nextcloud/all-in-one
1
1
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2024-12-28 17:50:41 +08:00
Code Issues Projects Releases Packages Wiki Activity

adjust some more details

Browse source 
Signed-off-by: Simon L <szaimen@e.mail.de>
This commit is contained in:
Simon L 2023-10-10 12:01:03 +02:00
parent 0edd0e1ed8
commit 1a018d9ef2
1 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
reverse-proxy.md
View file

@ -4,7 +4,7 @@ A [reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy) is basically a we
**Please note:** Publishing the AIO interface with a valid certificate to the public internet is **not** the goal of this documentation! Instead, the main goal is to publish Nextcloud with a valid certificate to the public internet which is **not** running inside the mastercontainer but in a different container! If you need a valid certificate for the AIO interface, see [point 5](#5-optional-get-a-valid-certificate-for-the-aio-interface).
In order to run Nextcloud behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else), you need to specify the port that AIO's Apache container shall use, add a specific config to your web server or reverse proxy and modify the startup command a bit. All examples below will use port `11000` as example Apache port which will be exposed on the host to receive unencrypted HTTP traffic from the reverse proxy. Modify the port to your needings.
In order to run Nextcloud behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else), you need to specify the port that AIO's Apache container shall use, add a specific config to your web server or reverse proxy and modify the startup command a bit. All examples below will use port `11000` as example `APACHE_PORT` which will be exposed on the host to receive unencrypted HTTP traffic from the reverse proxy.
**Attention:** The process to run Nextcloud behind a reverse proxy consists of at least steps 1, 2 and 4:
1. **Configure the reverse proxy! See [point 1](#1-add-this-to-your-reverse-proxy-config)**
@ -19,16 +19,16 @@ In order to run Nextcloud behind a web server or reverse proxy (like Apache, Ngi
**Please note:** Since the Apache container gets created by the mastercontainer, there is **NO** way to provide custom docker labels or custom environmental variables for the Apache container. So please do not attempt to do this because you will fail! Only the documented way will work!
### Adaptation of the respective sample configuration
Of course you need to modify `<your-nc-domain>` to the domain on which you want to run Nextcloud. Also make sure to adjust the port 11000 to match the chosen `APACHE_PORT`.
Of course you need to modify `<your-nc-domain>` to the domain on which you want to run Nextcloud. Also make sure to adjust the port `11000` to match the chosen `APACHE_PORT`. Additionally, you might need to adjust `localhost` based on your setup. See below.
**Running the Reverse Proxy on the same server, not in a container**
**Running the Reverse Proxy on the same server, not in a container**<br>
For this setup, the default sample configurations should work.
**Running the Reverse Proxy in a Docker container on the same server**
**Running the Reverse Proxy in a Docker container on the same server**<br>
For this setup, you can use as target `host.docker.internal:$APACHE_PORT` instead of `localhost:$APACHE_PORT`.<br>
Another option and actually the recommended way in this case is to use `--network host` option (or `network_mode: host` for docker-compose) for the reverse proxy container to connect it to the host network. If you are using a firewall on the server, you need to open ports 80 and 443 for the reverse proxy manually. By doing so, the default sample configurations should work.
**Running the Reverse Proxy on a different server (no matter if in container or not)**
**Running the Reverse Proxy on a different server (no matter if in container or not)**<br>
For this setup, you need to use as target the private ip-address of the host that shall be running AIO. So e.g. `private.ip.address.of.aio.host:$APACHE_PORT` instead of `localhost:$APACHE_PORT`.<br>
If you are not sure how to retrieve that, you can run: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` on the server that shall be running AIO. If the command returns a public ip-address, use `ip a | grep "scope global" | grep docker0 | awk '{print $2}' | sed 's|/.*||'` instead (the commands only work on Linux).