Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[NextCloud Docker + nginx proxy] Can't access Nextcloud from local network #2116

Closed
GreatNewHope opened this issue Dec 19, 2022 · 4 comments
Closed

[NextCloud Docker + nginx proxy] Can't access Nextcloud from local network #2116

GreatNewHope opened this issue Dec 19, 2022 · 4 comments

Comments

@GreatNewHope
Copy link

GreatNewHope commented Dec 19, 2022
edited by buchdag

Hello! Thanks for this amazing tool and for answering questions here.

My main computer (192.168.1.149) is running docker with four containers running Nextcloud, MariaDB, nginx-proxy and letsencrypt. I followed this guide in case of needing more info.

The problem that I have encountered is that I am able to access Nextcloud from my dynDNS (say, wonderfuldns.ddns.net) and it works flawlessly, but I am completely unable to access Nextcloud from neither my local network (any other computer pointing to 192.168.1.149) nor my external ip (say 207.188.666.666). And this even though my dyndns correctly points to this external ip when asking for my ddns.net. My main concern is with not being able to access Nextcloud from my local network though.

In both cases I get 503 Service Temporarily Unavailable.

There's a weird behaviour. When I change the env variable VIRTUAL_HOST of NextCloud container from wonderfuldns.ddns.net to wonderfuldns.ddns.net,207.188.666.666 the error that I get from accessing NextCloud from the external raw ip changes from 503 to 500 Internal Server Error.

I have also changed internal Nextcloud variables like trusted_domains and trusted_proxies in case it was Nextcloud's fault, with no luck.

This is the docker-compose.yaml for nginx and letsencrypt

version: "3.3"

services:

    NginxProxy:
        image: "jwilder/nginx-proxy:latest"

        volumes:
            - "NPhtml:/usr/share/nginx/html"
            - "NPdhparam:/etc/nginx/dhparam"
            - "NPvhost:/etc/nginx/vhost.d"
            - "NPcerts:/etc/nginx/certs:ro"
            - "/var/run/docker.sock:/tmp/docker.sock:ro"
            - "./client_max_upload_size.conf:/etc/nginx/conf.d/client_max_upload_size.conf"

        labels:
            - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy"
        restart: "on-failure"
        networks: ["net"]

        ports:
            - "80:80"
            - "443:443"

    LetsencryptCompanion:
        image: "jrcs/letsencrypt-nginx-proxy-companion:latest"

        volumes:
            - "LCacme:/etc/acme.sh"
            - "NPvhost:/etc/nginx/vhost.d"
            - "NPcerts:/etc/nginx/certs"
            - "NPhtml:/usr/share/nginx/html"
            - "/var/run/docker.sock:/var/run/docker.sock:ro"

        environment:
            - DEFAULT_EMAIL

        depends_on: ["NginxProxy"]
        restart: "on-failure"
        networks: ["net"]


volumes:
    NPhtml:
    NPdhparam:
    NPvhost:
    NPcerts:
    LCacme:

networks:
    net:
        external: true

And this is the docker-compose.yaml for Nextcloud and MariaDB

version: "3.7"

services:

    NCDatabase:
        image: "mariadb:latest"
        
        volumes:
            - "NCMariaDB:/var/lib/mysql"

        environment:
            - MYSQL_ROOT_PASSWORD
            - MYSQL_RANDOM_ROOT_PASSWORD
            - MYSQL_DATABASE
            - MYSQL_USER
            - MYSQL_PASSWORD

        restart: "on-failure"
        networks: ["common"]

    NCFrontend:
        image: "nextcloud:latest"

        volumes: 
          - "NCData:/var/www/html"
          - "E:\\:/prodDrive"

        environment:
            - LETSENCRYPT_HOST
            - VIRTUAL_HOST
            - TRUSTED_PROXIES
            - OVERWRITEPROTOCOL
            - MYSQL_DATABASE
            - MYSQL_USER
            - MYSQL_PASSWORD
            - MYSQL_HOST
            - SMTP_HOST
            - SMTP_PORT
            - SMTP_NAME
            - SMTP_PASSWORD
            - MAIL_FROM_ADDRESS
            - NEXTCLOUD_TRUSTED_DOMAINS
            - NEXTCLOUD_ADMIN_USER
            - NEXTCLOUD_ADMIN_PASSWORD

        depends_on:
            - "NCDatabase"
        restart: "on-failure"
        networks: ["net", "common"]

volumes:
    NCMariaDB:
    NCData:

networks:
    net:
        external: true
    common:
        internal: true

Where env variables are these

MYSQL_ROOT_PASSWORD=<password>
MYSQL_DATABASE=NC
MYSQL_USER=nextcloud
MYSQL_PASSWORD=<password>
MYSQL_HOST=NCDatabase
LETSENCRYPT_HOST=wonderfuldns.ddns.net
VIRTUAL_HOST=wonderfuldns.ddns.net
TRUSTED_PROXIES=172.18.0.0/16
OVERWRITEPROTOCOL=https
NEXTCLOUD_TRUSTED_DOMAINS=wonderfuldns.ddns.net
@glowatsk
Copy link

glowatsk commented Jan 6, 2023

Also having this exact same issue with a very similar setup. I can access on WAN, nginx returning 503 on any LAN requests using the config from here https://github.com/nextcloud/docker/tree/master/.examples/docker-compose/with-nginx-proxy/mariadb/apache

@fredriki
Copy link

I recently had this problem when setting up my server at home and had also changed my router.

I had to activate NAT reflection on my router for it to work properly.

If you change your hosts file (/etc/hosts) to point on your server on your LAN and that works it's probably NAT reflection and not nginx-proxy.

@rhansen
Copy link
Collaborator

rhansen commented Jan 24, 2023
edited

The problem that I have encountered is that I am able to access Nextcloud from my dynDNS (say, wonderfuldns.ddns.net) and it works flawlessly, but I am completely unable to access Nextcloud from neither my local network (any other computer pointing to 192.168.1.149) nor my external ip (say 207.188.666.666).

Are you using the raw IP address in the URL, like https://192.168.1.149/ or https://207.188.255.255/? If so, that won't work because the client won't send the Host: wonderfuldns.ddns.net HTTP header to nginx, which is necessary for it to determine which virtual host to serve. You need to do one of the following:

  • adjust your LAN DNS (or /etc/hosts) to resolve wonderfuldns.ddns.net to 192.168.1.149, or
  • enable NAT reflection as suggested by @fredriki

then use https://wonderfuldns.ddns.net/ as your URL.

Alternatively, you can mark wonderfuldns.ddns.net as the DEFAULT_HOST and continue to use the raw IP address in the URL. (Not recommended because it won't work with a TLS certificate from a service like Let's Encrypt.)

There's a weird behaviour. When I change the env variable VIRTUAL_HOST of NextCloud container from wonderfuldns.ddns.net to wonderfuldns.ddns.net,207.188.666.666 the error that I get from accessing NextCloud from the external raw ip changes from 503 to 500 Internal Server Error.

This sounds like the NextCloud container itself is examining the VIRTUAL_HOST environment variable and changing its behavior accordingly, though I searched their code and didn't find any references. See #2144 (comment) and #2148.

@GreatNewHope
Copy link
Author

Hi! @rhansen and @fredriki
Thank you so much for your insight! And sorry for my inexperience, because in the end it wasn't much of an nginx question but more of a networking issue.

My router doesnt allow NAT reflection, so I updated my hostsfile as you both suggested and it works perfectly. I used to use this file as an adblock like a decade ago and completely forgot its use case.

🙇🏻🙇🏻 Thank you so much!!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rhansen @fredriki @GreatNewHope @glowatsk