Cant upload files bigger than 10mb in Nextcloud

Help
1

Hello Here,
looking for solutions for hours now… Maybe you can help on my homeserver.

1. The problem I’m having:

Cant upload a 11MB-file to Nextcloud from Nextcloud-Android-App even i changed php-config files.

But if i upload a 50MB-file from browser there is no problem.
Hadnt this problem on nginx.

2. Error messages and/or full log output:

Errorlog from journalctl -xeu caddy.service

Aug 15 20:38:36 n.my.domain.org caddy[697308]: {"level":"debug","ts":1723747116.829703,"logger":"http.handlers.rewrite","msg":"rewrote request","request":{"remote_ip":"192.168.179.13","remote_port":"50778","client_ip":"1.24.333.444","proto":"HTTP/1.1","method":"MKCOL","host":"n.my.domain.org","uri":"/remote.php/dav/uploads/hans/b523c65822365aa65dc2f4521ae6afd0","headers":{"X-Forwarded-Scheme":["https"],"Destination":["https://n.my.domain.org/remote.php/dav/files/hans/Bilder/2024/Camlicacamii/20240812_195402.jpg"],"Authorization":["REDACTED"],"X-Forwarded-Proto":["https"],"X-Forwarded-For":["1.24.333.444"],"X-Real-Ip":["1.24.333.444"],"Content-Length":["0"],"User-Agent":["Mozilla/5.0 (Android) Nextcloud-android/3.29.1"],"Cookie":["REDACTED"]}},"method":"MKCOL","uri":"/remote.php"}
Aug 15 20:38:36 n.my.domain.org caddy[697308]: {"level":"debug","ts":1723747116.8297598,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"/run/php/php8.3-fpm.sock","total_upstreams":1}
Aug 15 20:38:36 n.my.domain.org caddy[697308]: {"level":"debug","ts":1723747116.8298671,"logger":"http.reverse_proxy.transport.fastcgi","msg":"roundtrip","request":{"remote_ip":"192.168.179.13","remote_port":"50778","client_ip":"1.24.333.444","proto":"HTTP/1.1","method":"MKCOL","host":"n.my.domain.org","uri":"/remote.php","headers":{"X-Forwarded-Scheme":["https"],"X-Forwarded-Proto":["https"],"X-Forwarded-For":["1.24.333.444, 192.168.179.13"],"X-Real-Ip":["1.24.333.444"],"User-Agent":["Mozilla/5.0 (Android) Nextcloud-android/3.29.1"],"Destination":["https://n.my.domain.org/remote.php/dav/files/hans/Bilder/2024/Camlicacamii/20240812_195402.jpg"],"Authorization":["REDACTED"],"Content-Length":["0"],"Cookie":["REDACTED"],"X-Forwarded-Host":["n.my.domain.org"]}},"env":{"HTTP_X_FORWARDED_SCHEME":"https","DOCUMENT_URI":"/remote.php","HTTP_X_FORWARDED_PROTO":"https","PATH_INFO":"/dav/uploads/hans/b523c65822365aa65dc2f4521ae6afd0","QUERY_STRING":"","REMOTE_USER":"","REQUEST_METHOD":"MKCOL","SCRIPT_FILENAME":"/var/www/nextcloud/remote.php","front_controller_active":"true","CONTENT_TYPE":"","REMOTE_ADDR":"192.168.179.13","SERVER_PORT":"80","HTTP_X_FORWARDED_HOST":"n.my.domain.org","HTTP_X_REAL_IP":"1.24.333.444","REMOTE_IDENT":"","SERVER_SOFTWARE":"Caddy/v2.8.4","DOCUMENT_