nextcloud nginx reserve proxy



  • I have it all setup and working, but I am getting an error when trying to upload files. What can I do to fix it?



  • Show us the upload error.



  • e6ca25ee-2737-47e5-983f-f8b8eec360cd-image.png



  • Sadly nothing in the logs



  •    server {
        listen 80;
        listen [::]:80;
        server_name cloud.domain.com;
    
        # Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
        return 301 https://$host$request_uri;
    }
    
    server {
       server_name cloud.domain.com;
    
        location / {
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header Host $http_host;
                    proxy_set_header X-NginX-Proxy true;
                    proxy_pass http://192.168.X.X:80;
                    proxy_redirect off;
                   }
    
        listen 443 ssl http2;
        listen [::]:443 ssl http2;                
    
                                                                              
     # certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
        ssl_certificate /etc/letsencrypt/live/cloud.domain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/cloud.domain.com/privkey.pem;
        ssl_session_timeout 1d;
        ssl_session_cache shared:SSL:50m;
        ssl_session_tickets off;
    
    
        # modern configuration. tweak to your needs.
        ssl_protocols TLSv1.2;
        ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHAC$    ssl_prefer_server_ciphers on;
    
        # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
        add_header Strict-Transport-Security max-age=15768000;
    
        # OCSP Stapling ---
        # fetch OCSP records from URL in ssl_certificate and cache them
        ssl_stapling on;
        ssl_stapling_verify on;
    
        ## verify chain of trust of OCSP response using Root CA and Intermediate certs
        ssl_trusted_certificate /etc/letsencrypt/live/cloud.domain.com/chain.pem;
    
        resolver 1.1.1.1;
    
    }
    


  • I did the snap install for nextcloud



  • I’ll be working on this again tomorrow



  • If your nginx reverse proxy is on Fedora, confirm that SELinux isn't denying anything.

    sudo tail -f /var/log/audit/audit.log | grep 'denied'
    

Log in to reply