NginX Reverse Proxy for NextCloud

Since the docker container we use as a Collabora Online server doesn’t come with valid certificates for your domain, we use nginx as a reverse proxy which will provide us with a valid ssl setup to connect our browser to.

You can either run this reverse proxy on a seperate (sub-)domain or add it to the same domain your Nextcloud runs on.

Add a new server block to your nginx config or add the location entries to an existing one if you’re re-using the same domain.

server {

    listen       443 ssl;

    server_name  office.example.com;

    ssl_certificate /path/to/certficate;

    ssl_certificate_key /path/to/key;

    # static files

    location ^~ /loleaflet {

        proxy_pass https://localhost:9980;

        proxy_set_header Host $http_host;

    }

    # WOPI discovery URL

    location ^~ /hosting {

        proxy_pass https://localhost:9980;

        proxy_set_header Host $http_host;

    }

   # main websocket

   location ~ ^/lool/(.*)/ws$ {

       proxy_pass https://localhost:9980;

       proxy_set_header Upgrade $http_upgrade;

       proxy_set_header Connection “Upgrade”;

       proxy_set_header Host $http_host;

       proxy_read_timeout 36000s;

   }

   # download, presentation and image upload

   location ~ ^/lool {

       proxy_pass https://localhost:9980;

       proxy_set_header Host $http_host;

   }

   # Admin Console websocket

   location ^~ /lool/adminws {

       proxy_pass https://localhost:9980;

       proxy_set_header Upgrade $http_upgrade;

       proxy_set_header Connection “Upgrade”;

       proxy_set_header Host $http_host;

       proxy_read_timeout 36000s;

   }

   # Capabilities

   location ^~ /hosting/capabilities {

       proxy_pass https://localhost:9980;

       proxy_set_header Host $http_host;

   }

}

Hmm… no, not necessarily. The reason for using the LAN IP is that the loopback address doesn’t work as you might expect inside a Docker container.

Environment Variables

First up is a file called .env in which we will place environment variables for the containers. You will need to change each of these.

NEXTCLOUD_ROOT=/home/username/nextcloud

NEXTCLOUD_IPADDRESS=10.20.30.40 change to the webserver ip address. Eg 192.103.2.3

NEXTCLOUD_FQDN=cloud.domain.name

COLLABORA_FQDN=office.domain.name

MYSQL_ROOT_PASSWORD=password

MYSQL_PASSWORD=password

COTURN_SECRET=password

A few notes about running these containers:

  • You must be in the same folder as docker-compose.yml.
  • If you make any changes to docker-compose.yml, you can run docker-compose up -d again to automatically recreate the container with the new configuration.
  • To update your containers, run docker-compose pull and then docker-compose up -d . Then to dump the old images, run docker image prune –force .
  • If you have built an image with a Dockerfile, docker-compose pull will fail to pull it. Then just run docker-compose build –pull before running docker-compose up -d.
  • To check the status of your containers, run docker-compose ps .
  • Persistent data (your Nextcloud data and database) are in the subfolders, so even if you delete your containers, your data is safe.

Was this helpful?

0 / 0