NextPush configuration

1. The problem I’m having:

I’m trying to set up NextPush on my nextcloud-aio server. I have the nextpush app installed on the server, but I don’t know how to configure the reverse proxy timeout and buffering settings, or the matrix gateway the way they describe in the README.md. They have examples for apache and nginx, and I don’t know how to translate them to Caddy. I can connect the android nextpush app to my server, and it works/sends notifications when I restart the service, but it constantly is disconnecting, likely due to not having my proxy set up with all the options the instructions call for.

2. Error messages and/or full log output:

N/A

3. Caddy version:

v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=

4. How I installed and ran Caddy:

a. System environment:

Debian 12 (bookworm)
docker --version
Docker version 20.10.24+dfsg1, build 297e128
docker-compose version

docker-compose version 1.29.2, build unknown
docker-py version: 5.0.3
CPython version: 3.11.2
OpenSSL version: OpenSSL 3.0.11 19 Sep 2023

b. Command:

sudo docker-compose up -d

c. Service/unit/compose file:

~/Caddy/Dockerfile

FROM caddy:latest AS builder

RUN caddy add-package github.com/caddy-dns/duckdns

FROM caddy:latest

COPY --from=builder /usr/bin/caddy /usr/bin/caddy

~/compose.yaml

version: "3.6"

services:
  nextcloud-aio-mastercontainer:
    image: nextcloud/all-in-one:latest
    init: true
    restart: unless-stopped
    container_name: nextcloud-aio-mastercontainer
    ports:
      - "8080:8080"
    volumes:
      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config 
      - /var/run/docker.sock:/var/run/docker.sock:ro 
    environment:
      - APACHE_PORT=11000
      - APACHE_IP_BINDING=127.0.0.1
      - BORG_RETENTION_POLICY=--keep-within=7d --keep-monthly=6 --keep-yearly=4
      - NEXTCLOUD_STARTUP_APPS=deck twofactor_totp tasks calendar contacts notes 
      - NEXTCLOUD_ENABLE_DRI_DEVICE=true 
      - SKIP_DOMAIN_VALIDATION=true
    depends_on:
      - caddy
    networks:
      - nextcloud-aio

  caddy:
    build: ./Caddy
    restart: unless-stopped
    container_name: caddy
    volumes:
     - ./Caddyfile:/etc/caddy/Caddyfile
     - ./certs:/certs
     - ./config:/config
     - ./data:/data
     - ./sites:/srv
    network_mode: host

volumes: 
  nextcloud_aio_mastercontainer:
    name: nextcloud_aio_mastercontainer 

networks:
  nextcloud-aio:
    name: nextcloud-aio
    driver: bridge
    enable_ipv6: true

d. My complete Caddy config:

~/Caddyfile

{
	auto_https disable_redirects
}
https://my_personal_nextcloud_server.duckdns.org:443 {
	reverse_proxy localhost:11000
	tls {
		dns duckdns token
	}
}

5. Links to relevant resources:

That’s the wrong way to build Caddy. Please see Build from source — Caddy Documentation.

You shouldn’t use caddy add-package, you should use xcaddy build.

Minor thing, you can simplify this to just:

my_personal_nextcloud_server.duckdns.org {

Specifying https:// and :443 is redundant.

I don’t know anything about NextPush. You haven’t shown your Caddy logs (enable the debug global option), so I have no evidence of a problem. Can’t help troubleshoot if I can’t see symptoms of the problem.

1 Like

When I use the xcaddy version of the dockerfile as specified in the build from source page, I get

jerry@server ~> sudo docker-compose up -d --build
[sudo] password for jerry: 
Building caddy
Sending build context to Docker daemon  2.048kB
Step 1/4 : FROM caddy:latest AS builder
 ---> 66978cebfbcc
Step 2/4 : RUN xcaddy build --with github.com/caddy-dns/duckdns
 ---> Running in 1b9c5a851288
/bin/sh: xcaddy: not found
The command '/bin/sh -c xcaddy build --with github.com/caddy-dns/duckdns' returned a non-zero code: 127
ERROR: Service 'caddy' failed to build : Build failed

the add-package version works, what’s wrong with it?

