Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Navigation

    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Cloudron and Apps Behind a Proxy

    Support
    reverseproxy
    4
    9
    73
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • doodlemania2
      doodlemania2 App Dev last edited by girish

      Has anyone tried to put an entire CR behind another NGinx proxy? I suspect that's a nono but wanted to check. I only get one IP address and want to route some things to CR and some things to "Other" stuff.

      robi girish 2 Replies Last reply Reply Quote 0
      • robi
        robi @doodlemania2 last edited by

        @doodlemania2 isn't that the typical home setup, where in this case the proxy is the home router?

        mehdi 1 Reply Last reply Reply Quote 0
        • girish
          girish Staff @doodlemania2 last edited by

          @doodlemania2 You can just proxy_pass (https), it should work fine. I think if you have the programmatic DNS then Cloudron can gets certs with DNS automation with no problem as well (otherwise, you will have to somehow auto-magically redirect .well-known stuff required for LE).

          I recall this post - https://forum.cloudron.io/topic/2094/reverse-proxy-infront-of-cloudron-gives-me-to-many-redirects . Maybe @smilebasti has a config.

          doodlemania2 1 Reply Last reply Reply Quote 0
          • mehdi
            mehdi App Dev @robi last edited by

            @robi In a home setup, the home-router acts as a NAT, not a proxy. It's totally different, as it acts at level 3/4 of the network stack, not level 7

            robi 1 Reply Last reply Reply Quote 0
            • robi
              robi @mehdi last edited by

              @mehdi yes, but it's still a node where a transition happens with a similar config that points to CL the domains it hosts.

              1 Reply Last reply Reply Quote 0
              • doodlemania2
                doodlemania2 App Dev @girish last edited by doodlemania2

                @girish That seems like a good idea. I was thinking of doing this:

                Internet -> 1. NGinix Proxy Manager -> Cloudron
                2. NGinix Proxy Manager -> Other thing

                Where:

                1. Proxy host apps.mydomain.net (my cloudron) which has DNS set to public IP address.
                2. Proxy host blah.mydomain.net (my other thing) which has DNS set to public IP address.

                Looks a bit like this:
                4dd19714-1874-41d1-b527-edea98a525ea-image.png

                My Cloudron DNS is set up as Wildcard so that's happy. But I don't think I can have a cert in the proxy AND on the Cloudron resolving to same thing?

                robi girish mehdi 3 Replies Last reply Reply Quote 0
                • robi
                  robi @doodlemania2 last edited by

                  @doodlemania2 may have to copy the cert over manually..

                  1 Reply Last reply Reply Quote 0
                  • girish
                    girish Staff @doodlemania2 last edited by

                    @doodlemania2 said in Cloudron and Apps Behind a Proxy:

                    But I don't think I can have a cert in the proxy AND on the Cloudron resolving to same thing?

                    What do you mean by this? Cert doesn't resolve to anything (or did you mean DNS? even then I am not sure what you are asking...)

                    But you are on the right path! For Cloudron, choose https proxying.

                    1 Reply Last reply Reply Quote 0
                    • mehdi
                      mehdi App Dev @doodlemania2 last edited by

                      @doodlemania2 I think you should just use traefik (or another reverse-proxy that handles Let'sEncrypt stuff by itself), and just disable certs on Cloudron's side. You don't really care about the encryption between the Reverse-Proxy and cloudron, if there are self-signed certs, it shouldn't be an issue (as long as the reverse-proxy is configured to accept it)

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post