Can't connect to Nextcloud AIO at all

The Basics

  • Nextcloud Server version (e.g., 29.x.x): v10.3.0
  • Operating system and version (e.g., Ubuntu 24.04): Unraid 7.0.0
  • Web server and version (e.g, Apache 2.4.25): Apache
  • Reverse proxy and version _(e.g. nginx 1.27.2) NPM v2.12.2
  • Are you using CloudfIare, mod_security, or similar? Cloudflare Only for Domain and set to DNS Only

Summary of the issue you are facing:

I canā€™t connect to NextCloud AT ALL. Not locally or remotely using the domain. If I click on Open your Nextcloud it takes me to the domain thatā€™s not working. If I try and address the UI in any way with any IP:PORT I canā€™t get it to appear. If I close and open the WebUI instead of giving me the ā€œNextcloud is runningā€ message it takes me straight to the running containers list. Basically originally I thought itā€™s a problem with my Nginx settings or my domain or somthing but now Iā€™m thinking there might be a problem with Nextcloud its self?

Nginx says itā€™s connected to the domain and Iā€™ve been able to generate a Letā€™s Enctypt SSL certificate for the domain.

Steps to replicate it (hint: details matter!):

  1. Create two Unraid Shares. One for main user data, one for backup stack.
  2. Go to apps and install nextcloud-aio-mastercontainer on the Unraid share.
  3. Create a Cloudflare domain name and add a DNS record with the settings A, @, , DNS Only. Also, set SSL/TLS to Full. Then go to Edge Certificates and enable Always Use HTTPS.
  4. Download and install the Nginx-Proxy-Manager-Official docker container from the Unraid apps section.
  5. Access the Nginx UI and host a proxy, point it at your domain name, keep it as http, enter the LAN IP and Port of the apache, in my case thatā€™s 192.168.1.250:11000, Enable ā€œBlock Common Exploitsā€ and ā€œWebsockets Supportā€. Then go to the SSL tab and Force SSL.

You might, as troubleshooting step, try adding a (temporary) entry in the hosts file on your client (ie, 192.168.1.250 mynextcloud.domain.tld). I donā€™t know how AiO works internally, or how your proxy is managed, but I can imagine the routing for an IP address to be different from the routing for a domain name.

Excuse my ignorance, the hosts file on what os? My Unraid Server or the AIO docker container or the Nginx docker container?

Client side, so your laptop for example. Having an entry in the hosts file overrides DNS.

It allows you to access your server at 192.168.1.250, while still using the FQDN. This helps you exclude some routing issues.

So I added that to my macbook on the same LAN as the Unraid server (Via VPN) and I have a different message when I used the domain in chome:

MY DOMAIN normally uses encryption to protect your information. When Chrome tried to connect to MY DOMAIN this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be MY DOMAIN or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Chrome stopped the connection before any data was exchanged.

You cannot visit MY DOMAIN right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later.

This is an image of my Unraid docker containers:

When I address the apache on 192.168.1.250:11000 something is happening in chrome as itā€™s constantly trying to connect to something but nothing happens. Just a spinning blue wheel.

UPDATE: If I use incognito mode and use the domain it actually takes me to the Unraid login page, not NextCloud.

Do you have Letsencrypt on you server? Does Chrome allow you to view the certificate? That could give some insight into whether you arrive at your correct server - or perhaps at another.

I have no experience with Mac, Unraid, Chrome, Cloudflare, NC AiO or running services behind VPN, so Iā€™m way out of my depth here :wink:

If you keep getting certificate mismatches: some browsers allow to ignore HSTS, that could help during troubleshoot.

Alternatively, the ā€˜trying to connect but nothing happensā€™ does sound like a routing/forwarding problem. There was a thread by @Mattias_Hedman recently, who was able to solve routing problems with another reverse proxy.

1 Like

Hi, peobably this is what @Maximilian118 is looking for: GitHub - nextcloud/all-in-one: šŸ“¦ The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

Thank you for your reply. My domain is registered with Cloudflare but the entire reason Iā€™m down this rabbit hole is because Iā€™ve needed to change the Proxy Status of the DNS Record to DNS Only because if you Proxy you are subject to Cloudflareā€™s 100mb per file limit which I do not want. I also do not want to have to tell people how to set chunking on their clients so Iā€™ve ended up trying to reverse proxy with Nginx which should allow me to do what I want.

