NethSecurity beta2 reverse proxy

i think there is a typo error in reverse proxy config generator, to replicate:
add a domain reverse proxy
check /etc/config/nginx
in the object config location > list proxy_set_header “Host hostname”
there is always a “)” apennded at the hostname
and of course same error in /etc/nginx/conf.d/ns_name.conf

and while I’m in a little question: what is the correct way to configure nextcloud behind the nethsec reverse proxy? I mean: on ns8 there is no option to disable the ssl forward to nexctloud so for the moment in nextcloud1.yml i have deleted
middlewares:
- http2https-redirectscheme
but it doesn’t seem very clean to me… i’m missing something (beyond reading the docs better) on nethsec side like ssl passthrough or wrong config or is ns8 question?

tnx

Precious as always!

Confirmed and fixed. :dart: But I had working reverse proxies since a while, so I dot not know if it breaks the config.

You can update your machine or upgrade using the image

You should also to delete the proxy pass and create it again due to this issue I’ve found during the tests.

and while I’m in a little question: what is the correct way to configure nextcloud behind the nethsec reverse proxy?

You can specificy a target with SSL even with an invalid certificate :wink:
I just tested the config:

1 Like

thank you, it’s all ok now

i’ve made only a quick test, for me now it’s working with the correct cert on reverse proxy and not with others
i’ll do some other test

note: on nexcloud side i had a warning:

 There are some warnings regarding your setup.
The reverse proxy header configuration is incorrect, or you are accessing Nextcloud from a trusted proxy. If not, this is a security issue and can allow an attacker to spoof their IP address as visible to the Nextcloud. Further information can be found in the documentation ↗.

solved adding the wan ip of nethsec as trusted_proxies in config.php

Thanks again :+1:

3 Likes