How to correctly configure document server on nextcloud behind traefik (v2.11)?

danfossi · 2 March 2024 14:25

I’m fairly new to Traefik (v2.11) and having difficulty setting up Nextcloud+OnlyOffice.

I think a piece is missing because even though the path is correct I just can’t open OnlyOffice from Nextcloud.

IP Addresses:

Traefik: 10.10.10.70
Nextcloud: 10.10.10.73

Error:

connect to cloud.my-domain.com port 443 after 0 ms: Couldn’t connect to server (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://cloud.my-domain.com/index.php/apps/documentserver_community/healthcheck)

Nextcloud configuration file:

config/config.php

<?php
$CONFIG = array (
  'instanceid' => 'oce5onoj6xn7',
  'passwordsalt' => 'JNjRafts37dfyhdiuf/nwD+k5',
  'secret' => '89y45h23i4h32uj423978h23jk4n3un234wqda',
  'trusted_proxies' => 
  array (
          0 => '10.10.10.70',
  ),
  'trusted_domains' => 
  array (
          0 => 'cloud.my-domain.com',
          1 => '10.10.10.73',
          2 => '10.10.10.70',
  ),
  'overwriteprotocol' => 'https',
  'overwritehost' => 'cloud.my-domain.com',
  'overwritecondaddr' => '^10\.10\.10\.70$',
  'datadirectory' => '/srv/nextcloud/data',
  'dbtype' => 'mysql',
  'version' => '28.0.3.2',
  'overwrite.cli.url' => 'http://cloud.my-domain.com',
  'dbname' => 'nextclouddb',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextclouduser',
  'dbpassword' => 'nextcloudpass',
  'installed' => true,
);

Traefik config files:

/etc/traefik/traefik.toml

[log]
  level = "DEBUG"
  filePath = "/var/log/traefik/debug.log"

[accessLog]
  filePath =  "/var/log/traefik/access.log"
  bufferingSize =  100

[providers]
  [providers.file]
    filename = "/etc/traefik/traefik-dynamic.toml"

[api]
  dashboard = true
  debug = true

[entryPoints]
  [entryPoints.web]
    address = ":80"
  [entryPoints.web-secure]
    address = ":443"
  [entryPoints.dashboard]
    address = ":8080"

[certificatesResolvers.sample.acme]
  email = "info@my-domain.com"
  storage = "/etc/traefik/acme/acme.json"

  [certificatesResolvers.sample.acme.httpChallenge]
  # used during the challenge
    entryPoint = "web"

/etc/traefik/traefik-dynamic.toml

[http]
  # Redirect to https
  [http.middlewares]
    [http.middlewares.test-redirectscheme.redirectScheme]
      scheme = "https"
    [http.middlewares.auth.basicAuth]
     # generate password hash form cli or online generators like https://www.web2generators.com/apache-tools/htpasswd-generator
      users = [
          "admin:$secret-password"
        ]

  [http.routers]

    ## cloud ##
    [http.routers.cloud]
      rule = "Host(`cloud.my-domain.com`)"
      service = "cloud"
      entryPoints = ["web-secure"]
    [http.routers.cloud.tls]
      certResolver = "sample"

     ## traefik dashboard ##
    [http.routers.dashboard]
      rule = "Host(`www.my-domain.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
      entryPoints = ["web-secure"]
      service = "api@internal"
      middlewares = ["auth"]
    [http.routers.dashboard.tls]
    #  certResolver = "sample"

[http.services]
    [http.services.cloud.loadbalancer]
      [[http.services.cloud.loadbalancer.servers]]
        url = "http://10.10.10.73"

Apart from the integration between the document server and OnlyOffice, the rest of Nextcloud seems to work correctly, I don’t understand…

Alexandre · 6 March 2024 11:49

Hello @danfossi
Sorry for the late reply.
We have Traefik config samples here: Using ONLYOFFICE Docs behind the proxy - ONLYOFFICE
Please compare them with your one.
If it doesn’t help, we need to take a look at Document server and Nextcloud logs when the situation is reproduced (you have clicked ‘Save’ button on the connector app page).
Additionally, please let us know versions of Nextcloud, Document server and connector app.