I have a server running proxmox with 3 VMs: NGINX, Bitwarden and Nextcloud. Bitwarden works fine which proves that NGINX is working ok, however when NGINX tries to connect to Nextcloud it will result in a 502 error. These VMs are configured with bridges and are all accessible by NGINX.
Ideally I would like NGINX to handle SSL.
I am using the Nextcloud AIO docker image, the AIO interface works fine, only traffic proxied through NGINX is resulting in a 502.
Here is the relevant section of my NGINX config:
server {
listen 443 ssl;
server_name nextcloud.verumignis.com;
ssl_certificate /etc/letsencrypt/live/verumignis.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/verumignis.com/privkey.pem;
location /.well-known/acme-challenge/ {
alias /usr/share/nginx/html/.well-known/acme-challenge/;
try_files $uri =404;
}
location / {
proxy_pass https://192.168.2.48:443;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name nextcloud.verumignis.com;
location /.well-known/acme-challenge/ {
alias /usr/share/nginx/html/.well-known/acme-challenge/;
try_files $uri =404;
}
location / {
proxy_pass http://192.168.2.48:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Here is the error in the NGINX error log:
2023/10/02 00:18:53 [error] 2381#2381: *573 SSL_do_handshake() failed (SSL: error:0A000438:SSL routines::tlsv1 alert internal error:SSL alert number 80) while SSL handshaking to upstream, client: 192.168.1.69, server: nextcloud.verumignis.com, request: "GET / HTTP/2.0", upstream: "https://192.168.2.48:443/", host: "nextcloud.verumignis.com", referrer: "https://192.168.2.48:8080/"
When ports 80 and 443 are forwarded directly to Nextcloud it works fine, but obviously that breaks the other services running.
Any help is much appreciated, thanks in advance.
