1. My Caddy version (caddy version
): No clue, its an addon for hassio
2. How I run Caddy:
a. System environment:
runs as a hassio addon in a docker container and serves as reverse proxy
3. The problem I’m having:
the domain next.domain.tld points to a nextcloud instance but, while internaly i can reach the instance even by using the domainname, it cannot be reached from outside.
all the other subdomains work fine
also, internally the browser changes the domain into the internal ip adress of the host.
i do not understand why it does that.
If anyone could take a look at the configuration above and tell me what went wrong id appreciate it
4. Caddy Config file
next.domain.tld {
proxy / 192.168.178.215:5080
root /var/www/nextcloud
log /var/log/nextcloud_access.log
errors /var/log/nextcloud_errors.log
fastcgi / 127.0.0.1:9000 php {
env PATH /bin
env modHeadersAvailable true
env front_controller_active true
connect_timeout 60s
read_timeout 3600s
send_timeout 300s
}
header / {
Strict-Transport-Security "max-age=15768000;"
X-Content-Type-Options "nosniff"
X-XSS-Protection "1; mode=block"
X-Robots-Tag "none"
X-Download-Options "noopen"
X-Permitted-Cross-Domain-Policies "none"
Referrer-Policy "no-referrer"
}
header /core/fonts {
Cache-Control "max-age=604800"
}
# checks for images
rewrite {
ext .png .html .ttf .ico .jpg .jpeg .css .js .woff .woff2 .svg .gif .map
r ^/index.php/.*$
to /{1} /index.php?{query}
}
rewrite {
r ^/\.well-known/host-meta$
to /public.php?service=host-meta&{query}
}
rewrite {
r ^/\.well-known/host-meta\.json$
to /public.php?service=host-meta-json&{query}
}
rewrite {
r ^/\.well-known/webfinger$
to /public.php?service=webfinger&{query}
}
rewrite {
r ^/index.php/.*$
to /index.php?{query}
}
rewrite / {
if {path} not_starts_with /remote.php
if {path} not_starts_with /public.php
ext .png .html .ttf .ico .jpg .jpeg .css .js .woff .woff2 .svg .gif .map .html .ttf
r ^/(.*)$
to /{1} /index.php{uri}
}
rewrite / {
if {path} not /core/img/favicon.ico
if {path} not /core/img/manifest.json
if {path} not_starts_with /remote.php
if {path} not_starts_with /public.php
if {path} not_starts_with /cron.php
if {path} not_starts_with /core/ajax/update.php
if {path} not_starts_with /status.php
if {path} not_starts_with /ocs/v1.php
if {path} not_starts_with /ocs/v2.php
if {path} not /robots.txt
if {path} not_starts_with /updater/
if {path} not_starts_with /ocs-provider/
if {path} not_starts_with /ocm-provider/
if {path} not_starts_with /.well-known/
to /index.php{uri}
}
# client support (e.g. os x calendar / contacts)
redir /.well-known/carddav /remote.php/carddav 301
redir /.well-known/caldav /remote.php/caldav 301
# remove trailing / as it causes errors with php-fpm
rewrite {
r ^/remote.php/(webdav|caldav|carddav|dav)(\/?)(\/?)$
to /remote.php/{1}
}
rewrite {
r ^/remote.php/(webdav|caldav|carddav|dav)/(.+?)(\/?)(\/?)$
to /remote.php/{1}/{2}
}
rewrite {
r ^/public.php/(dav|webdav|caldav|carddav)(\/?)(\/?)$
to /public.php/{1}
}
rewrite {
r ^/public.php/(dav|webdav|caldav|carddav)/(.+)(\/?)(\/?)$
to /public.php/{1}/{2}
}
# .htaccess / data / config / ... shouldn't be accessible from outside
status 404 {
/.htaccess
/data
/config
/db_structure
/.xml
/README
/3rdparty
/lib
/templates
/occ
/console.php
}
}
bookmarks.domain.tld:443 {
proxy / 192.168.178.215:9090
}
dav.domain.tld:443 {
proxy / 192.168.178.230:5232
}
ha.domain.tld:443 {
header / {
Strict-Transport-Security “max-age=31536000; includeSubdomains”
X-XSS-Protection “1; mode=block”
X-Frame-Options “DENY”
Referrer-Policy “same-origin”
}
proxy / 192.168.178.209:8123 {
websocket
transparent
header_upstream Host {host}
header_upstream X-Real-IP {remote}
header_upstream X-Forwarded-For {remote}
header_upstream X-Forwarded-Proto {scheme}
}
}
vpn.domain.tld:1194 {
proxy / 192.168.178.215:1194
}
5. What I already tried:
i did try a couple of configs as well as running caddy on a different host (the docker host thats running the nextcloud as well) but it seems i cant get it to work like it should.
the hassio addon is the first that seems to run mostly ok
Edit: fixed formatting