ROOT":"/var/www/nextcloud","HTTP_HOST":"n.my.domain.org","REQUEST_URI":"/remote.php/dav/uploads/hans/b523c65822365aa65dc2f4521ae6afd0","modHeadersAvailable":"true","HTTP_AUTHORIZATION":"","AUTH_TYPE":"","REMOTE_PORT":"50778","REQUEST_SCHEME":"http","HTTP_DESTINATION":"https://n.my.domain.org/remote.php/dav/files/hans/Bilder/2024/Camlicacamii/20240812_195402.jpg","CONTENT_LENGTH":"0","REMOTE_HOST":"192.168.179.13","SERVER_NAME":"n.my.domain.org","PATH_TRANSLATED":"/var/www/nextcloud/dav/uploads/hans/b523c65822365aa65dc2f4521ae6afd0","HTTP_CONTENT_LENGTH":"0","HTTP_COOKIE":"","HTTP_X_FORWARDED_FOR":"1.24.333.444, 192.168.179.13","GATEWAY_INTERFACE":"CGI/1.1","SCRIPT_NAME":"/remote.php","HTTP_USER_AGENT":"Mozilla/5.0 (Android) Nextcloud-android/3.29.1","SERVER_PROTOCOL":"HTTP/1.1"},"dial":"/run/php/php8.3-fpm.sock","env":{"HTTP_X_FORWARDED_HOST":"n.my.domain.org","HTTP_X_REAL_IP":"1.24.333.444","REMOTE_IDENT":"","REMOTE_ADDR":"192.168.179.13","SERVER_PORT":"80","HTTP_HOST":"n.my.domain.org","REQUEST_URI":"/remote.php/dav/uploads/hans/b523c65822365aa65dc2f4521ae6afd0","modHeadersAvailable":"true","HTTP_AUTHORIZATION":"","AUTH_TYPE":"","SERVER_SOFTWARE":"Caddy/v2.8.4","DOCUMENT_ROOT":"/var/www/nextcloud","HTTP_DESTINATION":"https://n.my.domain.org/remote.php/dav/files/hans/Bilder/2024/Camlicacamii/20240812_195402.jpg","CONTENT_LENGTH":"0","REMOTE_PORT":"50778","REQUEST_SCHEME":"http","PATH_TRANSLATED":"/var/www/nextcloud/dav/uploads/hans/b523c65822365aa65dc2f4521ae6afd0","HTTP_CONTENT_LENGTH":"0","HTTP_COOKIE":"","HTTP_X_FORWARDED_FOR":"1.24.333.444, 192.168.179.13","GATEWAY_INTERFACE":"CGI/1.1","REMOTE_HOST":"192.168.179.13","SERVER_NAME":"n.my.domain.org","SERVER_PROTOCOL":"HTTP/1.1","SCRIPT_NAME":"/remote.php","HTTP_USER_AGENT":"Mozilla/5.0 (Android) Nextcloud-android/3.29.1","HTTP_X_FORWARDED_SCHEME":"https","PATH_INFO":"/dav/uploads/hans/b523c65822365aa65dc2f4521ae6afd0","DOCUMENT_URI":"/remote.php","HTTP_X_FORWARDED_PROTO":"https","REQUEST_METHOD":"MKCOL","SCRIPT_FILENAME":"/var/www/nextcloud/remote.php","front_controller_active":"true","CONTENT_TYPE":"","QUERY_STRING":"","REMOTE_USER":""},"request":{"remote_ip":"192.168.179.13","remote_port":"50778","client_ip":"1.24.333.444","proto":"HTTP/1.1","method":"MKCOL","host":"n.my.domain.org","uri":"/remote.php","headers":{"User-Agent":["Mozilla/5.0 (Android) Nextcloud-android/3.29.1"],"X-Forwarded-Scheme":["https"],"X-Forwarded-Proto":["https"],"X-Forwarded-For":["1.24.333.444, 192.168.179.13"],"X-Real-Ip":["1.24.333.444"],"X-Forwarded-Host":["n.my.domain.org"],"Destination":["https://n.my.domain.org/remote.php/dav/files/hans/Bilder/2024/Camlicacamii/20240812_195402.jpg"],"Authorization":["REDACTED"],"Content-Length":["0"],"Cookie":["REDACTED"]}}}