TLDR; Iā€™m not using Cloudflareā€™s infrastructure as Iā€™ve disabled the Proxy on the DNS Record for the domain.

Can you confirm exactly what my Nginx Proxy Host should be pointing at with the docker tab information in the image above?

the Nginx Proxy Manager has Letā€™s Encrypt built in:

As you can see here Iā€™ve managed to secure SSL with the domain.

Ah, I think I see the problem, I think. It should be http://ip.address.of.server:11000 (so http instead of https)

Iā€™ve tried HTTP as thatā€™s what I started with and that still doesnā€™t work. Iā€™ve just tested again to be sure and no dice.

Iā€™m going to go through the entire signal flow just to see if you can see something Iā€™m doing wrong.

CloudFlare Domain:


SSL Set to ā€œFullā€ and ā€œAlways Use HTTPSā€ enabled.

Port Fowarding:


192.168.1.2 is the Nginx Docker Container

Nginx Proxy:


SSL Certificate seems to have been generated fine with the Domain

I believe this setup is correct but still when I use the domain I have absolutelty nothing. So strange.

From what I can tell everything domain wise is set up fine. Itā€™s something past Nginx that is not connected properly. More to the point; I canā€™t connect to Nextcloud at all locally no matter what I do so If I canā€™t connect to it locally I can understand why Nginx and therefore the domain canā€™t reach the Nextcloud UI.

To my knowledge if Nextcloud is running correctly I should not see this screen when I target port 7282 on the server. Instead I should see a ā€œDisable apache to see this screenā€ prompt which isnā€™t appearing anymore.

I now see this page which is what I expect to see when NextCloud is running as normal. However, still canā€™t address the GUI.

Hmā€¦ can you post the output of docker docker inspect nextcloud-aio-apache here?

nextcloud-aio-apache:

Connection to nextcloud-aio-nextcloud (172.18.0.7) 9000 port [tcp/*] succeeded!
{"level":"info","ts":1737465004.2605526,"msg":"using config from file","file":"/tmp/Caddyfile"}
{"level":"info","ts":1737465004.2617307,"msg":"adapted config to JSON","adapter":"caddyfile"}
[Tue Jan 21 14:10:04.267219 2025] [mpm_event:notice] [pid 49:tid 49] AH00489: Apache/2.4.62 (Unix) configured -- resuming normal operations
[Tue Jan 21 14:10:04.267253 2025] [core:notice] [pid 49:tid 49] AH00094: Command line: '/usr/local/apache2/bin/httpd -D FOREGROUND'
Connection to nextcloud-aio-nextcloud (172.18.0.8) 9000 port [tcp/*] succeeded!
{"level":"info","ts":1737471307.0883648,"msg":"using config from file","file":"/tmp/Caddyfile"}
{"level":"info","ts":1737471307.0896685,"msg":"adapted config to JSON","adapter":"caddyfile"}
[Tue Jan 21 15:55:07.110742 2025] [mpm_event:notice] [pid 52:tid 52] AH00489: Apache/2.4.62 (Unix) configured -- resuming normal operations
[Tue Jan 21 15:55:07.110778 2025] [core:notice] [pid 52:tid 52] AH00094: Command line: '/usr/local/apache2/bin/httpd -D FOREGROUND'
Waiting for Nextcloud to start...
Waiting for Nextcloud to start...
Waiting for Nextcloud to start...
Waiting for Nextcloud to start...
Waiting for Nextcloud to start...
Waiting for Nextcloud to start...
Waiting for Nextcloud to start...
Waiting for Nextcloud to start...

Latest lines from nextcloud-aio-mastercontainer:

Deleting duplicate sessions
The environmental variable TZ has been set which is not supported by AIO since it only supports running in the default Etc/UTC timezone!
The correct timezone can be set in the AIO interface later on!
Initial startup of Nextcloud All-in-One complete!
You should be able to open the Nextcloud AIO Interface now on port 8080 of this server!
E.g. https://internal.ip.of.this.server:8080
āš ļø Important: do always use an ip-address if you access this port and not a domain as HSTS might block access to it later!

