1. Caddy version (2.5.1
):
2. How I run Caddy:
a. System environment:
Almalinux 9
Native Binary
Systemd Service
Nothing in front
b. Command:
c. Service/unit/compose file:
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target
[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
[Unit]
Description = Push daemon for Nextcloud clients
After=redis.service
Wants=redis.service
[Service]
Environment=PORT=7867
Environment=NEXTCLOUD_URL=https://domain
ExecStart=/var/www/html/nextcloud/apps/notify_push/bin/x86_64/notify_push /var/www/html/nextcloud/config/config.php
User=nextcloud
Group=nextcloud
Restart=always
[Install]
WantedBy = multi-user.target
d. My complete Caddyfile or JSON config:
domain {
file_server
root * /var/www/html/nextcloud
php_fastcgi unix//run/php-fpm/nextcloud.sock {
env modHeadersAvailable true
env front_controller_active true
env HTTPS on
}
redir /.well-known/carddav /remote.php/dav 301
redir /.well-known/caldav /remote.php/dav 301
# .htaccess / data / config / ... shouldn't be accessible from outside
@forbidden {
path /.htaccess
path /.xml
path /3rdparty/*
path /config/*
path /data/*
path /db_structure
path /README
path /lib/*
path /templates/*
path /occ
path /console.php
path /test.php
}
respond @forbidden "Access denied" 403 {
close
}
handle_path /push/* {
reverse_proxy http://127.0.0.1:7867
}
}
3. The problem Iâm having:
Nextcloud High Performance Backend (HBP/notify_push) does not work after Caddy version 2.4.6
4. Error messages and/or full log output:
# occ notify_push:self-test
â redis is configured
â push server is receiving redis messages
â push server can load mount info from database
â push server can connect to the Nextcloud server
đ´ push server is not a trusted proxy, please add 'external_ip' to the list of trusted proxies or configure any existing reverse proxy to forward the 'x-forwarded-for' send by the push server.
See https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html#defining-trusted-proxies for how to set trusted proxies.
The following trusted proxies are currently configured: "127.0.0.1", "::1", "external_ipv6", "external_ipv4"
The following x-forwarded-for header was received by Nextcloud: external_ipv6
from the following remote: external_ipv6
If you're having issues getting the trusted proxy setup working, you can try bypassing any existing reverse proxy
in your setup by setting the `NEXTCLOUD_URL` environment variable to point directly to the internal Nextcloud webserver url
(You will still need the ip address of the push server added as trusted proxy)