Aug 15 20:38:36 n.my.domain.org caddy[697308]: {"level":"debug","ts":1723747116.9108317,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"unix//run/php/php8.3-fpm.sock","duration":0.081022218,"request":{"remote_ip":"192.168.179.13","remote_port":"50778","client_ip":"1.24.333.444","proto":"HTTP/1.1","method":"MKCOL","host":"n.my.domain.org","uri":"/remote.php","headers":{"X-Real-Ip":["1.24.333.444"],"User-Agent":["Mozilla/5.0 (Android) Nextcloud-android/3.29.1"],"X-Forwarded-Scheme":["https"],"X-Forwarded-Proto":["https"],"X-Forwarded-For":["1.24.333.444, 192.168.179.13"],"Cookie":["REDACTED"],"X-Forwarded-Host":["n.my.domain.org"],"Destination":["https://n.my.domain.org/remote.php/dav/files/hans/Bilder/2024/Camlicacamii/20240812_195402.jpg"],"Authorization":["REDACTED"],"Content-Length":["0"]}},"headers":{"Status":["405 Method Not Allowed"],"Content-Security-Policy":["default-src 'none';"],"Allow":["OPTIONS, GET, HEAD, DELETE, PROPFIND, PUT, PROPPATCH, COPY, MOVE, REPORT"],"Content-Type":["application/xml; charset=utf-8"]},"status":405}
Aug 15 20:38:36 n.my.domain.org caddy[697308]: {"level":"debug","ts":1723747116.9108317,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"unix//run/php/php8.3-fpm.sock","duration":0.081022218,"request":{"remote_ip":"192.168.179.13","remote_port":"50778","client_ip":"1.24.333.444","proto":"HTTP/1.1","method":"MKCOL","host":"n.my.domain.org","uri":"/remote.php","headers":{"X-Real-Ip":["1.24.333.444"],"User-Agent":["Mozilla/5.0 (Android) Nextcloud-android/3.29.1"],"X-Forwarded-Scheme":["https"],"X-Forwarded-Proto":["https"],"X-Forwarded-For":["1.24.333.444, 192.168.179.13"],"Cookie":["REDACTED"],"X-Forwarded-Host":["n.my.domain.org"],"Destination":["https://n.my.domain.org/remote.php/dav/files/hans/Bilder/2024/Camlicacamii/20240812_195402.jpg"],"Authorization":["REDACTED"],"Content-Length":["0"]}},"headers":{"Status":["405 Method Not Allowed"],"Content-Security-Policy":["default-src 'none';"],"Allow":["OPTIONS, GET, HEAD, DELETE, PROPFIND, PUT, PROPPATCH, COPY, MOVE, REPORT"],"Content-Type":["application/xml; charset=utf-8"]},"status":405}
Aug 15 20:38:37 n.my.domain.org caddy[697308]: {"level":"debug","ts":1723747117.209599,"logger":"http.handlers.rewrite","msg":"rewrote request","request":{"remote_ip":"192.168.179.13","remote_port":"50794","client_ip":"1.24.333.444","proto":"HTTP/1.1","method":"PROPFIND","host":"n.my.domain.org","uri":"/remote.php/dav/uploads/hans/b523c65822365aa65dc2f4521ae6afd0","headers":{"X-Forwarded-Proto":["https"],"X-Real-Ip":["1.24.333.444"],"Authorization":["REDACTED"],"Cookie":["REDACTED"],"Content-Type":["text/xml; charset=UTF-8"],"X-Forwarded-Scheme":["https"],"X-Forwarded-For":["1.24.333.444"],"Content-Length":["152"],"Depth":["1"],"User-Agent":["Mozilla/5.0 (Android) Nextcloud-android/3.29.1"]}},"method":"PROPFIND","uri":"/remote.php"}
