Hi,
I am already using Traefik in an existing configuration with some other containers, Portainer, Dozzle etc. They work great.
I have used Nextcloud before, but only standalone and with its own Traefik instance. Worked great.
Now with Nextcloud-AIO I can’t set it up using internal network, like Portainer:
- "traefik.http.services.portainer-svc.loadbalancer.server.port=9000"
but instead I have to use - url: “http://DNSNAME:11000”, even through Traefik and everything is on the same host. Setting it up this way it feels “sluggish”, slow to response, loading slow.
I have read all-in-one/reverse-proxy.md at main · nextcloud/all-in-one · GitHub, but I can’t get to grips with " 1. On the same server in a Docker container". When I try either solution I get errors, as I am already using networks: in Traefik.
I tried APACHE_IP_BINDING=127.0.0.1 in a .env as well as in the docker-compose for Nextcloud-AIO, stopped all containers via AIO, restarted everything … but when everything is up, I still see
80/tcp, 0.0.0.0:11000->11000/tcp, :::11000->11000/tcp on nextcloud-aio-apache, no localhost.
Everything else works great, just that I can’t get Nextcloud added - as a local Docker service - not as an “external service”. I guess that’s why it is so “sluggish”.
i even tried the internal network “nextcloud-aio” so it seems, but that doesn’t work either. I am always getting a 502.
Can you tell me please how I can configure Traefik to see Nextcloud as a “local service”? Full disclaimer, got to admit, I just started seriously with containers, but been working with Linux for >20 years as a systems admin.
Cheers
Here are my configs:
# compose/nextcloud.yml
volumes: # If you want to store the data on a different drive, see https://github.com/nextcloud/all-in-one#how-to-store-the-filesinstallation-on-a-separate-drive
nextcloud_aio_mastercontainer:
name: nextcloud_aio_mastercontainer # This line is not allowed to be changed as otherwise the built-in backup solution will not work
external: true
nc-data:
driver: local
services:
nextcloud:
image: nextcloud/all-in-one:latest
restart: unless-stopped
container_name: nextcloud-aio-mastercontainer
volumes:
- nextcloud_aio_mastercontainer:/mnt/docker-aio-config
- /var/run/docker.sock:/var/run/docker.sock:ro
- nc-data:/mnt/ncdata
ports:
- 8080:8080
networks:
- traefik
environment:
- NEXTCLOUD_DATADIR=/mnt/ncdata
- APACHE_PORT=11000
# appdata/traefik/rules/app-nextcloud.yml
http:
routers:
nextcloud-rtr:
rule: "Host(`nc.{{env "CLOUDFLARE_ZONE"}}`)"
entryPoints:
- https
service: nextcloud-svc
tls:
options: tls-opts@file
services:
nextcloud-svc:
loadBalancer:
servers:
- url: "http://$INTERNALHOST:11000"
# compose/traefik.yml
services:
traefik:
networks:
- traefik
- socket_proxy
security_opt:
- no-new-privileges:true
restart: always
container_name: traefik
image: traefik:v2.11
ports:
- target: 80
published: 80
protocol: tcp
mode: host
- target: 443
published: 443
protocol: tcp
mode: host
volumes:
- $DOCKERDIR/appdata/traefik/traefik.yml:/traefik.yml:ro
- $DOCKERDIR/appdata/traefik/rules:/rules # file provider directory
- $DOCKERDIR/appdata/traefik/acme/acme.json:/acme.json # cert location - you must create this empty file and change permissions to 600
- $DOCKERDIR/logs/traefik:/logs # for fail2ban or crowdsec
- $DOCKERDIR/shared:/shared
environment:
- TZ=$TZ
- CF_API_EMAIL=$CLOUDFLARE_EMAIL
- CF_API_KEY=$CLOUDFLARE_GLOBAL_KEY
- CLOUDFLARE_ZONE
labels:
- "traefik.enable=true"
# HTTP-to-HTTPS Redirect
- "traefik.http.routers.http-catchall.entrypoints=http"
- "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
# HTTP Routers
- "traefik.http.routers.traefik-rtr.entrypoints=https"
- "traefik.http.routers.traefik-rtr.rule=Host(`traefik.$CLOUDFLARE_ZONE` )"
## Services - API
- "traefik.http.routers.traefik-rtr.service=api@internal"
# Middlewares
- "traefik.http.routers.traefik-rtr.middlewares=chain-authelia@file"