If your server has port 80 and 8443 open and you point a domain to your server, you can get a valid certificate automatically by opening the Nextcloud AIO Interface via:
https://your-domain-that-points-to-this-server.tld:8443
Total reclaimed space: 0B

Latest lines from nextcloud-aio-nextcloud:

šŸ›ˆ Configured WOPI URL: https://crosbyfamilynextcloud.com
šŸ›ˆ Configured public WOPI URL: https://crosbyfamilynextcloud.com
šŸ›ˆ Configured callback URL: 

Failed to fetch discovery endpoint from https://crosbyfamilynextcloud.com
cURL error 7: Failed to connect to crosbyfamilynextcloud.com port 443 after 11 ms: Could not connect to server (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://crosbyfamilynextcloud.com/hosting/discovery

Hi, as I said, I need the output of the command above.

Ah sorry, here you go:

root@CrosbyServer:~# docker inspect nextcloud-aio-apache
[
    {
        "Id": "683435a2c9363ea9da62c8e4907ea50b4c8781b5edbb7c8467e346bc3ed71737",
        "Created": "2025-01-21T13:09:47.048738284Z",
        "Path": "/start.sh",
        "Args": [
            "/usr/bin/supervisord",
            "-c",
            "/supervisord.conf"
        ],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 8129,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2025-01-21T14:54:38.397807669Z",
            "FinishedAt": "2025-01-21T14:51:36.315804402Z",
            "Health": {
                "Status": "healthy",
                "FailingStreak": 0,
                "Log": [
                    {
                        "Start": "2025-01-22T14:39:45.108896375Z",
                        "End": "2025-01-22T14:39:45.152177039Z",
                        "ExitCode": 0,
                        "Output": "Connection to nextcloud-aio-nextcloud (172.18.0.8) 9000 port [tcp/*] succeeded!\nConnection to 127.0.0.1 8000 port [tcp/*] succeeded!\nConnection to 127.0.0.1 11000 port [tcp/*] succeeded!\n"
                    },
                    {
                        "Start": "2025-01-22T14:40:15.152540014Z",
                        "End": "2025-01-22T14:40:15.205133849Z",
                        "ExitCode": 0,
                        "Output": "Connection to nextcloud-aio-nextcloud (172.18.0.8) 9000 port [tcp/*] succeeded!\nConnection to 127.0.0.1 8000 port [tcp/*] succeeded!\nConnection to 127.0.0.1 11000 port [tcp/*] succeeded!\n"
                    },
                    {
                        "Start": "2025-01-22T14:40:45.205723133Z",
                        "End": "2025-01-22T14:40:45.246840975Z",
                        "ExitCode": 0,
                        "Output": "Connection to nextcloud-aio-nextcloud (172.18.0.8) 9000 port [tcp/*] succeeded!\nConnection to 127.0.0.1 8000 port [tcp/*] succeeded!\nConnection to 127.0.0.1 11000 port [tcp/*] succeeded!\n"
                    },
                    {
                        "Start": "2025-01-22T14:41:15.247301052Z",
                        "End": "2025-01-22T14:41:15.287051916Z",
                        "ExitCode": 0,
                        "Output": "Connection to nextcloud-aio-nextcloud (172.18.0.8) 9000 port [tcp/*] succeeded!\nConnection to 127.0.0.1 8000 port [tcp/*] succeeded!\nConnection to 127.0.0.1 11000 port [tcp/*] succeeded!\n"
                    },
                    {
                        "Start": "2025-01-22T14:41:45.287436245Z",
                        "End": "2025-01-22T14:41:45.329671613Z",
                        "ExitCode": 0,
                        "Output": "Connection to nextcloud-aio-nextcloud (172.18.0.8) 9000 port [tcp/*] succeeded!\nConnection to 127.0.0.1 8000 port [tcp/*] succeeded!\nConnection to 127.0.0.1 11000 port [tcp/*] succeeded!\n"
                    }
                ]
            }
        },
        "Image": "sha256:218f73ad65910c90ed50401575f77dd921c2e2607935e05e8bfaa4b5491b8b56",
        "ResolvConfPath": "/var/lib/docker/containers/683435a2c9363ea9da62c8e4907ea50b4c8781b5edbb7c8467e346bc3ed71737/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/683435a2c9363ea9da62c8e4907ea50b4c8781b5edbb7c8467e346bc3ed71737/hostname",
        "HostsPath": "/var/lib/docker/containers/683435a2c9363ea9da62c8e4907ea50b4c8781b5edbb7c8467e346bc3ed71737/hosts",
        "LogPath": "/var/lib/docker/containers/683435a2c9363ea9da62c8e4907ea50b4c8781b5edbb7c8467e346bc3ed71737/683435a2c9363ea9da62c8e4907ea50b4c8781b5edbb7c8467e346bc3ed71737-json.log",
        "Name": "/nextcloud-aio-apache",
        "RestartCount": 0,
        "Driver": "btrfs",
        "Platform": "linux",
        "MountLabel": "",
        "ProcessLabel": "",
        "AppArmorProfile": "",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": [
                "nextcloud_aio_nextcloud:/var/www/html:ro",
                "nextcloud_aio_apache:/mnt/data:rw"
            ],
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "json-file",
                "Config": {
                    "max-file": "1",
                    "max-size": "50m"
                }
            },
            "NetworkMode": "nextcloud-aio",
            "PortBindings": {
                "11000/tcp": [
                    {
                        "HostIp": "",
                        "HostPort": "11000"
                    }
                ]
            },
            "RestartPolicy": {
                "Name": "unless-stopped",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "ConsoleSize": [
                0,
                0
            ],
            "CapAdd": null,
            "CapDrop": [
                "NET_RAW"
            ],
            "CgroupnsMode": "private",
            "Dns": [],
            "DnsOptions": [],
            "DnsSearch": [],