Aug 15 20:38:37 n.my.domain.org caddy[697308]: {"level":"debug","ts":1723747117.209647,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"/run/php/php8.3-fpm.sock","total_upstreams":1}
Aug 15 20:38:37 n.my.domain.org caddy[697308]: {"level":"debug","ts":1723747117.2097466,"logger":"http.reverse_proxy.transport.fastcgi","msg":"roundtrip","request":{"remote_ip":"192.168.179.13","remote_port":"50794","client_ip":"1.24.333.444","proto":"HTTP/1.1","method":"PROPFIND","host":"n.my.domain.org","uri":"/remote.php","headers":{"X-Real-Ip":["1.24.333.444"],"Cookie":["REDACTED"],"X-Forwarded-Scheme":["https"],"Depth":["1"],"User-Agent":["Mozilla/5.0 (Android) Nextcloud-android/3.29.1"],"X-Forwarded-Host":["n.my.domain.org"],"X-Forwarded-Proto":["https"],"Authorization":["REDACTED"],"X-Forwarded-For":["1.24.333.444, 192.168.179.13"],"Content-Length":["152"],"Content-Type":["text/xml; charset=UTF-8"]}},"env":{"GATEWAY_INTERFACE":"CGI/1.1","PATH_INFO":"/dav/uploads/hans/b523c65822365aa65dc2f4521ae6afd0","REQUEST_METHOD":"PROPFIND","SCRIPT_FILENAME":"/var/www/nextcloud/remote.php","PATH_TRANSLATED":"/var/www/nextcloud/dav/uploads/hans/b523c65822365aa65dc2f4521ae6afd0","HTTP_AUTHORIZATION":"","HTTP_X_FORWARDED_FOR":"1.24.333.444, 192.168.179.13","REMOTE_IDENT":"","CONTENT_TYPE":"text/xml; charset=UTF-8","QUERY_STRING":"","front_controller_active":"true","REMOTE_PORT":"50794","REMOTE_USER":"","SERVER_SOFTWARE":"Caddy/v2.8.4","REQUEST_URI":"/remote.php/dav/uploads/hans/b523c65822365aa65dc2f4521ae6afd0","HTTP_DEPTH":"1","HTTP_CONTENT_TYPE":"text/xml; charset=UTF-8","REMOTE_ADDR":"192.168.179.13","REMOTE_HOST":"192.168.179.13","SERVER_NAME":"n.my.domain.org","DOCUMENT_URI":"/remote.php","modHeadersAvailable":"true","HTTP_COOKIE":"","SCRIPT_NAME":"/remote.php","HTTP_X_FORWARDED_SCHEME":"https","DOCUMENT_ROOT":"/var/www/nextcloud","SERVER_PORT":"80","AUTH_TYPE":"","CONTENT_LENGTH":"152","REQUEST_SCHEME":"http","HTTP_HOST":"n.my.domain.org","HTTP_USER_AGENT":"Mozilla/5.0 (Android) Nextcloud-android/3.29.1","HTTP_CONTENT_LENGTH":"152","SERVER_PROTOCOL":"HTTP/1.1","HTTP_X_REAL_IP":"1.24.333.444","HTTP_X_FORWARDED_HOST":"n.my.domain.org","HTTP_X_FORWARDED_PROTO":"https"},"dial":"/run/php/php8.3-fpm.sock","env":{"CONTENT_LENGTH":"152","REQUEST_SCHEME":"http","HTTP_HOST":"n.my.domain.org","HTTP_USER_AGENT":"Mozilla/5.0 (Android) Nextcloud-android/3.29.1","HTTP_CONTENT_LENGTH":"152","AUTH_TYPE":"","HTTP_X_REAL_IP":"1.24.333.444","HTTP_X_FORWARDED_HOST":"n.my.domain.org","HTTP_X_FORWARDED_PROTO":"https","SERVER_PROTOCOL":"HTTP/1.1","PATH_INFO":"/dav/uploads/hans/b523c65822365aa65dc2f4521ae6afd0","REQUEST_METHOD":"PROPFIND","SCRIPT_FILENAME":"/var/www/nextcloud/remote.php","PATH_TRANSLATED":"/var/www/nextcloud/dav/uploads/hans/b523c65822365aa65dc2f4521ae6afd0","HTTP_AUTHORIZATION":"","HTTP_X_FORWARDED_FOR":"1.24.333.444, 192.168.179.13","GATEWAY_INTERFACE":"CGI/1.1","CONTENT_TYPE":"text/xml; charset=UTF-8","QUERY_STRING":"","front_controller_active":"true","REMOTE_IDENT":"","REMOTE_USER":"","SERVER_SOFTWARE":"Caddy/v2.8.4","REQUEST_URI":"/remote.php/dav/uploads/hans/b523c65822365aa65dc2f4521ae6afd0","HTTP_DEPTH":"1","HTTP_CONTENT_TYPE":"text/xml; charset=UTF-8","REMOTE_PORT":"50794","REMOTE_HOST":"192.168.179.13","SERVER_NAME":"n.my.domain.org","DOCUMENT_URI":"/remote.php","modHeadersAvailable":"true","HTTP_COOKIE":"","REMOTE_ADDR":"192.168.179.13","HTTP_X_FORWARDED_SCHEME":"https","SCRIPT_NAME":"/remote.php","SERVER_PORT":"80","DOCUMENT_ROOT":"/var/www/nextcloud"},"request":{"remote_ip":"192.168.179.13","remote_port":"50794","client_ip":"1.24.333.444","proto":"HTTP/1.1","method":"PROPFIND","host":"n.my.domain.org","uri":"/remote.php","headers":{"X-Forwarded-Proto":["https"],"Authorization":["REDACTED"],"X-Forwarded-For":["1.24.333.444, 192.168.179.13"],"Content-Length":["152"],"Content-Type":["text/xml; charset=UTF-8"],"X-Real-Ip":["1.24.333.444"],"Cookie":["REDACTED"],"X-Forwarded-Scheme":["https"],"Depth":["1"],"User-Agent":["Mozilla/5.0 (Android) Nextcloud-android/3.29.1"],"X-Forwarded-Host":["n.my.domain.org"]}}}
Aug 15 20:38:37 n.my.domain.org caddy[697308]: {"level":"debug","ts":1723747117.259638,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"unix//run/php/php8.3-fpm.sock","duration":0.049947089,"request":{"remote_ip":"192.168.179.13","remote_port":"50794","client_ip":"1.24.333.444","proto":"HTTP/1.1","method":"PROPFIND","host":"n.my.domain.org","uri":"/remote.php","headers":{"Cookie":["REDACTED"],"X-Forwarded-Scheme":["https"],"Depth":["1"],"User-Agent":["Mozilla/5.0 (Android) Nextcloud-android/3.29.1"],"X-Forwarded-Host":["n.my.domain.org"],"X-Real-Ip":["1.24.333.444"],"Authorization":["REDACTED"],"X-Forwarded-For":["1.24.333.444, 192.168.179.13"],"Content-Length":["152"],"Content-Type":["text/xml; charset=UTF-8"],"X-Forwarded-Proto":["https"]}},"headers":{"Content-Security-Policy":["default-src 'none';"],"Content-Type":["application/xml; charset=utf-8"],"Vary":["Brief,Prefer"],"Dav":["1, 3, extended-mkcol, access-control, calendarserver-principal-property-search, nextcloud-checksum-update, nc-calendar-search, nc-enable-birthday-calendar"],"X-Request-Id":["fFbsmoysvNOJR7gnIFHe"],"X-Debug-Token":["fFbsmoysvNOJR7gnIFHe"],"Status":["207 Multi-Status"]},"status":207}

