Yes, that is what I did. It is now stuck trying the domain check. The AIO webui is at:
Oh, log of the AIO container has some concern in it….
[nextcloud-aio-mastercontainer] | Trying to fix docker.sock permissions internally...
[nextcloud-aio-mastercontainer] | Adding internal www-data to group root
[nextcloud-aio-mastercontainer] | Initial startup of Nextcloud All-in-One complete!
[nextcloud-aio-mastercontainer] | You should be able to open the Nextcloud AIO Interface now on port 8080 of this server!
[nextcloud-aio-mastercontainer] | E.g. https://internal.ip.of.this.server:8080
[nextcloud-aio-mastercontainer] | ⚠️ Important: do always use an ip-address if you access this port and not a domain as HSTS might block access to it later!
[nextcloud-aio-mastercontainer] |
[nextcloud-aio-mastercontainer] | If your server has port 80 and 8443 open and you point a domain to your server, you can get a valid certificate automatically by opening the Nextcloud AIO Interface via:
[nextcloud-aio-mastercontainer] | https://your-domain-that-points-to-this-server.tld:8443
[nextcloud-aio-mastercontainer] | [12-Apr-2026 12:42:06] NOTICE: fpm is running, pid 190
[nextcloud-aio-mastercontainer] | [12-Apr-2026 12:42:06] NOTICE: ready to handle connections
[nextcloud-aio-mastercontainer] | NOTICE: PHP message: Could not get digest of container docker.io/nextcloud/all-in-one:latest Client error: `HEAD https://registry-1.docker.io/v2/docker.io/nextcloud/all-in-one/manifests/latest` resulted in a `401 Unauthorized` response
[nextcloud-aio-mastercontainer] | NOTICE: PHP message: Could not get digest of container docker.io/nextcloud/all-in-one:latest Client error: `HEAD https://registry-1.docker.io/v2/docker.io/nextcloud/all-in-one/manifests/latest` resulted in a `401 Unauthorized` response
[nextcloud-aio-mastercontainer] | NOTICE: PHP message: Slim Application Error
[nextcloud-aio-mastercontainer] | Type: Exception
[nextcloud-aio-mastercontainer] | Code: 0
[nextcloud-aio-mastercontainer] | Message: Could not create container nextcloud-aio-borgbackup: {"cause":"permission denied","message":"make cli opts(): making volume mountpoint for volume /data/nextCloudData/: mkdir /data: permission denied","response":500}
[nextcloud-aio-mastercontainer] | File: /var/www/docker-aio/php/src/Docker/DockerActionManager.php
[nextcloud-aio-mastercontainer] | Line: 460
[nextcloud-aio-mastercontainer] | Trace: #0 /var/www/docker-aio/php/src/Controller/DockerController.php(43): AIO\Docker\DockerActionManager->CreateContainer(Object(AIO\Container\Container))
[nextcloud-aio-mastercontainer] | #1 /var/www/docker-aio/php/src/Controller/DockerController.php(205): AIO\Controller\DockerController->PerformRecursiveContainerStart('nextcloud-aio-b...', true, Object(Closure))
[nextcloud-aio-mastercontainer] | #2 /var/www/docker-aio/php/vendor/slim/slim/Slim/Handlers/Strategies/RequestResponse.php(39): AIO\Controller\DockerController->StartBackupContainerTest(Object(Slim\Psr7\Request), Object(Slim\Psr7\Response), Array)
[nextcloud-aio-mastercontainer] | #3 /var/www/docker-aio/php/vendor/slim/slim/Slim/Routing/Route.php(362): Slim\Handlers\Strategies\RequestResponse->__invoke(Array, Object(Slim\Psr7\Request), Object(Slim\Psr7\Response), Array)
