Reverse Proxy to local IP over https

1. Caddy version: 2.6.2

2. How I installed, and run Caddy:

Installed as Docker container on Unraid

a. System environment:

Unraid linux server
Running Nextcloud as another container by linuxserver.io. Both containers are on a private docker network so they can communicate via hostnames.

b. Command:

Starts automatically via Unraid

d. My complete Caddy config:

cloud.[redacted].com {
reverse_proxy https://nextcloud:443 {
transport http {
tls_insecure_skip_verify
}
}
}

3. The problem I’m having:

I have multiple local servers working great behind caddy using as reverse proxy. I’m having an issue getting Nextcloud to work without using the tls_insecure_skip_verify above which I’m reading is both not recommended and may even be removed eventually. I’m having trouble understanding how to properly use https locally.

5. What I already tried:

I have the caddy IP as a trusted proxy in the nextcloud config and the tls_insecure_skip_verify line in the Caddy file

6. Links to relevant resources:

I tried following this but I didn’t know how to get the ACME server setup and I couldn’t follow it exactly since it sounds like he has the caddy server on a dedicated machine/VM instead of in Docker. Not sure if this is the only way to really do it.

Edit: Reading further into that link it looks like he is using the tls_insecure_skip_verify for nextcloud as well.

You could use the official NextCloud Docker image instead, which doesn’t require proxying over HTTPS (which is only added overhead anyway, within a Docker network).

Oh thank you for this! I’ll give that a try instead.