3. Caddy version:

v2.8.4 h1:q3pe0wpBj1OcHFZ3n/1nl4V4bxBrYoSoab7rL9BMYNk=

4. How I installed and ran Caddy:

using xcaddy:


xcaddy build     --with github.com/caddyserver/transform-encoder     --with github.com/hslatman/caddy-crowdsec-bouncer/http

installation without Docker

a. System environment:


lsb_release -a

Distributor ID:	Debian
Description:	Debian GNU/Linux 12 (bookworm)
Release:	12
Codename:	bookworm

b. Command:

systemctl restart caddy.service

c. PHP file adjustments:

/etc/php/8.3/fpm/php.ini:

upload_max_filesize 10G
post_max_size 10G
max_input_time 3600
max_execution_time 3600
memory_limit = 1G

d. My complete Caddy config:

### Global here
{
        admin off
        debug

#### CROWDSEC Gateway
        crowdsec {
        api_url http://192.168.179.1:8080
        api_key krTfUsFe54pxjOMrjjtc+1l4OQiq2OQrK0+QK9tymWY
        ticker_interval 15s
        }       
#### CROWDSEC END

#### some configs
        servers {

        trusted_proxies static 192.168.179.13   # Nginx Proxy

        timeouts {
                        read_body   600s
                        read_header 500s
                        write       300s
                        idle        10m
                }


        }
####

}       ############# Global END

#### CROWDSEC local

localhost {
    route {
        crowdsec
        respond "Allowed by CrowdSec!"
    }
}

#### END

n.my.domain.org:80 {

        root * /var/www/nextcloud
        encode gzip zstd

        # Secure headers, all from .htaccess except Permissions-Policy, STS and X-Powered-By
        header {
                Permissions-Policy interest-cohort=()
                Referrer-Policy no-referrer
                -X-Powered-By
                X-Forwarded-For
                Strict-Transport-Security max-age=31536000;
                X-Frame-Options                         "SAMEORIGIN" always     
                X-Permitted-Cross-Domain-Policies       "none" always
                X-Robots-Tag                            "none" always
                X-XSS-Protection                        "1; mode=block" always
                X-Content-Type-Options                  "nosniff" always
                }

        redir /.well-known/carddav /remote.php/dav 301
        redir /.well-known/caldav /remote.php/dav 301
        redir /.well-known/* /index.php{uri} 301 # Nextcloud front-controller handles routes to /.well-known
        redir /remote/* /remote.php{uri} 301

        # Uncomment this block if you use the high speed files backend: https://github.com/nextcloud/notify_push
        handle_path /push/* {
        #       reverse_proxy unix//run/notify_push/notify_push.sock 
                reverse_proxy 127.0.0.1:7867
                # I love Unix sockets, but you can do :7867 also
        }

        # Required for legacy
        @notlegacy {
                path *.php *.php/
                not path /index*
                not path /remote*
                not path /public*
                not path /cron*
                not path /core/ajax/update*
                not path /status*
                not path /ocs/v1*
                not path /ocs/v2*
                not path /updater/*
                not path /ocs-provider/*
                not path */richdocumentscode/proxy*
        }
        rewrite @notlegacy /index.php{uri}


        # .htaccess / data / config / ... shouldn't be accessible from outside
        @forbidden {
                path /.htaccess
                path /data/*
                path /config/*
                path /db_structure
                path /.xml
                path /README
                path /3rdparty/*
                path /lib/*
                path /templates/*
                path /occ
                path /console.php
                path */.*
                path /build/*
                path /tests/*
                path /test.php
                path /lib/*
                path /.*
                path /autotest*
                path /occ*
                path /issue*
                path /indie*
                path /db_*
                path /console*
                not path /.well-known/*
        }
        respond @forbidden 404

                # From .htaccess, set cache for versioned static files (cache-busting)
        @immutable {
                path *.css *.js *.mjs *.svg *.gif *.png *.jpg *.ico *.wasm *.tflite
                query v=*
        }
        header @immutable Cache-Control "max-age=15778463, immutable"

        # From .htaccess, set cache for normal static files
        @static {
                path *.css *.js *.mjs *.svg *.gif *.png *.jpg *.ico *.wasm *.tflite
                not query v=*
        }
        header @static Cache-Control "max-age=15778463"