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "private",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": true,
            "SecurityOpt": [
                "label:disable"
            ],
            "Tmpfs": {
                "/home/www-data": "",
                "/tmp": "",
                "/usr/local/apache2/logs": "",
                "/var/log/supervisord": "",
                "/var/run/supervisord": ""
            },
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "runc",
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": null,
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": null,
            "DeviceCgroupRules": null,
            "DeviceRequests": null,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": null,
            "OomKillDisable": null,
            "PidsLimit": null,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "MaskedPaths": [
                "/proc/asound",
                "/proc/acpi",
                "/proc/kcore",
                "/proc/keys",
                "/proc/latency_stats",
                "/proc/timer_list",
                "/proc/timer_stats",
                "/proc/sched_debug",
                "/proc/scsi",
                "/sys/firmware",
                "/sys/devices/virtual/powercap"
            ],
            "ReadonlyPaths": [
                "/proc/bus",
                "/proc/fs",
                "/proc/irq",
                "/proc/sys",
                "/proc/sysrq-trigger"
            ],
            "Init": true
        },
        "GraphDriver": {
            "Data": null,
            "Name": "btrfs"
        },
        "Mounts": [
            {
                "Type": "volume",
                "Name": "nextcloud_aio_apache",
                "Source": "/var/lib/docker/volumes/nextcloud_aio_apache/_data",
                "Destination": "/mnt/data",
                "Driver": "local",
                "Mode": "rw",
                "RW": true,
                "Propagation": ""
            },
            {
                "Type": "volume",
                "Name": "nextcloud_aio_nextcloud",
                "Source": "/var/lib/docker/volumes/nextcloud_aio_nextcloud/_data",
                "Destination": "/var/www/html",
                "Driver": "local",
                "Mode": "ro",
                "RW": false,
                "Propagation": ""
            }
        ],
        "Config": {
            "Hostname": "683435a2c936",
            "Domainname": "",
            "User": "33",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "11000/tcp": {},
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "NC_DOMAIN=crosbyfamilynextcloud.com",
                "NEXTCLOUD_HOST=nextcloud-aio-nextcloud",
                "APACHE_HOST=nextcloud-aio-apache",
                "COLLABORA_HOST=nextcloud-aio-collabora",
                "TALK_HOST=nextcloud-aio-talk",
                "APACHE_PORT=11000",
                "ONLYOFFICE_HOST=nextcloud-aio-onlyoffice",
                "TZ=Europe/Berlin",
                "APACHE_MAX_SIZE=17179869184",
                "APACHE_MAX_TIME=3600",
                "NOTIFY_PUSH_HOST=nextcloud-aio-notify-push",
                "WHITEBOARD_HOST=nextcloud-aio-whiteboard",
                "PATH=/usr/local/apache2/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "HTTPD_PREFIX=/usr/local/apache2",
                "HTTPD_VERSION=2.4.62",
                "HTTPD_SHA256=674188e7bf44ced82da8db522da946849e22080d73d16c93f7f4df89e25729ec",
                "HTTPD_PATCHES="
            ],
            "Cmd": [
                "/usr/bin/supervisord",
                "-c",
                "/supervisord.conf"
            ],
            "Healthcheck": {
                "Test": [
                    "CMD-SHELL",
                    "/healthcheck.sh"
                ]
            },
            "Image": "nextcloud/aio-apache:latest",
            "Volumes": {
                "/mnt/data": {}
            },
            "WorkingDir": "/usr/local/apache2",
            "Entrypoint": [
                "/start.sh"
            ],
            "OnBuild": null,
            "Labels": {
                "com.centurylinklabs.watchtower.enable": "false"
            },
            "StopSignal": "SIGWINCH"
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "4e5c690bcebf984d15af1e638ca22576c531748895d201d00c8e670a89827fd6",
            "SandboxKey": "/var/run/docker/netns/4e5c690bcebf",
            "Ports": {
                "11000/tcp": [
                    {
                        "HostIp": "0.0.0.0",
                        "HostPort": "11000"
                    },
                    {
                        "HostIp": "::",
                        "HostPort": "11000"
                    }
                ],
                "80/tcp": null
            },
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "",
            "Gateway": "",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "",
            "IPPrefixLen": 0,
            "IPv6Gateway": "",
            "MacAddress": "",
            "Networks": {
                "nextcloud-aio": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "MacAddress": "02:42:ac:12:00:05",
                    "DriverOpts": null,
                    "NetworkID": "a2905734119136dd15816d74a88e632423a3dde024a3a417e9a33c17be29b507",
                    "EndpointID": "84da55a149beba3dd4192622a253b973429c3ccc707cd2229bbd7f35d0cbdb76",
                    "Gateway": "172.18.0.1",
                    "IPAddress": "172.18.0.5",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "DNSNames": [
                        "nextcloud-aio-apache",
                        "683435a2c936"
                    ]
                }
            }
        }
    }
]