[nextcloud-aio-mastercontainer] | #4 /var/www/docker-aio/php/vendor/slim/slim/Slim/MiddlewareDispatcher.php(73): Slim\Routing\Route->handle(Object(Slim\Psr7\Request))
[nextcloud-aio-mastercontainer] | #5 /var/www/docker-aio/php/vendor/slim/slim/Slim/MiddlewareDispatcher.php(73): Slim\MiddlewareDispatcher->handle(Object(Slim\Psr7\Request))
[nextcloud-aio-mastercontainer] | #6 /var/www/docker-aio/php/vendor/slim/slim/Slim/Routing/Route.php(321): Slim\MiddlewareDispatcher->handle(Object(Slim\Psr7\Request))
[nextcloud-aio-mastercontainer] | #7 /var/www/docker-aio/php/vendor/slim/slim/Slim/Routing/RouteRunner.php(74): Slim\Routing\Route->run(Object(Slim\Psr7\Request))
[nextcloud-aio-mastercontainer] | #8 /var/www/docker-aio/php/vendor/slim/csrf/src/Guard.php(482): Slim\Routing\RouteRunner->handle(Object(Slim\Psr7\Request))
[nextcloud-aio-mastercontainer] | #9 /var/www/docker-aio/php/vendor/slim/slim/Slim/MiddlewareDispatcher.php(178): Slim\Csrf\Guard->process(Object(Slim\Psr7\Request), Object(Slim\Routing\RouteRunner))
[nextcloud-aio-mastercontainer] | #10 /var/www/docker-aio/php/vendor/slim/twig-view/src/TwigMiddleware.php(117): Psr\Http\Server\RequestHandlerInterface@anonymous->handle(Object(Slim\Psr7\Request))
[nextcloud-aio-mastercontainer] | #11 /var/www/docker-aio/php/vendor/slim/slim/Slim/MiddlewareDispatcher.php(129): Slim\Views\TwigMiddleware->process(Object(Slim\Psr7\Request), Object(Psr\Http\Server\RequestHandlerInterface@anonymous))
[nextcloud-aio-mastercontainer] | #12 /var/www/docker-aio/php/src/Middleware/AuthMiddleware.php(54): Psr\Http\Server\RequestHandlerInterface@anonymous->handle(Object(Slim\Psr7\Request))
[nextcloud-aio-mastercontainer] | #13 /var/www/docker-aio/php/vendor/slim/slim/Slim/MiddlewareDispatcher.php(283): AIO\Middleware\AuthMiddleware->__invoke(Object(Slim\Psr7\Request), Object(Psr\Http\Server\RequestHandlerInterface@anonymous))
[nextcloud-aio-mastercontainer] | #14 /var/www/docker-aio/php/vendor/slim/slim/Slim/Middleware/ErrorMiddleware.php(77): Psr\Http\Server\RequestHandlerInterface@anonymous->handle(Object(Slim\Psr7\Request))
[nextcloud-aio-mastercontainer] | #15 /var/www/docker-aio/php/vendor/slim/slim/Slim/MiddlewareDispatcher.php(129): Slim\Middleware\ErrorMiddleware->process(Object(Slim\Psr7\Request), Object(Psr\Http\Server\RequestHandlerInterface@anonymous))
[nextcloud-aio-mastercontainer] | #16 /var/www/docker-aio/php/vendor/slim/slim/Slim/MiddlewareDispatcher.php(73): Psr\Http\Server\RequestHandlerInterface@anonymous->handle(Object(Slim\Psr7\Request))
[nextcloud-aio-mastercontainer] | #17 /var/www/docker-aio/php/vendor/slim/slim/Slim/App.php(209): Slim\MiddlewareDispatcher->handle(Object(Slim\Psr7\Request))
[nextcloud-aio-mastercontainer] | #18 /var/www/docker-aio/php/vendor/slim/slim/Slim/App.php(193): Slim\App->handle(Object(Slim\Psr7\Request))
[nextcloud-aio-mastercontainer] | #19 /var/www/docker-aio/php/public/index.php(220): Slim\App->run()
[nextcloud-aio-mastercontainer] | #20 {main}
[nextcloud-aio-mastercontainer] | Tips: To display error details in HTTP response set "displayErrorDetails" to true in the ErrorHandler constructor.
