Question Reverse Proxy

Currently reading
Question Reverse Proxy

239
35
NAS
DS918+
Operating system
  1. macOS
Mobile operating system
  1. iOS
I did have a Reverse Proxy working but I broke some other stuff and now on recreation it doesn't work....

I've installed Nextcloud in a Docker. It works! Its on port 8080, wise folk here suggest a RP and so I have set up the subdomain nextcloud.mydomain.tld. The DNS (external) is set and propagated. I asked LetsEncrypt for a new certificate with my nextcloud subdomain added. Then I followed the other instructions here.

The first time this worked it didn't. It did take me to my Nextcloud but there was an error as I was using an "untrusted domain". I've reinstalled Nextcloud (don't ask). Although I haven't quite fixed the "untrusted domain" issue, the RP should still take me to my Nextcloud and that error message. But instead I get the default Synology web page.

The RP is set up thus:

Description: Nextcloud
Source
Protocol: HTTPS
Hostname: nextcloud.mydomain.tld <- not my real domain but I did put my real domain in!
Port:443
Destination
Protocol: HTTP
Hostname: 192.168.1.2 <- LAN address of my DiskStation
Port: 8080

I can access Nextcloud at 192.168.1.2:8080, cloud.mydomain.tld gets me the Synology default we page.

I know I need to fix the trusted domain in Nextcloud but I'm in the same place I was yesterday when the PR appeared to take me to Nextcloud.

(I'll ask for command line file editing tips later but any advice meanwhile?)
 
Last edited:
I can access Nextcloud at 192.168.1.2:8080, cloud.mydomain.tld gets me the Synology default we page.

It wouldn't be cloud.mydomain.tld, you'd want nextcloud.mydomain.tld .

Hard to tell if you're making that little goof just here, or when you try to access the page.

And, you'd need to make sure to type in https://nextcloud.mydomain.tld . Otherwise, you're going to pull up port 80, not 443, and 80 isn't forwarded by your current reverse proxy setup.
 
It wouldn't be cloud.mydomain.tld, you'd want nextcloud.mydomain.tld .
Sorry, my typo. Lets assume I mean nextcloud.mydomain.tld.

you'd need to make sure to type in https://nextcloud.mydomain.tld
Yes, but I never type http anything and assume nobody else does. The BBC is at bbc.o.uk not BBC - Home
80 isn't forwarded by your current reverse proxy setup.
Can I fix that? I tried setting the Destination Protocol to HTTPS but that got me a Synology 404.

May have to RTFM!
 
Last edited:
If you want both port 80 and port 443 to forward, you could just make two entries in your reverse proxy setup, both pointing to the same place.

So, the first one you already have.
The second one would be (to use your formatting):

Description: Nextcloud http
Source
Protocol: HTTP
Hostname: nextcloud.mydomain.tld <- not my real domain but I did put my real domain in!
Port:80
Destination
Protocol: HTTP
Hostname: 192.168.1.2 <- LAN address of my DiskStation
Port: 8080

The "problem" with this setup is that when users connect without https, they'll be using an insecure connection. What you REALLY want, I think, is for the user to be forced to https even when they fail to enter the https://

So then you say, "I'll just check the "use HSTS" option on the https entry, then I don't need the http entry. That'll fix it!" And it might... but it seems you have to reboot the diskstation after setting this, for it to take effect. And, you may have to clear your browser cache as well.
 
What you REALLY want, I think, is for the user to be forced to https even when they fail to enter the https://
Yes. I tried your second option of only having the one PR but it didn't work, even after a reboot. But two RPs seems to have done the trick.

No doubt it will all go wrong later so standby... ;)
 
It works for me too, but, again, I find that I have to reboot the diskstation for this to take effect, and it seems (maybe my superstition?) not to work until I've also cleared the browser's cache, if the browser was previously connecting to the same container via https.
 
So I tried and failed again. I've tried a couple of times. I've used @Rusty 's tutorial (despite his typos and formatting!) and even followed along with Gudbrand Olimb"s version. I slept on it and tried again. Still no joy.

One thing to report that on creating the second Reverse Proxy, on "OK" to save I had much waiting, more than enough time to make coffee and then decide to reboot the DiskStation. The PR was there on startup, but the same thing happened the next time. Maybe nothing, maybe something?

So I'm expecting (wanting - demanding!) my subdomain 'nextcloud.mydomain.tld' to get me to my Nextcloud web pages at port 8080 via https whether or not anyone typed http or not.

After following the tutorials typing nextcloud.mydomain.tld gets me to a secure page which is Synology 404.

Screenshot 2020-06-13 at 17.00.19.png


Other points of failure:

I can access my DiskStation Manager via server.mydomain.tld:1234. I can access Nextcloud at 192.168.1.2:8080. I cannot, however access nextcloud via server.mydomain.tld:8080. server.mydomain.tld without specifying a port gets me to the Synology Web Station "enabled" page.

Port 8080 is open on my router. The subdomain 'nextcloud' is a fully qualified domain name and has a record in the DNS which points to the public IP of my router. All stuff that generally works, has worked on A N Other linux server.

So the http to https appears to be working? But then I'm not getting sent to or am being blocked from accessing Nextcloud at port 8080?
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

  • Question
I have two copies. The version I play on downloaded through Steam and the server instance purchased and...
Replies
6
Views
1,657
  • Question
no idea, but definitely it redirects http requests on port 80 to 5000 if this setting is disabled. When it...
Replies
13
Views
6,162
Found a workaround. I have installed a torrent download client, with docker, that can connect through a...
Replies
17
Views
3,238

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top