The community help forum (help.nextcloud.com) is for home and non-enterprise users. Support is provided by other community members on a best effort / “as available” basis. All of those responding are volunteering their time to help you.
If you’re using Nextcloud in a business/critical setting, paid and SLA-based support services can be accessed via portal.nextcloud.com where Nextcloud engineers can help ensure your business keeps running smoothly.
Getting help
In order to help you as efficiently (and quickly!) as possible, please fill in as much of the below requested information as you can.
Before clicking submit: Please check if your query is already addressed via the following resources:
(Utilizing these existing resources is typically faster. It also helps reduce the load on our generous volunteers while elevating the signal to noise ratio of the forums otherwise arising from the same queries being posted repeatedly).
Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can.
The Basics
Nextcloud Server version (e.g., 29.x.x):
latest AIO
Operating system and version (e.g., Ubuntu 24.04):
Debian12
Web server and version (e.g, Apache 2.4.25):
AIO built-in
Reverse proxy and version _(e.g. nginx 1.27.2)
planned: Caddy
PHP version (e.g, 8.3):
AIO built-in
Is this the first time you’ve seen this error? (Yes / No):
no error
When did this problem seem to first start?
no problem
Installation method (e.g. AlO, NCP, Bare Metal/Archive, etc.)
AIO
Are you using CloudfIare, mod_security, or similar? (Yes / No)
no
Summary of the issue you are facing:
Dear all, I have sucessfully set up Nextcloud AIO on a rented server, separate data directory, all the rest default at mydomain.com - works some weeks now like a charm with lots of data in it!
Now (quite late) I plan to run more services on the same server / IP and so use Caddy as reverse proxy. I would wish to be able to run nextcloud at nc.mydomain.com, having Caddy caring for the TLS/letsencrypt etc.
So my question is: What is the best way for my installation to move from direct access mydomain.com to nc.mydomain.com via Caddy as reverse proxy? Is it possible at all? Is it easy to adjust the mastercontainer / other containers (how?), or should I use a backup, build a new installation with Caddy / reverse proxy and restore it? (I fear a bit, lots of data, may take very long downtime.. will the data go to the right place, ..) ?
I hope I explained well, sorry if not (is my first post here..) Questions welcome.
That sounds great! Nothing at all to change inside Nextcloud containers about new name including subdomain or no need for internal ssl certificate anymore? Will try soon and report, thanks!
As assumed, it is not that easy first, the port seems to be 9000 instead 11000, but there are plenty of other ports used and also bound, so the existing installation of nextcloud AIO uses 80 / 443 already, has it’s certificate etc:
# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 48a0be281925 ``ghcr.io/nextcloud-releases/aio-apache:latest`` “/start.sh /usr/bin/…” About an hour ago Up About an hour (healthy) 80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:443->443/udp, [::]:443->443/tcp, [::]:443->443/udp nextcloud-aio-apache 0b946ad5b067 ``ghcr.io/nextcloud-releases/aio-nextcloud:latest`` “/start.sh /usr/bin/…” About an hour ago Up About an hour (healthy) 9000/tcp nextcloud-aio-nextcloud 5673d89a34a0 ``ghcr.io/nextcloud-releases/aio-imaginary:latest`` “/start.sh” About an hour ago Up About an hour (healthy) nextcloud-aio-imaginary 0a6f09330439 ``ghcr.io/nextcloud-releases/aio-redis:latest`` “/start.sh” About an hour ago Up About an hour (healthy) 6379/tcp nextcloud-aio-redis bca549647681 ``ghcr.io/nextcloud-releases/aio-postgresql:latest`` “/start.sh” About an hour ago Up About an hour (healthy) 5432/tcp nextcloud-aio-database f3156031a32f ``ghcr.io/nextcloud-releases/aio-whiteboard:latest`` “/start.sh” About an hour ago Up About an hour (healthy) 3002/tcp nextcloud-aio-whiteboard c3d0f656403f ``ghcr.io/nextcloud-releases/aio-notify-push:latest`` “/start.sh” About an hour ago Up About an hour (healthy) nextcloud-aio-notify-push 192cedc8b823 ``ghcr.io/nextcloud-releases/aio-talk:latest`` “/start.sh superviso…” About an hour ago Up About an hour (healthy) 0.0.0.0:3478->3478/tcp, 0.0.0.0:3478->3478/udp, [::]:3478->3478/tcp, [::]:3478->3478/udp nextcloud-aio-talk 3f49720f0dda ``ghcr.io/nextcloud-releases/aio-collabora:latest`` “/start-collabora-on…” About an hour ago Up About an hour (healthy) 9980/tcp nextcloud-aio-collabora 4102296f366b plexinc/pms-docker:latest “/init” About an hour ago Up About an hour (healthy) nextcloud-aio-plex 93ff8f1aeae0 ``ghcr.io/szaimen/aio-fail2ban:v1`` “/start.sh” About an hour ago Up About an hour nextcloud-aio-fail2ban 91cf68d9293a waja/calcardbackup:latest “/run.sh” About an hour ago Up About an hour nextcloud-aio-calcardbackup e7ff75f39212 ``ghcr.io/nextcloud-releases/aio-borgbackup:latest`` “/start.sh” About an hour ago Exited (0) About an hour ago nextcloud-aio-borgbackup b6b263679cf0 ``ghcr.io/nextcloud-releases/aio-domaincheck:latest`` “/start.sh” 2 hours ago Exited (143) About an hour ago nextcloud-aio-domaincheck 63cf416fe009 ``ghcr.io/nextcloud-releases/all-in-one:latest`` “/start.sh” 2 hours ago Up About an hour (healthy) 0.0.0.0:80->80/tcp, [::]:80->80/tcp, 0.0.0.0:8080->8080/tcp, [::]:8080->8080/tcp, 0.0.0.0:8443->8443/tcp, [::]:8443->8443/tcp, 9000/tcp nextcloud-aio-mastercontainer
docker compose up -d [+] up 1/2 ✔ Network caddy_default Created 0.0s ⠦ Container caddy Starting 0.6s Error response from daemon: failed to set up container networking: driver failed programming external connectivity on endpoint caddy (9483fd5e2671df85b07191aa0db766435e5c9b892056d6b7478c9d243fba6ce3): Bind for 0.0.0.0:80 failed: port is already allocated
Yes, it is exactly like you say. Nextcloud AIO takes port 80 and 443 for itself. Because of this, Caddy has an error and cannot start. (…port is already allocated)
I hope this works for you.
1. Stop the old Nextcloud container
First, we must stop the current mastercontainer. The data is safe.
Now the caddy container starts, but can’t get a certificate established. Maybe because it cannot “see/access” the nextcloud, in order to respond to the challenge? from the caddy logs:
{“level”:“error”,“ts”:1776845642.55558,“logger”:“tls.obtain”,“msg”:“could not get certificate from issuer”,“identifier”:“”,“issuer”:“acme.zerossl.com-v2-DV90”,“error”:“[(mydomain was here)] creating new order: provisioning client: performing request: Get "``https://acme.zerossl.com/v2/DV90\”:`` dial tcp: lookup ``acme.zerossl.com`` on [2001:8d8:fe:53:72ec::1]:53: dial udp [2001:8d8:fe:53:72ec::1]:53: connect: network is unreachable (ca=``https://acme.zerossl.com/v2/DV90``)"}
I did nothing special to force IPv6.. But I do give up here. I found also that in the reverse proxy manual of nextcloud (if you do a new fresh install) there are plenty other things to consider, that may work now, but will make updates and maintenance in future more difficult, and I an not a day-to-day docker user.
But what I will try now is to do such a “clean” new reverse proxy install as in the docs, and then try to restore a backup into it. Thanks anyway for your support!
I understand it is very frustrating. Docker network is very difficult and makes problems for many people.
You did nothing wrong with IPv6. Sometimes Docker just does this automatically and creates errors.
Please do not give up now! We are very close to the solution. You already did the hardest work with the server. This is only one small network error left.
Take a small break. When you are ready, we can try one more easy step together.
first, the port seems to be 9000 instead 11000, but there are plenty of other ports used and also bound, so the existing installation of nextcloud AIO uses 80 / 443 already, has it’s certificate etc: