Here’s my setup, i have a nethserver thats acting as dhcp-server, file-server, nextcloud-server. I have a second server running with openproject.
My openproject-server is readable with it’s fixed ip-adres, when i ping the url i got every time answers. So i can concluded that the openproject-server is working and that the DNS also function.
I created a reverse proxy record with the correct url but it’s still not working. So i guess that i oversee something for the moment. It would be nice if someone put me on the right track to solved my issue.
At home I probably have running what you’re trying to do…
One public IP Adress (dynamic). I’m using a hardware box (PCEngines) with OPNsense as firewall, but I have (for tests) also created the same environment just using NethServer.
Besides the NethServer, there are two other servers at home (A PI-Hole VM and a DMS System on Debian). Both are also available internally and externally using the same dns fqdn, so for example my iPhone works internally and externally using the same dns name…
One big tip:
NethServer does not (yet) support IPv6, only IPv4 is supported. I turn off ALL IPv6 sources, so my home LAN is completly IPv4 only. (Evades DNS Name conflicts, some not available on IPv6…).
This alone will NOT solve all your problems, but is one big step…
Win10 prefers to use IPv6 if available, meaning all DNS pointing to NethServer may be ignored, only the IPv6 DNS entries are used…
On my firewall, Port 80 and 443 both point to my NethServer. (192.168.31.20).
My PI-Hole, running on a VM, is available externally and internally, with a Letsncrypt SSL.
I’m using the Reverse Proxy to point the name for web usage to the NethServer Reverse Proxy.
Hi Andy, i’m think we are running a very simular setup, except my nethserver is also running as a vm.
External IP-address nethserver is setup as dmz in the router. DHCP internal network completly done by nethserver, all IPv4.
On the local network i have no trouble to reach the project server with url or the local ip-address.
When i try to access the project server from an external network i get the welcome page from my nethserver. On the dashboard i created a reverse proxy but with no avail.
Don’t understand what you mean with “I’m using the Reverse Proxy to point the name for web usage to the NethServer Reverse Proxy”
My PI-Hole (as an example) does not provide a https access and does not handle LetsEncrypt SSL certs.
My NethServer does that. So https://pi-hole.r7.anwi.ch points internally and externally to my NethServer.
If I access the PI-Hole directly, I have to use the IP or real FQDN: http://awr7-pi-hole.r7.anwi.ch. This bypasses the NethServer (and it’s reverse Proxy providing for the SSL https access).
The DNS side of things:
External DNS:
pi-hole.r7.anwi.ch exists, and is a CNAME pointing to gw.r7.anwi.ch, itself a CNAME pointing to my DynDNS IP Address.
awr7-pi-hole.r7.anwi.ch is normally NOT available externally.
Internal DNS (OPNsense & NethServer):
pi-hole.r7.anwi.ch exists, and is a CNAME pointing to awr7-nethserver.r7.anwi.ch, my NethServer with the IP 192.168.31.20.
awr7-pi-hole.r7.anwi.ch points directly to the IP of my PI-Hole, 192.168.31.29.
This is the configuration as shown in Cockpit → Applications → WebServer → Reverse Proxy:
I think the issue is how you access that project server externally.
What DNS name (fqdn) is used?
The same DNS fqdn should also exist on your Internal DNS Server (NethServer?), but pointing directly to it’s internal IP address.
Hope this helps clarify a few issues…
My 2 cents
Andy
PS:
My NethServer at home, along with all 30 of my clients NethServer are running as VM on Proxmox.
Just the best, nothing less! Including NethServer!
Sorry for the late responds, been pretty hectic weeks here. I’m running nethserver and the other servers on proxmox.
External DNS:
I use dynamic DNS on my Nethserver to update my public ip-address to dynu. I use dynu for my dynamic dns service.
On dynu i created a cname for project that points to the root of my domain.
Internal DNS
project-kaayman redirect to 192.168.1.25 (Reverse proxy)
A) A vhost entry for your domain project.kaayman-group.com (On your NethServer)
The Webpage for this would go under /var/lib/nethserver/vhosts/project.kaayman-group.com
(Or, if using cockpit a random number as folder).
B) Create a index.html (or PHP) under /var/www/html/
Otherwise your server will always show that “starter page”, if that folder is empty…
Option A needs a vhost, but without any html content, it would be empty…
So best also at least a cover page, with the name (fqdn) of the vhost as content, eg in an html file, so you know it’s working!
If you want to see your “projectserver”, you’ll need to use Reverse-Proxy.
Install that from Software Center if not already install. I’m not sure, but it could be together with webserver…
Create a reverse proxy as here, for my PI-Hole at home:
You will need an entry in your external DNS pointing to this NethServer, and also (better) an alias internally on your NethServer pointing to NethServer (instead of the projectserver)…
TIP:
With this setup, you can use NethServer’s LetsEncrypt SSL certs to provide SSL for your projectserver… (Like I’m doing for my PI-Hole, which doesn’t provide SSL here…).
PS: You’re welcome to test the link, and also verify the SSL cert…
Quick question let’s say I’ve got nextcloud on server 192.168.1.10 and my main public facing server with reverse proxy is setup to point cloud.domain.com to 192.168.1.10/nextcloud what would be causing it to redirect to 192.168.1.10/nextcloud/nextcloud/ we I go to cloud.domain.com