[nextcloud-aio-mastercontainer] | NOTICE: PHP message: Could not get digest of container docker.io/nextcloud/all-in-one:latest Client error: `HEAD https://registry-1.docker.io/v2/docker.io/nextcloud/all-in-one/manifests/latest` resulted in a `401 Unauthorized` response
Yeah this is probably the problem you run into. What kind of docker version is this and which OS and is there a network mount mounted at /data/nextCloudData/ maybe?
Oh, ignore me, apparently my reading comprehension goes up after pasting.
It’s a directory issue on this host, I can fix that
So having made /data be something with wide open permissions, that error doesn’t occur.
It doesn’t progress any further. Only the domaincheck container is spawned.
Yeah, I’m not trying this anywhere close to the right way. This desktop is NixOS and I’m using podman 5.8.1.
Even with this not progressing, should it have retrieved a configuration.yaml that would be useful to me? I would have thought so, as there is no need for a domain check before it’s figured out what domain to use. But find can’t see any useful yaml files.
Thank you so much for all the assistance you’ve given me thus far. But it is time to sleep, and I probably wont be looking at this again till Tuesday.
Podman is not officially supported by AIO. Can you try docker instead?
As docker has two base options root/rootless, I switch to root and same error.
Please post the docker compose file or docker run command here that you used
╰─ cat compose.yaml
services:
nextcloud-aio-mastercontainer:
image: nextcloud/all-in-one:latest
init: true
restart: always
container_name: nextcloud-aio-mastercontainer # This line is not allowed to be changed as otherwise AIO will not work correctly
#network_mode: bridge
volumes:
- nextcloud_aio_mastercontainer:/mnt/docker-aio-config # This line is not allowed to be changed as otherwise the built-in backup solution will not work
- /run/user/1000/podman/podman.sock:/var/run/docker.sock:ro # May be changed on macOS, Windows or docker rootless. See the applicable documentation. If adjusting, don't forget to also set 'WATCHTOWER_DOCKER_SOCKET_PATH'!
dns:
- 127.0.0.1
- 172.16.69.219
- 172.16.69.227
- 8.8.8.8
ports:
# - 11080:80 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
- 11088:8080
# - 18443:8443 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
environment: # Is needed when using any of the options below
# - AIO_DISABLE_BACKUP_SECTION=false # Setting this to true allows to hide the backup section in the AIO interface. See https://github.com/nextcloud/all-in-one#how-to-disable-the-backup-section
- APACHE_PORT=11000 # Is needed when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
- APACHE_IP_BINDING=0.0.0.0 # Should be set when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else) that is running on the same host. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
# - BORG_RETENTION_POLICY=--keep-within=7d --keep-weekly=4 --keep-monthly=6 # Allows to adjust borgs retention policy. See https://github.com/nextcloud/all-in-one#how-to-adjust-borgs-retention-policy
# - COLLABORA_SECCOMP_DISABLED=false # Setting this to true allows to disable Collabora's Seccomp feature. See https://github.com/nextcloud/all-in-one#how-to-disable-collaboras-seccomp-feature
- NEXTCLOUD_DATADIR=/data/nextCloudData/ # Allows to set the host directory for Nextcloud's datadir. ⚠️⚠️⚠️ Warning: do not set or adjust this value after the initial Nextcloud installation is done! See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir
# - NEXTCLOUD_MOUNT=/mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host
# - NEXTCLOUD_UPLOAD_LIMIT=10G # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-upload-limit-for-nextcloud
# - NEXTCLOUD_MAX_TIME=3600 # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-max-execution-time-for-nextcloud
# - NEXTCLOUD_MEMORY_LIMIT=512M # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-php-memory-limit-for-nextcloud
# - NEXTCLOUD_TRUSTED_CACERTS_DIR=/path/to/my/cacerts # CA certificates in this directory will be trusted by the OS of the nexcloud container (Useful e.g. for LDAPS) See See https://github.com/nextcloud/all-in-one#how-to-trust-user-defined-certification-authorities-ca