        # From .htaccess, cache fonts for 1 week
        @woff2 path *.woff2
        header @woff2 Cache-Control "max-age=604800"


        php_fastcgi unix//run/php/php8.3-fpm.sock {
                #root /var/www/html # This is needed because inside the container the root directory is different from the one I put in the "root" directive of this Caddyfile. If yo>
                env front_controller_active true # Enable pretty urls
                env modHeadersAvailable true # Avoid sending the security headers twice
                trusted_proxies private_ranges

        }

        file_server

        log {
                output file /var/log/caddy/access.log
                format transform `{request>remote_ip} - {request>user_id} [{ts}] "{request>method} {request>uri} {request>proto}" {status} {size} "{request>headers>Referer>[0]}" "{r>
                        time_format wall
                        time_local
        }
        }


}

5. Links to relevant resources:

HOWTO Websites i remember exept caddy community:

2

Howdy @scoop, welcome to the Caddy community.

I’ve got an instance of Nextcloud here… Using Caddy as a reverse proxy to its Docker container. Nextcloud app on my Android phone doesn’t seem to have any trouble uploading a 20mb file just now. This is what mine looks like:

nextcloud.example.com {
	header Strict-Transport-Security "max-age=15552000; includeSubDomains"
	@dav path /.well-known/caldav /.well-known/carddav
	redir @dav /remote.php/dav
	reverse_proxy 172.20.0.2
}

I wonder if it’s something to do with the FastCGI? But if it works from the browser - then Caddy is working just fine, and there’s nothing in your configuration to discriminate specifically against an Android client. Not to mention that php_fastcgi is just reverse_proxy with a wig on, anyway.

Is it possible it’s an issue with the Android or the Android client? Can you replicate this problem with another phone or a fresh emulator?

1 Like
3

Hello Matthew,
thanks for your reply. I use other webservices on my homelab thatswhy i use a nginx proxy above caddy.

You have really less lines in your config as me. :slight_smile:

I have some sync errors since i m on caddy. So i thougt need some config to caddy.

Do you have errors on Admin page on Nextcloud, too? On my Nextcloud Admin page i see lot of standard security errors (Headers) too.

I dont install and setup all new but only changed the webserver for nextcloud from nginx to caddy. This is for trying out caddy little bit. Maybe i should new install nextcloud and complete config for nextcloud

Thanks a lot.

4

I don’t see any notable errors; just one about a HMAC not matching, which I think is just a session error for login credentials.

I get an A+ on the Nextcloud security scan at https://scan.nextcloud.com/.

Yeah - although I do have the advantage of just reverse-proxying to a Nextcloud Docker container, I also go out of my way to only write config that the app very explicitly needs to function safely and securely.

Often - especially with Caddy - the amount of required configuration is much much lower than one might expect.

1 Like
5

yes me too… it was quicker to reach as nginx :slight_smile:

wich nextcloud docker youre using? And is your caddy the only reverseproxy?

Im using my nextcloud with 4-5 clients. Laptop and Smartphone for Calender+Contacts+file syncing. Is it similar to your usecase?

6

I use Nextcloud for myself (single user) and for work with 25 users.

I build my own image to add smbclient so that I can mount an external CIFS share. It’s a simple Dockerfile:

    FROM nextcloud:29
    RUN apt-get update && apt -y install \
      smbclient libsmbclient-dev ffmpeg \
      && pecl install smbclient \
      && docker-php-ext-enable smbclient \
      && apt-get clean

I run it with Postgres and Redis, and use a second instance of the same image with the /cron.sh entrypoint for background jobs, meaning this Compose project has 5 services in total including the reverse proxy.

Caddy is my only entrypoint for my private instance. On the work instance, WAN access is via Cloudflare tunnels while Caddy serves clients directly on LAN via split-horizon DNS, so that local up/downloads go over our much faster internal network.

1 Like
7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.