Double reverse proxy Nextcloud instance on NS 8

NethServer Version: 8
Module: Nextcloud

Hello NethServer experts!

As I understand it, NS8 is using a reverse proxy (Traefik) to allow multiple instances of a module, for example Nextcloud. This is a very nice feature.

However, in my case, I already have a reverse proxy on the same side of the firewall as my NS8 node. It serves as my single entry point for 80 and 443 connections.

My question therefore is, how do I “double” reverse proxy a Nextcloud instance running on NS8?

I tried to open the firewall to my “nextcloud1” URL, but I believe that it is also necessary to make certain configurations to Nextcloud itself (trusted_proxies), and I am unsure about how such “tweaking” is best done on NS8 (so that it will, e.g., survive a future upgrade or backup of the module).

Thank you for your advice!

I don’t think that you need a special configuration on the reverse proxy.
It should be enough to reverse proxy to the NS8 IP like http(s)://

Anyway, for tweaking Nextcloud including persistence you could use occ:

runagent -m nextcloud1 occ

Example to output the trusted_proxies:

runagent -m nextcloud1 occ config:system:get trusted_proxies

I got 2 entries so array 0 and 1 are already used so to add a trusted proxy to array 2:

runagent -m nextcloud1 occ config:system:set trusted_proxies 2 --value=

Delete a trusted proxy from array 2:

runagent -m nextcloud1 occ config:system:delete trusted_proxies 2

See also Using the occ command — Nextcloud latest Administration Manual latest documentation and GitHub - NethServer/ns8-nextcloud: Nextcloud module for NS8

Thank you so much for your quick response! It sure looks as if I was trying to over-complicate things… A simple reverse proxy to the NS8 IP worked indeed without a problem.

Thank you also for pointing me to the occ command. I should be in good shape now!

1 Like