# - NEXTCLOUD_STARTUP_APPS=deck twofactor_totp tasks calendar contacts notes # Allows to modify the Nextcloud apps that are installed on starting AIO the first time. See https://github.com/nextcloud/all-in-one#how-to-change-the-nextcloud-apps-that-are-installed-on-the-first-startup
# - NEXTCLOUD_ADDITIONAL_APKS=imagemagick # This allows to add additional packages to the Nextcloud container permanently. Default is imagemagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-os-packages-permanently-to-the-nextcloud-container
# - NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS=imagick # This allows to add additional php extensions to the Nextcloud container permanently. Default is imagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-php-extensions-permanently-to-the-nextcloud-container
# - NEXTCLOUD_ENABLE_DRI_DEVICE=true # This allows to enable the /dev/dri device in the Nextcloud container. ⚠️⚠️⚠️ Warning: this only works if the '/dev/dri' device is present on the host! If it should not exist on your host, don't set this to true as otherwise the Nextcloud container will fail to start! See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-transcoding-for-nextcloud
# - NEXTCLOUD_KEEP_DISABLED_APPS=false # Setting this to true will keep Nextcloud apps that are disabled in the AIO interface and not uninstall them if they should be installed. See https://github.com/nextcloud/all-in-one#how-to-keep-disabled-apps
# - TALK_PORT=3478 # This allows to adjust the port that the talk container is using. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-talk-port
# - WATCHTOWER_DOCKER_SOCKET_PATH=/var/run/docker.sock # Needs to be specified if the docker socket on the host is not located in the default '/var/run/docker.sock'. Otherwise mastercontainer updates will fail. For macos it needs to be '/var/run/docker.sock'
# networks: # Is needed when you want to create the nextcloud-aio network with ipv6-support using this file, see the network config at the bottom of the file
# - nextcloud-aio # Is needed when you want to create the nextcloud-aio network with ipv6-support using this file, see the network config at the bottom of the file
# # Optional: Caddy reverse proxy. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
# # You can find further examples here: https://github.com/nextcloud/all-in-one/discussions/588
# caddy:
# image: caddy:alpine
# restart: always
# container_name: caddy
# volumes:
# - ./Caddyfile:/etc/caddy/Caddyfile
# - ./certs:/certs
# - ./config:/config
# - ./data:/data
# - ./sites:/srv
# network_mode: "host"
volumes:
nextcloud_aio_mastercontainer:
name: nextcloud_aio_mastercontainer # This line is not allowed to be changed as otherwise the built-in backup solution will not work
# # Optional: If you need ipv6, follow step 1 and 2 of https://github.com/nextcloud/all-in-one/blob/main/docker-ipv6-support.md first and then uncomment the below config in order to activate ipv6 for the internal nextcloud-aio network.
# # Please make sure to uncomment also the networking lines of the mastercontainer above in order to actually create the network with docker-compose
# networks:
# nextcloud-aio:
# name: nextcloud-aio # This line is not allowed to be changed as otherwise the created network will not be used by the other containers of AIO
# driver: bridge
# enable_ipv6: true
# ipam:
# driver: default
# config:
# - subnet: fd12:3456:789a:2::/64 # IPv6 subnet to use
Ahh, the podman.sock is obviously wrong 
This is now released with v13.0.0 Beta. Testing and feedback is welcome! See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance. · GitHub
Progress being made, it would be nice if the UI would show any logs, or any information about how the borg backup is going…
But docker logs give useful outputs.
Digging into /var/log/audit/audit.log on my server to figure out what was up. A useful error of “permission error” would be really handy when dealing with why borg backup isn’t reading.
As would putting the borgbackup error into the AIO web interface.
“The backup archive does not contain a valid Nextcloud AIO backup.” is a useful line.
I guess I’m setting up from scratch again.
Trying to figure out how to set up next cloud in a reliable way.