Maybe it would help if I explained how this was originally set up and working:

As explained in this tutoral:

I was using a ā€œZero Trustā€ tunnel by CloudFlare with the domain and therefore the domain had a DNS record of Proxied. The tunnel was targeting the IP of the ā€œnextcloud-aio-domaincheckā€ container that is now not present as Nextcloud has already been installed. I then had the ā€œUnraid-Cloudflared-Tunnelā€ docker container installed instead of Nginx. This would take the tunnel_token and thatā€™s it. I then entered the domain and it was all ok and everything ran as expected.

The problem with this as I said I DO NOT want any traffic limitations and when you use the proxy functions on CloudFlare they limit you to 100mb per file so I donā€™t want to do it this way. Instead I want to use the domain simply as a doman and handle all of the SSL/Reverse Proxy stuff with Nginx.

So as we can see here, it is listening on port 11000 on the server that runs docker and aio.

Maybe a firewall is blocking acces between your reverse proxy and the host?

1 Like

Iā€™m really about to lose the plot nowā€¦

I purchased a new Cloudflare domain and did NOTHING to it other than put a DNS record of A, @, WANIP, DNS Only on it.

I also gave up on puting Nextcloud straight onto unraid because a lot of documentation assumes Iā€™m in a more sensible envornemnt like Ubuntu so Iā€™ve now created a Ubuntu Server 24 LTS VM and Iā€™m trying to install Nextcloud on that.

Nginx Proxy Manager is still on my Unraid server as a docker container but can access the LAN with no restrictions.

I can ping the nextcloud apache from the NPM container:

[1;32mdocker-343a8aefcb2c:/app]# nc -zv 192.168.1.249 11000
Connection to 192.168.1.249 11000 port [tcp/*] succeeded!
[1;32mdocker-343a8aefcb2c:/app]# curl http://192.168.1.249:11000
8052784c3c1dd49bcead012b4d11694ae19109884a08cc30

As per the documentation my NPM settings are:



My Ubiquiti port fowarding looks like this:

Domain > WANIP > NPM (192.168.1.2) > Nextcloud VM

This is my docker-compose.yml on the VM:

