-
-
Notifications
You must be signed in to change notification settings - Fork 12.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[manual] Nextcloud alternate webserver reverse-proxy #243203
Comments
There's a bit more to the Caddy solution, I spent a few solid hours last night trying to get something working. I still need to deal with caching headers, etc. services.caddy.virtualHosts."mynextcloud.example.com".extraConfig = ''
header {
Strict-Transport-Security max-age=31536000;
}
redir /.well-known/carddav /remote.php/dav 301
redir /.well-known/caldav /remote.php/dav 301
redir /.well-known/webfinger /index.php/.well-known/webfinger
redir /.well-known/nodeinfo /index.php/.well-known/nodeinfo
@store_apps path_regexp ^/store-apps
root @store_apps ${cfg.home}
@nix_apps path_regexp ^/nix-apps
root @nix_apps ${cfg.home}
root * ${cfg.package}
@davClnt {
header_regexp User-Agent ^DavClnt
path /
}
redir @davClnt /remote.php/webdev{uri} 302
@sensitive {
# ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/)
path /build /build/*
path /tests /tests/*
path /config /config/*
path /lib /lib/*
path /3rdparty /3rdparty/*
path /templates /templates/*
path /data /data/*
# ^/(?:\.|autotest|occ|issue|indie|db_|console)
path /.*
path /autotest*
path /occ*
path /issue*
path /indie*
path /db_*
path /console*
}
respond @sensitive 404
php_fastcgi unix/${config.services.phpfpm.pools.nextcloud.socket} {
env front_controller_active true
}
file_server
''; |
Is someone still interested in using Caddy as a webserver, I added a practical configuration example to the NixOS wiki https://nixos.wiki/wiki/Nextcloud#Use_Caddy_as_webserver |
+1 I would also appreciate more documentation on this, as nginx seems unable to fetch TLS certificates for a tailscale (whereas caddy can do so and keep them up to date indefinitely). |
This issue has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/nginx-with-tailscale-cert-automatic-renewal/47007/1 |
The documentation for Nexcloud under "Using an alternative webserver as reverse-proxy (e.g.
httpd
)" [source] [online] is insufficient if extra apps are installed from the store or from nix.I figured out a solution for Caddy, but I don't know Apache httpd well enough to contribute the needed config. I've included mine here as reference. The three lines I indicate need to be adapted to httpd for inclusion in the manual. The first one is trivial, the other two probably are too for someone who knows Apache.
The text was updated successfully, but these errors were encountered: