Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Nextcloud HAPROXY SSL

    Scheduled Pinned Locked Moved General pfSense Questions
    11 Posts 3 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      ederpaulopereira
      last edited by

      Re: Nextcloud and Haproxy Issues

      Hi everyone;

      I'm facing issues with nextcloud and haproxy SSL. My problem is every time that I login on nextcloud, I am redirected to the https port from my pfsense admin page. So, I erase the :port from URL, and I can access the web page from nextcloud. I've read about the nextcloud and reverse proxy, made the configuration, but the problem persists. I can't to know if there is a nextcloud route issue, or a haproxy issue.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        What ports are you using for each of those things?
        It sounds like NC is rediercting you to a port that HAProxy is not listening on but the pfSense GUI is.

        Steve

        E 1 Reply Last reply Reply Quote 0
        • E
          ederpaulopereira @stephenw10
          last edited by

          @stephenw10 Hello;

          So, my pfsense are on 1881/tcp port, using https (with built-in certificate). My NC are running on 80/tcp port (default), but my Haproxy are listening on 443 port, using letsencrypt certificate by acme package. I have other services behind this haproxy, like zabbix, grafana and others, all of them are runing like a charm. My only problem is with nextcloud.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            In System > Advanced try setting Disable webConfigurator redirect rule

            If that stops it hitting the pfSense webgui but it still fails to load then NC is probably redirecting to http somewhere.

            Steve

            E 2 Replies Last reply Reply Quote 1
            • E
              ederpaulopereira @stephenw10
              last edited by

              @stephenw10 said in Nextcloud HAPROXY SSL:

              In System > Advanced try setting Disable webConfigurator redirect rule

              If that stops it hitting the pfSense webgui but it still fails to load then NC is probably redirecting to http somewhere.

              Steve

              I doed it these adjusts, and have adapted this config. to my scenario https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html, so, for now, all is up and running.

              Thanks a lot Steve!

              Eder

              V 1 Reply Last reply Reply Quote 1
              • V
                viragomann @ederpaulopereira
                last edited by

                @ederpaulopereira
                In the NC config did you state the overwrite.cli.url value as http://...? Should be https://.

                1 Reply Last reply Reply Quote 0
                • E
                  ederpaulopereira @stephenw10
                  last edited by

                  @stephenw10 another situation: I have a nginx web server on my lan, and, again, I want to reverse proxy by haproxy. I've inserted the backend, frontend. Inside my Lan, using the local IP address, I can reach the webserver and see the web page. Using my haproxy, on https, SSL cert by letsencrypt + acme, DNS name, this is not possible (error 503). Another servers are normal access, but this nginx (virtualhost default) not. Any sugestion?

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S
                    stephenw10 Netgate Administrator
                    last edited by

                    Could be a number of things. Is that error coming from the server or HAProxy?

                    E 1 Reply Last reply Reply Quote 0
                    • E
                      ederpaulopereira @stephenw10
                      last edited by

                      @stephenw10 the error is in haproxy. I can reach the backend server directly by my lan network, and the nginx serves the index page. Out of my lan network, by the Internet, I get the error. I'll look for a solution, if you have any sugestion please post here.

                      1 Reply Last reply Reply Quote 0
                      • stephenw10S
                        stephenw10 Netgate Administrator
                        last edited by

                        I assume you get the same error if you try to connect via HAProxy from the local network?

                        Does HAProxy show the backend as up? What test do you have configured?

                        503 implies it's seeing it as unavailable.

                        Steve

                        E 1 Reply Last reply Reply Quote 0
                        • E
                          ederpaulopereira @stephenw10
                          last edited by

                          @stephenw10
                          Steve, many thanks your attention.

                          My mistake, the backend config. (Http check method) was changed from OPTION to GET, and was resolved.

                          1 Reply Last reply Reply Quote 1
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.