Nextcloud minimal on local network: noway to bootstrap

alain · June 30, 2025, 8:59pm

Hello. I have 2 machines in my local network:
DESKTOP: 192.168.3.106
HEADLESS: 192.168.3.109

If I install nextcloud in my DESKTOP via a module:

{
	config,
	pkgs,
	 ...
}: 

{

	environment.etc."nextcloud-admin-pass".text = "PWD";
	services.nextcloud = {
	  enable = true;
	  package = pkgs.nextcloud31;
	  hostName = "localhost";
	  #https =false;
	  database.createLocally = true;
	  config.adminpassFile = "/etc/nextcloud-admin-pass";
	  config.dbtype = "sqlite";
	};

}

It is ok !

If I install nextcloud in my HEADLESS via a module:

{
	config,
	pkgs,
	 ...
}: 

{

	environment.etc."nextcloud-admin-pass".text = "PWD";
	services.nextcloud = {
	  enable = true;
	  package = pkgs.nextcloud31;
	  hostName = "192.168.3.109";
	  #https =false;
	  database.createLocally = true;
	  config.adminpassFile = "/etc/nextcloud-admin-pass";
	  config.dbtype = "sqlite";
	};

}

It is NOT ok ! no way to open nextcloud from a browser from my DESKTOP.
If I put: http://192.168.3.109:80
my browser changes it in https://192.168.3.109/ and I have got ssl errors…Code d’erreur : SSL_ERROR_INTERNAL_ERROR_ALERT

I am stuck like a noob I am

alain · July 1, 2025, 2:07pm

Ok, I solved myself the problem…
I was using a reverse proxy in HEADLESS: caddy. caddy is listening to ports 80, 443. nextcloud is listening to port 80 too so there is a clash.
As I run lots of services in HEADLESS, I had to isolate nextcloud service. To do so in the “nix way” I made a nix container with nextcloud service inside. btw I do forward ports in the container itself and use headscale/tailscale for accessing nextcloud via the tailnet I host myself.

My nix container:

{
  containers.nextcloud-nix = {
    autoStart = true;
    ephemeral = false;
    privateNetwork = true;
    hostAddress = "192.168.22.10";
    localAddress = "192.168.22.11";
    forwardPorts = [
      {
        containerPort = 80;
        hostPort = 9080;
      }
    ];

    config = { pkgs, config, ...}: {

      # nextcloud
      environment.etc."nextcloud-admin-pass".text = "helloNixGeeks";
      services.nextcloud = {
        enable = true;
        package = pkgs.nextcloud31;
        hostName = "localhost";
        #https =false;
        database.createLocally = true;
        settings.trusted_domains = [ "nextcloud.tailnet" ];
        config.adminpassFile = "/etc/nextcloud-admin-pass";
        config.dbtype = "sqlite";
      };

      networking.firewall.allowedTCPPorts = [80];
      system.stateVersion = "25.05";
    };

  };
}

and my caddy:

.....
 services.caddy = {
    enable = true;
    globalConfig = ''
        http_port  80
        https_port 443
      '';
    # services dans tailnet:
    virtualHosts."http://nextcloud.tailnet:9080".extraConfig = ''
      reverse_proxy http://192.168.22.11:9080
    '';
};