most convenient thing to do.
  • DDNS detects your dynamic IP and repoint a certain subdomain to a certain IP when the IP changes. (e.g. www.protech.my to 123.456.789.012).
    • It only works with subdomain but theoretically if you own the root domain then the DDNS service can also update the root domain A record for you automatically as well (but that's not necessarily always the case).
    • If you have static IP then DDNS would work too, it just never changes the IP.
  • CNAME points a certain subdomain to another domain / subdomain (e.g. www.protech.my to protech.my)
    • The most common use of CNAME is to point "www" to the root domain.
    • If you have any subdomain that you want to setup with a reverse proxy, you have to use CNAME so it points to either your root domain or your DDNS subdomain.

 

  • Like 1
Link to comment
1 hour ago, testdasi said:

You have your own domain, there's no need to use duckdns with Cloudflare.

 

Try this: Get an API code from Cloudflare then go to the Unraid app store and look for the Cloudflare docker and use the API and domain info to set up Cloudflare DDNS with the docker.

 

You can use A record with dynamic IP and even DDNS with static IP. CNAME has nothing to do with whether you have static or dynamic IP.

  • A record points your root domain to a certain IP. (e.g. protech.my to 123.456.789.012).
    • You can manually change your A record when your dynamic IP changes but obviously that's not the most convenient thing to do.
  • DDNS detects your dynamic IP and repoint a certain subdomain to a certain IP when the IP changes. (e.g. www.protech.my to 123.456.789.012).
    • It only works with subdomain but theoretically if you own the root domain then the DDNS service can also update the root domain A record for you automatically as well (but that's not necessarily always the case).
    • If you have static IP then DDNS would work too, it just never changes the IP.
  • CNAME points a certain subdomain to another domain / subdomain (e.g. www.protech.my to protech.my)
    • The most common use of CNAME is to point "www" to the root domain.
    • If you have any subdomain that you want to setup with a reverse proxy, you have to use CNAME so it points to either your root domain or your DDNS subdomain.

 

Well ya, that how i understand, did not worked for me with A record, and only if i enabled proxyed 

Link to comment
1 hour ago, Danuel said:

Well ya, that how i understand, did not worked for me with A record, and only if i enabled proxyed 

Disabling proxy will use normal DNS process which has a lag between your update of the A record and when it's effective so perhaps that was why it didn't work for you.

 

Enabling it means it always routes through Cloudflare first (you can run DNS check and you will see Cloudflare IP instead of your actual IP).

That means any update to the A record (you might even say it's a "virtual" A record) on Cloudflare would be effective practically immediately.

 

The whole point of using Cloudflare DNS is its proxy capability so your actual IP isn't revealed (e.g. avoid DDOS) so there is really no reason to disable it.

Link to comment

@testdasi @Danuel Alright. I have downloaded the Cloudflare ddns by oznu. The docker has added an A record in my Cloudflare account. However, do I still require to do port forwarding? 80 -> 180 and 443 -> 1443 in my router?

I have attached the outcome when I try to access nextcloud.protech.my which is suppose to direct me to my Nextcloud docker. However, it is still not working. Stated Error 522. Connection timed out.

 

image.thumb.png.f10a81ba205e93d0d7f40670a88ab144.png 

Link to comment
32 minutes ago, Wong said:

@testdasi @Danuel Alright. I have downloaded the Cloudflare ddns by oznu. The docker has added an A record in my Cloudflare account. However, do I still require to do port forwarding? 80 -> 180 and 443 -> 1443 in my router?

I have attached the outcome when I try to access nextcloud.protech.my which is suppose to direct me to my Nextcloud docker. However, it is still not working. Stated Error 522. Connection timed out. 

One thing at a time.

  • Yes you must have port-forwarding for it to work.
  • Once you set up port-forwarding, start the Lets-encrypt docker test protech.my to make sure you arrive at the default NGINX page (e.g. instead of cloudflare error)
  • Then go to nginx config folder and do the .conf file
Link to comment
41 minutes ago, Wong said:

@testdasi Yup I manage to arrive at the NGINX page. And what configuration I have to do in the .conf file to relate to my Nextcloud.

If you use the lsio docker then in the nginx config should have a lot of ".sample" files. Look for nextcloud.subdomain.conf.sample and rename to nextcloud.subdomain.conf and then open it in an editor and follow the instructions.

 

If you aren't sure how to do the config then ask in the letsencrypt support topic.

 

  • Thanks 1
Link to comment

@testdasi@Danuel I just release I didn't pass the NextCloud thru Let's Encrypt. Basically, I port forwarded directly to my Nextcloud IP. that why it work. Could you guys share me your nextcloud.subdomain.conf file how you guys configure? I tried exactly like the spaceInvader video but it is not working. It always stuck at the Let's Encrypt web UI only. I have posted in the Let's Encrypt support forum already. But if you guys got a sample you could share it would be helpful for me to learn.

Edited by Wong
Link to comment
7 minutes ago, Wong said:

@testdasi@Danuel I just release I didn't pass the NextCloud thru Let's Encrypt. Basically, I port forwarded directly to my Nextcloud IP. that why it work. Could you guys share me your nextcloud.subdomain.conf file how you guys configure? I tried exactly like the spaceInvader video but it is not working. It always stuck at the Let's Encrypt web UI only. I have posted in the Let's Encrypt support forum already. But if you guys got a sample you could share it would be helpful for me to learn.

i just changed the subdomain

 server_name nextcloud.*;

 

 

nextcloud.subdomain.conf

Link to comment
  • 2 weeks later...

Final message: To anyone who is reading this, the thread has been solve. Please note that whenever saving the config or subdomain.conf file, please make sure it is not save in text file even though the extension is not shown in window. I change the save as file type as all type. In window 10, the icon of the config file should not look like a text file if you done it correctly. 

Link to comment
  • 1 year later...

HAVING SAME ISSUES. FOLLOWED SI TO a T and seem to be stuck on port forward

I've followed every single step and still can't get this to work. I'm using Cloudflare DNS on unraid, got my api and everything going. I can see the swag instance on my LAN, but I can't see it connected to my subdomain on Cloudflare. I get the Error 522, that the host is down. I've got a netgear router, and the only port forward option is to tell the server to forward 1443. I've done all the settings, internal to external same, different, etc. What am I doing wrong here?

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.