a nextcloud instance on a docker host in an internal network (not directly reachable from the internet), running on HTTP
a caddy instance on a server reachable from the internet (as https://nextcloud.example.com/ ), but also connected to the internal network
Caddy is using http for the reverse_proxy to the nextcloud service.
All clients use the caddy instance (to use SSL). The nextcloud instance does not have a certificate, but you have to make some config settings for nextcloud (in the config.php of nextcloud):
'overwriteprotocol' => 'https',
'overwrite.cli.url' => 'https://nextcloud.example.com',
'forcessl' => true,
'trusted_proxies' =>
array (
0 => 'INTERNAL IP OF Caddy-Host',
),
These are there to force nextcloud to respond to requests with the external url.
The talk clients must use the https://nextcloud.example.com/ address
Granted it doesn’t need to be rencrypted, but Nextcloud requires it to be https. So I added this:
reverse_proxy https://localhost:8443 {
transport http {
tls_insecure_skip_verify
}
}
And it was working for about 4 days then I went to reboot and have caddy start automatically and now I’m getting 502 bad gateway, any clue as to why?
Caddy starts correctly, but the page is blank of the website.
I actually looked closer into the error message and concluded from another page that Matt commented on about the service actually being up and found that there was an older reference to out of date ssl certs. So updated and reboot and all back in business!
Thank you for all your early on efforts with this method, really love the caddy technology!