version: '3.9'
services:
  nextcloud-aio-mastercontainer:
    image: nextcloud/all-in-one:latest
    init: true
    restart: always
    container_name: nextcloud-aio-mastercontainer # This line is not allowed to be changed as otherwise AIO will not work correctly
    volumes:
      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config # This line is not allowed to be changed as otherwise the built-in backup solution will not work
      - /var/run/docker.sock:/var/run/docker.sock:ro # May be changed on macOS, Windows or docker rootless. See the applicable documentation. If adjusting, don't forget to also set 'WATCHTOWER_DOCKER_SOCKET_PATH'!
    network_mode: host # Expose directly on the LAN network
    ports:
      - 8080:8080
    environment:
      # Is needed when using any of the options below
      # AIO_DISABLE_BACKUP_SECTION: false # Setting this to true allows to hide the backup section in the AIO interface. See https://github.com/nextcloud/all-in-one#how-to-disable-the-backup-section
      # AIO_COMMUNITY_CONTAINERS: # With this variable, you can add community containers very easily. See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers
      APACHE_PORT: 11000 # Is needed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
      APACHE_IP_BINDING: 0.0.0.0 # Should be set when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) that is running on the same host. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
      APACHE_ADDITIONAL_NETWORK: "" # (Optional) Connect the apache container to an additional docker network. Needed when behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) running in a different docker network on same server. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
      # BORG_RETENTION_POLICY: --keep-within=7d --keep-weekly=4 --keep-monthly=6 # Allows to adjust borgs retention policy. See https://github.com/nextcloud/all-in-one#how-to-adjust-borgs-retention-policy
      # COLLABORA_SECCOMP_DISABLED: false # Setting this to true allows to disable Collabora's Seccomp feature. See https://github.com/nextcloud/all-in-one#how-to-disable-collaboras-seccomp-feature
      NEXTCLOUD_DATADIR: /mnt/nextcloud_share # Allows to set the host directory for Nextcloud's datadir. āš ļøāš ļøāš ļø Warning: do not set or adjust this value after the initial Nextcloud installation is done! See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir
      NEXTCLOUD_MOUNT: /mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host
      NEXTCLOUD_UPLOAD_LIMIT: 100G # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-upload-limit-for-nextcloud
      # NEXTCLOUD_MAX_TIME: 3600 # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-max-execution-time-for-nextcloud
      NEXTCLOUD_MEMORY_LIMIT: 4096M # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-php-memory-limit-for-nextcloud
      # NEXTCLOUD_TRUSTED_CACERTS_DIR: /path/to/my/cacerts # CA certificates in this directory will be trusted by the OS of the nextcloud container (Useful e.g. for LDAPS) See https://github.com/nextcloud/all-in-one#how-to-trust-user-defined-certification-authorities-ca
      # NEXTCLOUD_STARTUP_APPS: deck twofactor_totp tasks calendar contacts notes # Allows to modify the Nextcloud apps that are installed on starting AIO the first time. See https://github.com/nextcloud/all-in-one#how-to-change-the-nextcloud-apps-that-are-installed-on-the-first-startup
      # NEXTCLOUD_ADDITIONAL_APKS: imagemagick # This allows to add additional packages to the Nextcloud container permanently. Default is imagemagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-os-packages-permanently-to-the-nextcloud-container
      # NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS: imagick # This allows to add additional php extensions to the Nextcloud container permanently. Default is imagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-php-extensions-permanently-to-the-nextcloud-container
      # NEXTCLOUD_ENABLE_DRI_DEVICE: true # This allows to enable the /dev/dri device for containers that profit from it. āš ļøāš ļøāš ļø Warning: this only works if the '/dev/dri' device is present on the host! If it should not exist on your host, don't set this to true as otherwise the Nextcloud container will fail to start! See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud
      # NEXTCLOUD_ENABLE_NVIDIA_GPU: true # This allows to enable the NVIDIA runtime and GPU access for containers that profit from it. āš ļøāš ļøāš ļø Warning: this only works if an NVIDIA gpu is installed on the server. See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud.
      # NEXTCLOUD_KEEP_DISABLED_APPS: false # Setting this to true will keep Nextcloud apps that are disabled in the AIO interface and not uninstall them if they should be installed. See https://github.com/nextcloud/all-in-one#how-to-keep-disabled-apps
      SKIP_DOMAIN_VALIDATION: false # This should only be set to true if things are correctly configured. See https://github.com/nextcloud/all-in-one?tab=readme-ov-file#how-to-skip-the-domain-validation
      # TALK_PORT: 3478 # This allows to adjust the port that the talk container is using which is exposed on the host. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-talk-port
      # WATCHTOWER_DOCKER_SOCKET_PATH: /var/run/docker.sock # Needs to be specified if the docker socket on the host is not located in the default '/var/run/docker.sock'. Otherwise mastercontainer updates will fail. For macos it needs to be '/var/run/docker.sock'
      # security_opt: ["label:disable"] # Is needed when using SELinux
volumes:
  # If you want to store the data on a different drive, see https://github.com/nextcloud/all-in-one#how-to-store-the-filesinstallation-on-a-separate-drive
  nextcloud_aio_mastercontainer:
    name: nextcloud_aio_mastercontainer # This line is not allowed to be changed as otherwise the built-in backup solution will not work

