Nethserver reverse proxy and Nextcloud question

reverseproxy
nextcloud

(Charles) #1

NethServer Version: NethServer release 7.4.1708
Module: Nextcloud 12.04

Hi Team,

Hoping you can help me solve this problem with an app I use on my Nethserve hosted Nextcloud. It’s a little complicated so I’ll do my best to set things up. Here’s the scoop:

  • I run Nextcloud 12.4 on my Nethserver.
  • In my Nextcloud I’ve installed an app called External Sites. This application allows an admin to add a link in the Nextcloud web interface Apps menu that points to an external website.
  • I’ve installed a guacamole server in our office. This is not running from my Nethserver (it’s a separate virtual machine).
  • I’ve setup a reverse proxy in our Nethserver to our Guacamole server.

I’m using External Sites from within Nethserver to point to my Guacamole server using the reverse proxy entry where I add in the Nethserver address with the reverse proxy name.
From within my office I login to my Nextcloud and select the External Site for Guacamole on my Nextcloud and I’m able to see my Gucamole login with no issues.

Here’s where I run into trouble.

I then setup a port forward rule on my router and open a non-standard port to the outside that points to my Nextcloud server on the inside. I’ve enabled at my hosting provider an A record so I can point to static IP for our office and use our domain. That works without issue. I can see from outside our network the login for our Nextcloud so this part is working.

But when I login to our Nextcloud from outside our office and I select the External Site icon for our Guacamole I get an error that says our Nethserver IP address could not be found. I’m using a DNS entry name to point to my Guacamole server on our DNS server (and our DNS server is not my Nethserver).

From within our office I have a DNS entry for Nethserver so I can put in that DNS name and it resolves correctly. But from outside our office the computer connecting into our office wouldn’t know how to resolve that DNS name.

If I put into my External Sites entry the IP of my Guacamole Server, Chrome won’t load my Guacamole Server login through Nextcloud unless I allow the running of unauthorized scripts (probably because it’s running without https).

I hope I’ve explained myself correctly here. Basically from outside our office I can’t use the DNS name for our Nethserver because outside doesn’t know what the DNS name is for our Nethserver. And I can’t use the IP of our Guacamole server because I need to use HTTPS which means I’m using reverse proxy. Can anyone see how I can use a reverse proxy setup for my Guacamole Server in Nextcloud from outside our office?

Would this work better if Guacamole was running directly on my Nethserver as opposed to outside by itself?

Thanks!


(Markus Neuberger) #2

What about entering the NethServer IP and DNS name in your local hosts file?

I think the problem is the reverse proxying.
I tried it and it worked with port forwarding from https (443) to guacamole https port 8443.
So you may use port forwarding instead of reverse proxying and just use the FQDN inside and outside.


(Charles) #3

@mrmarkuz, you comment helped me solve my problem! I don’t know why I didn’t think about this before but I’ve now pointed to my external address (A record) for our Nextcloud server in the External Site and referencing the reverse proxy I entered into Nethserver completely solved my problem!

I’ve confirmed that my Guacamole login now works from outside our network to allow our vendors to be able to login and assist us remotely.

Thanks very much for taking time to read and comment on my post Markus. Very much appreciated!