Unifi, Cloudflare and Nextcloud tunnels

My situation is ( and I can't imagine it's unique), I have proxmox running bare metal, on that I have the main cloudflare tunnel, then I have Home assistant ( with it's own cloudflare add-on), and then I have CasaOS running Nextcloud (for auto phone and PC/Mac backups), and want to be able to access the data while on the move as well. Note while I have CasaOS at the moment, I have experienced the exact same issues with Truenas (and Nextcloud), and Nextcloud base app. I can only get CasaOS to work externally if it has it's own instance of Cloudflare running within it. However the moment I start the CasaOS Cloudflare, my Home assistant URL becomes slow, might occasionally connect, but most of the time I get "Bad request:400" error. If I turn the CasaOS Cloudflare off, then Home Assistant runs perfectly. I do however lose access to CasaOs. I am not too bothered by CasaOS external access, just using it as a way to ensure things were working. Even with the CasaOs Cloudflare tunnel working, I still cannot get Nextcloud to work externally. Has anyone encountered similar issues and managed to resolve them? What I don't get is why if I have Cloudflare set up as it's on CT, why I still need Cloudflare apps running on both CasaOS and Home Assistant, I would have thought the Cloudflare CT could just redirect the traffic on the same network. Networking is something I am not very good with, proxy, reverse proxy, cowboy Proxy, it makes almost no sense to me. So I am most likely just doing something wrong, but I have been at this for over a month and installed/reinstalled some for of cloud/NAS system close to 40/50 times and I am close to chucking it all in. I am using cloudflare Zero trust, if that makes any difference
9 Replies
Chaika
Chaika4mo ago
I can only get CasaOS to work externally if it has it's own instance of Cloudflare running within it. However the moment I start the CasaOS Cloudflare, my Home assistant URL becomes slow, might occasionally connect, but most of the time I get "Bad request:400" error. If I turn the CasaOS Cloudflare off, then Home Assistant runs perfectly. I do however lose access to CasaOs. I am not too bothered by CasaOS external access, just using it as a way to ensure things were working.
This description sounds like to me you're reusing the same tunnel for both the external tunnel and the one inside of CasaOS. Every tunnel replica needs to be able to reach all public hostnames, so your CasaOS one should have a unique tunnel with the public hostname for CasaOS within
Even with the CasaOs Cloudflare tunnel working, I still cannot get Nextcloud to work externally.
Nextcloud probably has some specific proxy configuration needed. Would need more info about it's errors and such
What I don't get is why if I have Cloudflare set up as it's on CT, why I still need Cloudflare apps running on both CasaOS and Home Assistant, I would have thought the Cloudflare CT could just redirect the traffic on the same network.
That all depends on your own networking/setup. It sounds like in this case CasaOS has a specific networking setup preventing you from connecting to it externally, but you haven't provided any info about its errors
LordOfTheBunnies
LordOfTheBunniesOP4mo ago
Thanks for the reply, one of the guys in the CasaOS discord channels helped me get it working, a fresh install and a few settings, update Cloudflare CT and it seems to be finally working. What I don't get is though, if I apply the same settings to my TrueNas Nextcloud, with a different domain, then that Nextcloud instance won't work. The reason I have 2 is that I am testing out CasaOS and TrueNas
Chaika
Chaika4mo ago
What I don't get is though, if I apply the same settings to my TrueNas Nextcloud, with a different domain, then that Nextcloud instance won't work. The reason I have 2 is that I am testing out CasaOS and TrueNas
So you have two machines, one with casaos/nextcloud/home assistant on it working, and another with truenas nextcloud. When you try to make the truenas nextcloud work, are you making a whole new tunnel, setting it up, adding public hostname, etc?
LordOfTheBunnies
LordOfTheBunniesOP4mo ago
I have 1 machine running proxmox, on that I have a CT for standalone Proxmox, Home assistant, a win 11 VM, CasaOS running Nextcloud, and TrueNas running Nextcloud. All on different ports. Followed all the same steps for setting up the tunnels.
Chaika
Chaika4mo ago
each separate environment should have its own tunnel. Each tunnel instance needs to be able to reach all public hostnames for it. Are you saying you have a seperate tunnel for each, or just one?
LordOfTheBunnies
LordOfTheBunniesOP4mo ago
Excuse the crudeness, just had to update this on a phone. This is my set up
LordOfTheBunnies
LordOfTheBunniesOP4mo ago
No description
LordOfTheBunnies
LordOfTheBunniesOP4mo ago
And everything except Nextcloud on True Nas ( and Truenas itself, as I haven't set that up) can be accessed from my single Proxmox tunnel, including completely separate hardware such as My UDM Pro Router
Chaika
Chaika3mo ago
That's a nice helpful graphic but it didn't really answer the question. Inside of the Zero Trust dashboard, how many unique tunnels are you using? The tunnel add-on should have its unique tunnel rather then running the same tunnel as the one on your proxmox, for example. Other then that for truenas nextcloud it'd be helpful to get the error its outputting. When you go to connect, I assume you get a bad gateway/502? Your tunnel logs (ex: journalctl -u cloudflared -f --lines=100 should show more about the failure when you try to reach it
Want results from more Discord servers?
Add your server