Configuring NextCloud Docker container to work with existing SSL Nginx setup - SOLVED

General
1

People,

I have been using the php-fpm.conf file hereunder happily for SSL access to my RoundCubeMail server acessed with:

https://domainname.com.au/webmail

but now I want to also have secure access to the NextCloud Docker container I have installed - I have not been able to find exactly what I needed by Googling but I have tried everything I can think of (you can see some stuff commented out) but I still haven’t solved the problem. The NC container is running on 172.19.0.21:80 .

Any help appreciated!

Thanks,
Phil.

# PHP-FPM FastCGI server
# network or unix domain socket configuration

upstream php {
	server unix:/run/php-fpm/www.sock ;
}

# upstream nc {
# 	server 172.19.0.21 ;
# }

server {
	listen	 443;
 	root /home/0_www/ssl ;
	index index.php index.html index.htm;
 	server_name domainname.com.au ;

	ssl on ;
	ssl_certificate /etc/nginx/ssl/cert_chain.crt ;
	ssl_certificate_key /etc/nginx/ssl/www.domainname.com.au.key ;

#	location / {
#		try_files $uri $uri/ =404;
#	}

	location / {
#		rewrite /nc	'' ;
#		proxy_pass http://nc; # match the name of upstream directive which is defined above
#		proxy_pass http://172.19.0.21 ;
		proxy_set_header Host $host;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_redirect https://localhost/ http://172.19.0.21/ ;  # Just give the PHP info screen
	}

#	location = /my-exact-file.html {
#		rewrite /my-exact-file.html http://external-website.com/
#	}

	location ~ \.php$ {
		fastcgi_index index.php;
		include fastcgi_params;
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
		fastcgi_pass php;
	}

	location ~ \.(cgi|pl|rb)$ {
		fastcgi_index index.cgi ;
		include /etc/nginx/fastcgi.conf ;
#		fastcgi_pass 127.0.0.1:12345 ;
		fastcgi_pass unix:/run/nginx/fcgiwrap.sock ;
	}

	location /cgi-bin {
		fastcgi_index index.cgi ;
		include /etc/nginx/fastcgi.conf ;
		fastcgi_pass unix:/run/nginx/fcgiwrap.sock ;
	}

	location /pwm {
		auth_basic "pwm";
		auth_basic_user_file /home/0_www/secure/apasswds;

		fastcgi_index index.cgi ;
		include /etc/nginx/fastcgi.conf ;
		fastcgi_pass unix:/run/nginx/fcgiwrap.sock ;
	}
}
2

I found an Nginx config block that worked:

	location ~ /(|login|apps) {
		proxy_pass http://172.19.0.21 ;
		proxy_set_header Host $host;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-Proto $scheme;
	}