AIO with traefik v3 - 502 Bad Gateway

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP, AIO)
, , , , ,
1

The Basics

  • Nextcloud Server version (e.g., 29.x.x):
    • AIO 11.7.0
  • Operating system and version (e.g., Ubuntu 24.04):
    • Docker container
  • Reverse proxy and version _(e.g. nginx 1.27.2)
    • traefik 3.5.0
  • Is this the first time you’ve seen this error? (Yes / No):
    • Yes
  • Installation method (e.g. AlO, NCP, Bare Metal/Archive, etc.)
    • AIO
  • Are you using CloudfIare, mod_security, or similar? (Yes / No)
    • No

Summary of the issue you are facing:

Receiving 502 Bad Gateway when trying to loing for the first time
I can see the local admin page. All containers are green.
No errors in traefik

Thank you for any hints on this!

Log entries

from the aio-nextcloud container

Waiting for nextcloud-aio-apache to become available...
[08-Sep-2025 11:24:58] NOTICE: fpm is running, pid 309
[08-Sep-2025 11:24:58] NOTICE: ready to handle connections
Connection to nextcloud-aio-apache (172.22.0.13) 11000 port [tcp/*] succeeded!
Activating Collabora config...
✓ Reset callback url autodetect
Checking configuration
🛈 Configured WOPI URL: https://ncaio.domain.tld
🛈 Configured public WOPI URL: https://ncaio.domain.tld
🛈 Configured callback URL: 
Failed to fetch discovery endpoint from https://ncaio.domain.tld
Server error: `GET https://ncaio.domain.tld/hosting/discovery` resulted in a `502 Bad Gateway` response: Bad Gateway

from the aio-apache container

Waiting for Nextcloud to start...
Connection to nextcloud-aio-nextcloud (172.22.0.12) 9000 port [tcp/*] succeeded!
/usr/lib/python3.12/site-packages/supervisor/options.py:13: UserWarning: pkg_resources is deprecated as an API. See https://setuptools.pypa.io/en/latest/pkg_resources.html. The pkg_resources package is slated for removal as early as 2025-11-30. Refrain from using this package or pin to Setuptools<81.
  import pkg_resources
INF ts=1757323500.3824372 msg=maxprocs: Leaving GOMAXPROCS=4: CPU quota undefined
INF ts=1757323500.383119 msg=GOMEMLIMIT is updated package=github.com/KimMachineGun/automemlimit/memlimit GOMEMLIMIT=14915602022 previous=9223372036854776000
INF ts=1757323500.3831644 msg=using config from file file=/tmp/Caddyfile
INF ts=1757323500.3863878 msg=adapted config to JSON adapter=caddyfile
[Mon Sep 08 11:25:00.392287 2025] [mpm_event:notice] [pid 65:tid 65] AH00489: Apache/2.4.65 (Unix) configured -- resuming normal operations
[Mon Sep 08 11:25:00.392358 2025] [core:notice] [pid 65:tid 65] AH00094: Command line: '/usr/local/apache2/bin/httpd -D FOREGROUND'
INF ts=1757323500.394925 msg=serving initial configuration

Configuration

from docker-compose.yml

services:
  nextcloud-aio-mastercontainer:
    image: nextcloud/all-in-one:latest
    init: true
    restart: always
    container_name: nextcloud-aio-mastercontainer
    volumes:
      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
      - /var/run/docker.sock:/var/run/docker.sock:ro
    networks:
      - proxy
    ports:
      - 8080:8080
    environment:
      APACHE_PORT: 11000
      APACHE_IP_BINDING: 0.0.0.0
      APACHE_ADDITIONAL_NETWORK: proxy
      APACHE_TRUSTED_PROXIES: 172.0.0.0/8
      NEXTCLOUD_TRUSTED_PROXIES: 172.0.0.0/8
      FULLTEXTSEARCH_JAVA_OPTIONS: "-Xms1024M -Xmx1024M"
      NEXTCLOUD_DATADIR: /data/ncdata-aio
      SKIP_DOMAIN_VALIDATION: true
    labels:
      - "traefik.enable=true"
      - "traefik.http.services.ncaio-https.loadbalancer.server.url=http://nextcloud-aio-apache:11000"
volumes:
  nextcloud_aio_mastercontainer:
    name: nextcloud_aio_mastercontainer
networks:
  proxy:
    external: true
2

this config only defines a “service”

but there is no “router” so traefik has no idea which requests it should send to this system.. look at this example:

I’m not sure you need this in full Docker scenario where reverse proxy and webserver are connected through internal Docker network.

3

@wwe Thanks a lot! I misread somewhere only those lines would be required. What do your static/dynamic traefik files look like if I may ask?

4
5

@wwe Thank you for trying hard to help. While this has been very helpfull for configuring the other nextcloud (non-aio) instances running I am assuming something aio specific needs to be solved here.

6

While I do have in docker-compose.yml of nextcoud-aio-mastercontainer

    environment:
      - APACHE_PORT=11000
      - APACHE_IP_BINDING=0.0.0.0

This does not seem to have an impact as I would expect to see 11000 in here - or?

$ docker exec -it nextcloud-aio-mastercontainer sh
/var/www/docker-aio # netstat -tuln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       
tcp        0      0 127.0.0.11:41515        0.0.0.0:*               LISTEN      
tcp        0      0 127.0.0.1:2019          0.0.0.0:*               LISTEN      
tcp        0      0 127.0.0.1:9876          0.0.0.0:*               LISTEN      
tcp        0      0 :::8000                 :::*                    LISTEN      
tcp        0      0 :::8080                 :::*                    LISTEN      
tcp        0      0 :::80                   :::*                    LISTEN      
tcp        0      0 :::8443                 :::*                    LISTEN      
tcp        0      0 :::9000                 :::*                    LISTEN      
udp        0      0 127.0.0.11:37772        0.0.0.0:*