Failed! Publishing App from LAN to external domain

alwazw · November 1, 2023, 5:49pm

Plz help!!!

**I followed Tom’s tutorial on youtube for HAProxy & Let’s Encrypt on pfSense to publish an instance of nextcloud.mydomain.com accessible via internet. I’m failing miserably at it. **

I have pfsense virtualized on proxmox. I want to publish nextcloud online for family and friends.
I tried every advise and tutorial online and still getting:

This page isn’t working nextcloud.mydomain.com redirected you too many times.

-----
My ISP Modem doesn’t allow bridging so WAN is in DMZ.

WAN & LAN interface
Block private networks off
Block bogon networks off
-----
-----
Wan 192.168.2.222
gateway 192.168.2.1
lan 10.10.10.10
turnkeylinux-nextcloud 10.10.10.42
-----
-----
Webconfigurator
HTTPS port 10443
Webgui redirect on
-----
-----
Firewall rules
LAN Default
WAN added:
Block WAN net to this firewall
Pass IPV4 TCP to WAN port 1194(OpenVPN) added by wizard
-----
-----
Acme Account keys
Name mydomain_com
Description apps
CA letsencrypt-production-2

Acme Certificate (issued and renewed succesfully)
Name wildcard_mydomain_com
Description apps
Status Active
Acme Account mydomain_com
private key 2048-bit RSA

Table
Mode Enabled
*Domain name .mydomain.com
Method DNS-cloudfare

Action list:
Mode Enabled
Command /usr/local/etc/rc.d/haproxy.sh restart
Method shell command
-----
-----
ddns nextcloud dot mydomain dot com working
-----
-----
**haproxy backend **
Mode active
Name nextcloud
Forwardto Address+Port:10.10.10.42
Address Port 80
Encrypt(SSL) no
SSL checks no
-----
-----
**haproxy frontend **
Name mydomain_com
Description apps
Status Active
–
External address - Table:
Listen address WAN address (IPv4)
Custom address greyed out
Port 443
SSL Offloading on
Type: http/https(offloading)
–
Access Control lists:
Name nextcloud
Expression Host matches:
**CS no **
Not no
Value nextcloud dot mydomain dot com
–
**Actions: **
Action Use Backend
Parameters See below
Condition acl names nextcloud
backend nextcloud
–
SSL Offloading:
Certificate: wildcard_wazzan_us
Add ACL for certificate subject alternative name ON
----
----
DNS Resolver
Enabled
DNSSEC support Enabled

Host Overrides
Host: nextcloud
Parent domain: mydomain dot com
IP to return for host: 10.10.10.42
description: nextcloud
–

LTS_Tom · November 2, 2023, 9:44am

If your ISP does not allow bridging and you don’t have a public IP then this won’t be externally accessible.

alwazw · November 3, 2023, 9:44am

Even in DMZ with DDNS?

LTS_Tom · November 3, 2023, 11:11am

Correct, if you don’t have a public IP you can not share nextcloud.