- What goal are you trying to achieve?
I am trying to use a single IP address with purchased domain name, to access Nextcloud (snap on ports 81 and 442), Guacamole on port 8080, and a self hosted small php website.
Ubuntu Version:
Ubuntu Server 24.04.3 LTS
Desktop Environment (if applicable):
GNOME
Problem Description:
I’m trying to get NextCloud, Guacamole and a few php pages to be externally available and SSL via NGINX, but all I can do so far is to get the NGINX welcome page to load.
As listed above, I’ve got 2 services I really want to get configured - NextCloud and Guacamole. I have both of them working inside my network, I just need to figure out how to put them into NGINX. Icing on the cake would be to also host my small php site as my entry portal.
I’d like to be able to access my stuff (portal) at domain.org, nextcloud at domain.org/nextcloud and guacamole at domain.org/guacamole.
Nextcloud is available within my network on port 81 as a SNAP, and guacamole is available on port 8080 inside a docker.
I’ve been going bald for the past 3 days trying to figure this out, and I’m just not getting anywhere.
Attempted sites available / enabled conf:
domain.org
server {
listen 80;
server_name domain.org; # Replace with your IP/domain
location / {
proxy_pass http://localhost:81/nextcloud; # Replace with your backend
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
I tried to find a step by step guide, and my most recent attempt was using the following:
To set up an Nginx reverse proxy with a Let's Encrypt SSL certificate on Ubuntu, first
install Nginx and the Certbot client. Then, create an Nginx server block for your domain in /etc/nginx/sites-available/ with proxy_pass to your application and enable it. Next, run Certbot with the --nginx option to obtain and install the certificate, which will also modify your Nginx configuration to use SSL. Finally, test your Nginx configuration and reload the service to apply the changes and ensure your reverse proxy is working correctly with HTTPS.
Here are the step-by-step instructions:
1. Install Nginx and Certbot
Update your package lists and install Nginx and the Certbot client:
bash
sudo apt update
sudo apt install nginx certbot python3-certbot-nginx -y
2. Configure Nginx as a Reverse Proxy
Create a new Nginx configuration file for your domain in /etc/nginx/sites-available/.
Inside this file, create a server block with listen 80 and server_name for your domain.
Use proxy_pass to direct incoming requests to your application. A basic example:
nginx
server {
listen 80;
server_name your_domain.com www.your_domain.com; # Replace with your domain
location / {
proxy_pass http://localhost:8080; # Replace with your application's port
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Create a symbolic link from sites-available to sites-enabled:
bash
sudo ln -s /etc/nginx/sites-available/your_domain.com /etc/nginx/sites-enabled/
Test the Nginx configuration for syntax errors:
bash
sudo nginx -t
Reload Nginx to apply the changes:
bash
sudo systemctl reload nginx
3. Obtain a Let's Encrypt SSL Certificate
Use the certbot command to issue an SSL certificate and automatically configure Nginx to use it.
bash
sudo certbot --nginx -d your_domain.com -d www.your_domain.com
Follow the prompts to complete the certificate issuance process. Certbot will automatically modify your Nginx configuration to enable HTTPS and set up automatic renewals.
4. Verify and Test
Visit https://your_domain.com in your web browser to verify that your site is now accessible over HTTPS and that the SSL certificate is valid.
You can also test Certbot's auto-renewal process with:
bash
sudo certbot renew --dry-run