Converting nginx reverse proxy settings for Nextcloud High Performance Backend

iljur · April 19, 2021, 1:49pm

1. Caddy version (`caddy version`):

2.3.0

2. How I run Caddy:

as a service

a. System environment:

Debian 10 Buster with Caddy as a service, no docker

b. Command:

paste command here

c. Service/unit/compose file:

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddyfile or JSON config:

nc2-test.hfw18 {
        root * /var/www/nextcloud
        file_server
        encode gzip zstd
        tls internal
#       php_fastcgi 127.0.0.1:9000 {
        php_fastcgi unix//run/php/php7.4-fpm.sock {
                env front_controller_active true
        }

        log {
                output file     /var/log/caddy_nc.log
                format single_field common_log
        }

        header {
                Strict-Transport-Security max-age=31536000;
        }

        redir /.well-known/carddav /remote.php/dav 301
        redir /.well-known/caldav /remote.php/dav 301

        # .htaccess / data / config / ... shouldn't be accessible from outside
        @forbidden {
                path    /.htaccess
                path    /data/*
                path    /config/*
                path    /db_structure
                path    /.xml
                path    /README
                path    /3rdparty/*
                path    /lib/*
                path    /templates/*
                path    /occ
                path    /console.php
        }

        respond @forbidden 404
}

3. The problem I’m having:

I would like to enable Client Push/High Performance Backend in my Nextcloud. There for I have to proxy a folder to a local port.

The vhost snippet for nginx looks like this:

location /push/ {
proxy_pass http://localhost:7867/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “Upgrade”;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

To convert this into my Caddyfile is it as easy as inserting this line:

reverse_proxy /push/* http://localhost:7867

into the “nc2-test.hfw18” block?

From what I red so far the header instructions are deafults in Caddy, right?
What about the http version? Also default?

4. Error messages and/or full log output:

5. What I already tried:

6. Links to relevant resources:

francislavoie · April 19, 2021, 2:18pm

Yep. That should be all you need.

Did you try it?

iljur · April 19, 2021, 8:47pm

Just tried it, but got an error “failed to detect reverse proxy” during automated setup checks.

What seems to work is

handle_path /push/* {
rewrite * {path}
reverse_proxy localhost:7867
}

Does this make any sense to you?

francislavoie · April 19, 2021, 9:01pm

This line doesn’t do anything at all, in fact it might be harmful (I think it might remove the query portion of the URI)

But yeah, adding handle_path causes the path prefix (i.e. /push/) to be stripped from the URI, which I think matches the behaviour of nginx’s location blocks. So

system · May 19, 2021, 1:49pm

This topic was automatically closed after 30 days. New replies are no longer allowed.