Putting Nextcloud behind an apache reverse proxy

Hey guys,

I am having trouble to place my nextcloud behind an apache reverse proxy (make it accessible as cloud.******.de).

without the reverse proxy everything works just fine.
I can access my nextcloud via cloud.*****.de/nextcloud. Lets encrypt certificate is also set up. with HTTPS redirect active.

what lines do I have to add to my 000-default-le-ssl.conf and 000-default.conf to make my nextcloud accessible as cloud.****.de? (without the /nextcloud)

Also, what about config.php and the fields trusted_proxies and trusted_domains?

I have tried all possible variations of configurations but nothing seems to work :frowning:

My current 000-default-le-ssl.conf:

<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName cloud.********.de
	ServerAdmin webmaster@localhost
	DocumentRoot /var/www

# 17.10.2019 - versuch nextcloud anstelle über *******.de/nextcloud über cloud.*******.de zu erreichen.
	# LoadModule proxy_module modules/mod_proxy.so
	# LoadModule proxy_http_module modules/mod_proxy_http.so

	# anstelle der obigen LoadModule musste folgendes im terminal eingegeben werden: a2enmod proxy_http

	SSLProxyEngine On
	ProxyPass /nextcloud http://cloud.*******.de/
	ProxyPassReverse /nextcloud http://cloud.*******.de/

# 17.10.2019 ende

	ErrorLog ${APACHE_LOG_DIR}/error.log
	#CustomLog ${APACHE_LOG_DIR}/access.log combined

Include /etc/letsencrypt/options-ssl-apache.conf
ServerAlias cloud.*******.de
SSLCertificateFile /etc/letsencrypt/live/cloud.********.de/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/cloud.********.de/privkey.pem

my current 000-default.conf:

<VirtualHost *:80>
ServerName cloud.********.de
	ServerAdmin webmaster@localhost
	DocumentRoot /var/www

ErrorLog ${APACHE_LOG_DIR}/error.log
	#CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =cloud.*******.de
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

many thanks in advance!

Especially /var/www/nextcloud/config/config.php should be adjusted to not contain the /nextcloud sub dir for at least rewrite base, then ncc maintenance:update:htaccess. CLI URL should be able to stay as it is, since this is used internally only anyway, so the proxy can be bypassed by leaving localhost inside, although, not sure if accessing localhost/nextcloud would then be redirected to localhost/nextcloud/nextcloud?

About the Apache config, you proxy http:// accesses from within the https:// (443) vhost? It must be https://cloud… right? :wink:

hmmm, so I applied the suggested tricks:

  1. commented out:
'htaccess.RewriteBase' => '/nextcloud',
  1. updated htaccess

  2. changed https vhost as suggested

  3. systemctl restart apache

sadly it still gives me a proxy error :frowning: