Nextcloudpi apache2 and cloudflared

Hi All,

I have a cloudflared tunnel with full (strict) with origin certs downloaded that I’ve confirmed can get to my Rpi4 and have installed Nextcloudpi through the install script. My Rpi4 is Raspbian OS 64 Bullseye. The ddns site is registered to a .ml domain, as the config of the tunnel differs with this domain type.

I could be persuaded to install the nextcloudpi through the docker image method, as I now have an SSD in the pi and don’t need to have the data directory on the storage USB drive (not an option in docker image) and I can arrange for the external drive to backup data from connected devices through the nextcloud interface.

The main issue that I’m having is that I cannot seem to have the ddns direct to the nextcloud instance and I keep getting the redirect error message that doesn’t allow it to securely bring up the page.

Apache2 site redacted below:

<IfModule mod_ssl.c>
  <VirtualHost *:80>
        ServerName 192.168.1.XX
        Redirect permanent /
  <VirtualHost *:443>
    DocumentRoot /var/www/nextcloud
    CustomLog /var/log/apache2/nc-access.log combined
    ErrorLog  /var/log/apache2/nc-error.log
    SSLEngine on
    SSLProxyEngine on
    SSLCertificateFile   /home/$USER/Documents/
    SSLCertificateKeyFile /home/$USER/Documents/

    # For notify_push app in NC21
    ProxyPass /push/ws ws://
    ProxyPass /push/
    ProxyPassReverse /push/

  <Directory /var/www/nextcloud/>
    Options +FollowSymlinks
    AllowOverride All
    <IfModule mod_dav.c>
      Dav off
    LimitRequestBody 0
    SSLRenegBufferSize 10486000
  <IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=15768000; includeSubDo>

And my Cloudflare Tunnel redacted is:

tunnel: $tunnel-ID
credentials-file: /home/$USER/.cloudflared/$tunnel-ID.json

  - hostname:
    service: http://192.168.1.XX
  - service: http_status:404