I don’t know anything about NextPush. You haven’t shown your Caddy logs (enable the debug global option), so I have no evidence of a problem. Can’t help troubleshoot if I can’t see symptoms of the problem.

I don’t need help troubleshooting a problem, I need help translating apache or nginx configuration to the Caddyfile format. uppush/README.md at main - NextPush/uppush - Codeberg.org has the configuration I’m trying to imitate, and links to example files to see the settings in context uppush/reverse_proxy_examples at main - NextPush/uppush - Codeberg.org

This is wrong too. You need to use the builder image variant, not latest. Review the docs I linked.

It’s downloading a build from Caddy’s build server (i.e. Download Caddy), you’re not actually building Caddy locally. This adds pressure to the build server (especially if automated in CI pipelines etc). And we cannot guarantee uptime of the build server, so it can randomly fail if the build server is down.

Using xcaddy builds from source using Go tooling, which will always work correctly.

Caddy’s proxy has no timeouts by default, so those aren’t relevant.

Again, we need to see logs to see how it’s failing to be able to help you.

Good to know, I’ll try to switch

jerry@server ~> sudo docker-compose up -d --build
Building caddy
Sending build context to Docker daemon  2.048kB
Step 1/4 : FROM caddy:latest-builder AS builder
manifest for caddy:latest-builder not found: manifest unknown: manifest unknown
ERROR: Service 'caddy' failed to build : Build failed
jerry@server ~ [1]> cat Caddy/Dockerfile 
FROM caddy:latest-builder AS builder

RUN caddy add-package github.com/caddy-dns/duckdns

FROM caddy:latest

COPY --from=builder /usr/bin/caddy /usr/bin/caddy

Caddy’s proxy has no timeouts by default, so those aren’t relevant

Cool, that’s good to know. What about proxy_buffering off; (Nginx) or <Proxy "fcgi://localhost/" disablereuse=on flushpackets=on max=10></Proxy> (Apache)?

For the matrix gateway, would adding reverse_proxy /_matrix/push/v1/notify localhost:11000/index.php/apps/uppush/gateway/matrix be the correct way to redirect that path? For reference:

location /_matrix/push/v1/notify {
    proxy_pass http://127.0.0.1:5000/index.php/apps/uppush/gateway/matrix;
}

(nginx example)
ProxyPass "/_matrix/push/v1/notify" http://127.0.0.1:5000/index.php/apps/uppush/gateway/matrix (Apache example)

There’s no latest-builder tag. You must use a specific version tag.

FROM caddy:2.7.6-builder

No. The reverse_proxy upstreams cannot have a path, it must be only an host:port. See the docs.

You can use the rewrite directive to change the request path before proxying.

But again… without your Caddy logs and evidence of a problem, I can’t suggest anything specific to try.

Please share your logs.

Ok, updating the dockerfile to use xcaddy with 2.7.6 worked. Is there a way to have it use the latest version and fill it in, e.g. FROM caddy:${latest}-builer AS builder?

My plain Caddyfile seems to work as expected! So I guess I was overthinking it trying to configure things as directed. Thanks for your help though!

{
	auto_https disable_redirects
}
my_personal_nextcloud_server.duckdns.org {
	rewrite /_matrix/push/v1/notify /index.php/apps/uppush/gateway/matrix
	reverse_proxy localhost:11000

	tls {
		dns duckdns token
	}
}

No. Using latest is an anti-pattern. You should never use latest.

There’s plenty of articles out there that explain why it’s a bad idea to use latest. For example: What's Wrong With The Docker :latest Tag? · vsupalov.com

Ah good to know, I didn’t realize “latest” meant something different than I thought. Is there a similar tag like “stable” or something I can use so I don’t have to go and look up what specific version numbers are available?

No, the whole point is that you don’t rely on a moving target. The problem is that if a breaking change happens, your config won’t match. So you should deliberately update the version regularly.