Nextcloud behind apache to caddy

1. The problem I’m having:

Moved an existing nextcloud instance to a new server. Have caddy running on another server, both have local lan access and internet traffic is routed to caddy. I have it working except I’d like to modify the url presented to the browser. Found several github and caddy forum entries that detail caddy v1 rewrites needed… i can’t seem to figure out how to translate those to v2 or if they’re even needed now.
right now it comes back
It should be:

trying to use apache to rewrite causes too many redirects error.
should the nextcloud instance be given an internal hostname resolvable by internal dns so it can pass it’s rewrites back to caddy?

2. Error messages and/or full log output:

Sep 28 13:14:19 stcontainer caddy[32483]: {"level":"debug","ts":1695906859.6796849,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"","total_upstreams":1}
Sep 28 13:14:19 stcontainer caddy[32483]: {"level":"debug","ts":1695906859.766926,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"","duration":0.08710551,"request":{"remote_ip":"","remote_port":"17859","client_ip":"","proto":"HTTP/1.1","method":"PROPFIND","host":"","uri":"/remote.php/dav/files/monica/Documents","headers":{"Authorization":[],"Accept":["*/*"],"Cookie":[],"Content-Length":["105"],"X-Forwarded-Host":[""],"Accept-Encoding":["gzip, deflate"],"Content-Type":["text/xml; charset=utf-8"],"X-Request-Id":["73913f09-6945-4468-9e17-252e0784961e"],"User-Agent":["Mozilla/5.0 (Macintosh) mirall/2.5.1final (build 20181204) (Nextcloud)"],"Accept-Language":["en-US,*"],"Depth":["0"],"X-Forwarded-For":[""],"X-Forwarded-Proto":["https"]},"tls":{"resumed":false,"version":771,"cipher_suite":49195,"proto":"","server_name":""}},"headers":{"Date":["Thu, 28 Sep 2023 13:14:19 GMT"],"Server":["Apache/2.4.52 (Ubuntu)"],"Cache-Control":["no-store, no-cache, must-revalidate"],"Pragma":["no-cache"],"Content-Security-Policy":["default-src 'none';"],"Referrer-Policy":["no-referrer"],"X-Content-Type-Options":["nosniff"],"X-Debug-Token":["5fKlMNThMlABEdKwJnki"],"X-Frame-Options":["SAMEORIGIN"],"X-Permitted-Cross-Domain-Policies":["none"],"X-Xss-Protection":["1; mode=block"],"Dav":["1, 3, extended-mkcol, access-control, calendarserver-principal-property-search, nextcloud-checksum-update, nc-calendar-search, nc-enable-birthday-calendar"],"X-Request-Id":["5fKlMNThMlABEdKwJnki"],"Content-Encoding":["gzip"],"Content-Type":["application/xml; charset=utf-8"],"Expires":["Thu, 19 Nov 1981 08:52:00 GMT"],"X-Robots-Tag":["noindex, nofollow"],"Vary":["Brief,Prefer"],"Content-Length":["243"]},"status":207}
Sep 28 13:14:19 stcontainer caddy[32483]: {"level":"debug","ts":1695906859.805926,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"","total_upstreams":1}

3. Caddy version:

v2.7.4 h1:J8nisjdOxnYHXlorUKXY75Gr6iBfudfoGhrJ8t7/flI=

4. How I installed and ran Caddy:

ubuntu 22.04 lts apt repo

a. System environment:

Nextcloud server - ubuntu 22.04lts, apache 2.4,
Caddy server ubuntu 22.04lts, docker,

b. Command:

# /lib/systemd/system/caddy.service
# caddy.service
# For using Caddy with a config file.
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
# See for instructions.
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# `caddy run` command or use the caddy-api.service file instead.


ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force


c. Service/unit/compose file:

version: "3.9"

    image: caddy:2.7.4-alpine
    restart: unless-stopped
      - "80:80"
      - "443:443"
      - "443:443/udp"
      - ./Caddyfile:/etc/caddy/Caddyfile
      - ./site:/srv
      - caddy_data:/data
      - caddy_config:/config


d. My complete Caddy config:

# The Caddyfile is an easy way to configure your Caddy web server.
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace ":80" below with your
# domain name.
} {
#	header Strict-Transport-Security max-age=31536000;
#	reverse_proxy
# {
	header Strict-Transport-Security max-age=31536000
	redir /.well-known/carddav /remote.php/dav 301
	redir /.well-known/caldav /remote.php/dav 301


	rewrite / /

5. Links to relevant resources:

This seemed to be in the direction i needed to head:

not sure if this one applies… seemed promising at first.

Since Apache is the one handling PHP, you should configure any rewrites there, not in Caddy.

i thought so too but turning on the rewrite engine in the vhost file causes the “too many redirects error”. Is it because the nextcloud vhost file and it’s conf file have rewrites for the same domain name in the caddy file?

It’s probably trying to redirect to HTTPS when Caddy is already terminating TLS and it proxying over HTTP. Or something like that. Ultimately it’s an Apache misconfiguration, not a Caddy problem.

https is turned off in the vhost file.

<VirtualHost *:8080>
    DocumentRoot /var/www/html/
    ErrorLog /var/log/apache2/nc_error.log
    CustomLog /var/log/apache2/nc_requests.log combined
#RewriteEngine on
#RewriteCond %{SERVER_NAME}
#RewriteRule ^ http://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

Alias /nextcloud "/var/www/html/"
<Directory /var/www/html/>
 Options +FollowSymlinks
 AllowOverride All

<IfModule mod_dav.c>
 Dav off

SetEnv HOME /var/www/html/
 SetEnv HTTP_HOME /var/www/html/

For anyone else that is using apache to host nextcloud on one server, and another server running caddy reverse proxy here was my answer:

The answer was in the URL in the vhost file. Since i had moved an instance that was a standalone vm to behind a reverse proxy, the vhost file needed changed. I change the *:8080 to and the redirects in the vhost file to use that internal domain.

Add the reverse proxy entries Next cloud calls for in the config.php. I needed
‘overwrite.cli.url’, ‘overwritehost’ =>, and trusted_proxies array (use the trusted_domains array as an example if you need one. I simply added the proxy host internal Ip.

the last problem i had is apache was ignoring the .htaccess file. That’s because in ubuntu 22.04 lts it loads the apache2.conf file first and the directory entry for /var/www has allow override none. Changing it to allow overrides for just that entry fixed my last issue.

It started working. the end.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.