Newbie - error using TLS to backend

Thank you for your answer.
Yes I have read the wiki but i’m not sure I understand everything.
My netxcloud config.php looks like this:

...... 
'trusted_domains' => 
  array (
    0 => 'www.mydomain.com',
    1 => 'nextcloud.another_mydomain.com',
    2 => '192.168.1.100',
    3 => '192.168.1.123',
    4 => 'nextcloud.mydomain.com',
  ),
  'trusted_proxies' =>
  array (
    0 => '192.168.1.100',
    1 => '192.168.1.123',
  ),
  'overwrite.cli.url' => 'https://nextcloud.mydomain.com:443',
.......

My Caddyfile looks like this:

caddy.mydomain.com {
        acme_server
        tls internal
}

mt.mydomain.com:443 {
reverse_proxy 192.168.1.110:80
}

mail.mydomain.com {
        log {
                output file /var/log/caddy/mail.log
        }
        rewrite * /mail{uri}
        reverse_proxy https://192.168.1.123 {
                header_up Host {http.reverse_proxy.upstream.hostport}
                header_up X-Forwarded-Host {host}
                transport http {
                tls_insecure_skip_verify
                }
        }
}

nextcloud.mydomain.com {
        log {
                output file /var/log/caddy/nextcloud.log
        }
        rewrite * /nextcloud{uri}
        reverse_proxy https:192.168.1.123 {
                header_up Host {http.reverse_proxy.upstream.hostport}
                header_up X-Forwarded-Host {host}
                transport http {
                  tls_insecure_skip_verify
                  }
        }
}

I can access mt.mydomain.com and mail.mydomain.com
But nextcloud.mydomain.com only returns an empty page. I suspect that it is something with the config.php setting and not caddy, but I don’t know what.
If I look at the caddy log file for nextcloud.log, it states tha the call for nextcloud.mydomain.com is redirected to the subdir /mail - strange:

{"level":"error","ts":1620674386.7137306,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_addr":"192.168.1.1:37638","proto":"HTTP/2.0","method":"GET","host":"nextcloud.mydomain.com","uri":"/mail/","headers":{"User-Agent":["Mozilla/5.0 (Android 11; Mobile; rv:88.0) Gecko/88.0 Firefox/88.0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"],"Accept-Language":["da-DK,en-US;q=0.5"],"Accept-Encoding":["gzip, deflate, br"],"Upgrade-Insecure-Requests":["1"],"Te":["trailers"]},"tls":{"resumed":true,"version":772,"cipher_suite":4867,"proto":"h2","proto_mutual":true,"server_name":"nextcloud.mydoamin.com"}},"common_log":"192.168.1.1 - - [10/May/2021:19:19:46 +0000] \"GET /mail/ HTTP/2.0\" 502 0","duration":0.00021236,"size":0,"status":502,"resp_headers":{"Server":["Caddy"]}}

Why are you making nextcloud listen to so many domains/ IP addresses?

Do you actually have multiple network adapters assigned to your nextcloud? You should have setup a local dns resolver so why using up addresses?

Anyway I’m not sure if that all work how you configured it. I suggest you first make one domain to work and then extend if really required.

I think you are right and your issue is outside Caddy. Don’t forget to clear your browser cache after each change. I waisted a lot of time thinking my config didn’t work while it was a browser issue.

Actually, looking again at your caddyfile I’m a little confused. You setup the internal acme server but then disable tls?

Can you describe what you exactly trying to achieve?

This topic was automatically closed after 30 days. New replies are no longer allowed.