Using a domain for my web server
Hello, i've set up cloudflare DNS, and have a local HTTP web server at
127.0.0.1:80 (specifically a nextcloud instance). I've set nginx to act as a reverse proxy, passing http://127.0.0.1:80 to https://nextcloud.olai.dev. It's set to enforce TLS, and i've got an ACME certificate set up. I then configured an A record like in the picture. I've tested that ssh -L 1234:localhost:80 olai@<the ip> works, so i'm 99% sure the problem lies with either cloudflare og nginx. What can i do to debug it?
Going to https://nextcloud.olai.dev results in a The connection has timed out error.
The config is here, it's written in nix, but should be similar to what it would be without. The reverse proxy part is the same as in the nixos wiki
28 Replies
Additionally, i've also made sure that ports 80 and 443 are opened for TCP on both the server and the vcn.
I also noticed that this error appears when the server is shut down, which indicates that something is happening when it's turned on
It's gray clouded/DNS-only so the inability to connect has nothing to do with Cloudflare (Cloudflare simply is doing dns/returning the dns record, not doing cdn/proxying) and blurring the IP doesn't achieve anything because anyone can lookup that subdomain and get it
Looks like Oracle. Oracle has some weirdness with their firewall, can't use ufw for example: https://stackoverflow.com/questions/62326988/cant-access-oracle-cloud-always-free-compute-http-port/64053781#64053781
I'd also make sure you are allowing 80/443 inbound in Oracle's firewall
alternatively you can use Cloudflare Tunnels: https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/ w/ proxy enabled, which connect outbound to Cloudflare and proxy connections in. Don't need to worry about incoming ports/nat/ip changing with that, you install
cloudflared to run locally on your server so you can skip nginx as well and have it connect directlyCloudflare Docs
Create a remotely-managed tunnel (dashboard) | Cloudflare Zero Trus...
Follow this step-by-step guide to get your first tunnel up and running using Zero Trust.
Stack Overflow
Can't access Oracle Cloud Always Free Compute http port
Yesterday, I was set up my first always free compute VM. I installed ubuntu 18.04 minimal on my VM. For my web service need, I installed Nginx. I'm confused because when I tried to access my public...
Thanks, i’ll take a look at this tomorrow. I tried the tunnels previously on a raspberry pi, but wasn’t able to access the web ui in cloudflare on the free tier for some reason. It’s a bit strange that this happened, because it previously worked (for another service), but suddenly stopped
. I tried the tunnels previously on a raspberry pi, but wasn’t able to access the web ui in cloudflare on the free tier for some reasonit give you a specific error or something?
I don’t really know, think it was telling me to upgrade to another tier, but i checked right now and everything seems to work, so it looks like a good alternative to messing with ports.
I tried using tunnels, the systemd service started, but i now get an error 1033 when trying to access the tunnel
this is what i get from the logs (too long for discord to upload as text)
there are a few
WRN Connection terminated error="timeout: no recent network activity" connIndex=2that's it?
journalctl -u cloudflared -f --lines=100 doesn't show anything more interesting/recent?that's it, i just started it a minutes earlier, then tried accessing it from a local web browser
you're sure that subdomain/domain is linked to that public hostname on that tunnel?
i have an ingress rule set pointing
nextcloud.olai.dev to http://localhost:80how many tunnels do you have created?
just that one
i followed the docs for creating it with the CLI, then used the generated credentials file
the dashboard does reflect the change if i stop the systemd service, it went from HEALTHY to DOWN
cool, and on that tunnel which goes up/down is the public hostname
nextcloud.olai.dev
(1033 is an error caused by no cloudflare -> tunnel, this wouldn't be caused by origin issues. The thing I'm trying to hint you towards is that nextcloud subdomain probably isn't pointing to the right cname somehow)i'm not sure, this is what the dashboard says
i didn't get any prompt to specify the subdomain, other than the ingress rule i created on the server
wydm the ingress rule you created on the server
you're using config.yml?
i'm using nix as an abstraction layer, but that creates a config.yml
and in that file i set the ingress rule
you created that tunnel from the dashboard/tried modifying its settings from there at all?
i created it from the CLI. i tried making one from the dashboard first, but i couldn't find out a way to create a credentials file (nix needs me to specify an already existing one), so i created it with the CLI instead
should i try the migrate button?
That part makes sense then. So if you go to DNS -> Records (from the normal dash under your domain), for the
nextcloud record, what's the CNAME Target? Should be something like <tunnel-id>.cfargotunnel.com (safe to expose tunnel id, it's only usable by your account)
noit says
d09e3e72-8d66-4912-a8ad-491892a1c9d7.cfargotunnel.com
hmm
that's different from my tunnel's idcool, grab the tunnel id from here and replace
replace w/ fe80 ending one, that is
adding ingress rule from config.yml doesn't auto create dns record (or update), using dashboard managed tunnels do, or using some cloudflared command can, or you can just do it yourself manually. I'm guessing that got auto created by the dashboard tunnel or some other way, eitherway is out of date
that seems to have worked, i now get an error from nextcloud itself, so it looks like the tunnel works now
yup tunnel working fine, just have to modify application config
alright thanks for all the help!