Now to the interesting stuff. When I add my domain into the submit domain field I get this error:

Domain does not point to this server or the reverse proxy is not configured correctly. See the mastercontainer logs for more details. ('sudo docker logs -f nextcloud-aio-mastercontainer')

Then if I go to the logs I find this:

NOTICE: PHP message: The response of the connection attempt to "https://REDACTED:443" was:
NOTICE: PHP message: Expected was: 8052784c3c1dd49bcead012b4d11694ae19109884a08cc30
NOTICE: PHP message: The error message was: TLS connect error: error:0A000458:SSL routines::tlsv1 unrecognized name
NOTICE: PHP message: Please follow https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#6-how-to-debug-things in order to debug things!

I did follow all-in-one/reverse-proxy.md at main Ā· nextcloud/all-in-one Ā· GitHub with no luck.

To add to this, after 10-30 mins after starting the VM I get this when I try to go back to 8080:

NOTICE: PHP message: Slim Application Error
Type: GuzzleHttp\Exception\ServerException
Code: 500
Message: Server error: `POST http://127.0.0.1/v1.41/containers/nextcloud-aio-domaincheck/stop?t=1` resulted in a `500 Internal Server Error` response:
{"message":"cannot stop container: nextcloud-aio-domaincheck: permission denied"}
File: /var/www/docker-aio/php/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php
Line: 111
Trace: #0 /var/www/docker-aio/php/vendor/guzzlehttp/guzzle/src/Middleware.php(72): GuzzleHttp\Exception\RequestException::create(Object(GuzzleHttp\Psr7\Request), Object(GuzzleHttp\Psr7\Response), NULL, Array, NULL)
#1 /var/www/docker-aio/php/vendor/guzzlehttp/promises/src/Promise.php(209): GuzzleHttp\Middleware::GuzzleHttp\{closure}(Object(GuzzleHttp\Psr7\Response))
#2 /var/www/docker-aio/php/vendor/guzzlehttp/promises/src/Promise.php(158): GuzzleHttp\Promise\Promise::callHandler(1, Object(GuzzleHttp\Psr7\Response), NULL)
#3 /var/www/docker-aio/php/vendor/guzzlehttp/promises/src/TaskQueue.php(52): GuzzleHttp\Promise\Promise::GuzzleHttp\Promise\{closure}()
#4 /var/www/docker-aio/php/vendor/guzzlehttp/promises/src/Promise.php(251): GuzzleHttp\Promise\TaskQueue->run(true)
#5 /var/www/docker-aio/php/vendor/guzzlehttp/promises/src/Promise.php(227): GuzzleHttp\Promise\Promise->invokeWaitFn()
#6 /var/www/docker-aio/php/vendor/guzzlehttp/promises/src/Promise.php(272): GuzzleHttp\Promise\Promise->waitIfPending()
#7 /var/www/docker-aio/php/vendor/guzzlehttp/promises/src/Promise.php(229): GuzzleHttp\Promise\Promise->invokeWaitList()
#8 /var/www/docker-aio/php/vendor/guzzlehttp/promises/src/Promise.php(69): GuzzleHttp\Promise\Promise->waitIfPending()
#9 /var/www/docker-aio/php/vendor/guzzlehttp/guzzle/src/Client.php(189): GuzzleHttp\Promise\Promise->wait()
#10 /var/www/docker-aio/php/vendor/guzzlehttp/guzzle/src/ClientTrait.php(95): GuzzleHttp\Client->request('POST', 'http://127.0.0....', Array)
#11 /var/www/docker-aio/php/src/Docker/DockerActionManager.php(942): GuzzleHttp\Client->post('http://127.0.0....')
#12 /var/www/docker-aio/php/src/Controller/DockerController.php(232): AIO\Docker\DockerActionManager->StopContainer(Object(AIO\Container\Container))
#13 /var/www/docker-aio/php/src/Controller/DockerController.php(287): AIO\Controller\DockerController->PerformRecursiveContainerStop('nextcloud-aio-d...')
#14 /var/www/docker-aio/php/src/Controller/DockerController.php(273): AIO\Controller\DockerController->StopDomaincheckContainer()
#15 /var/www/docker-aio/php/public/index.php(84): AIO\Controller\DockerController->StartDomaincheckContainer()
#16 /var/www/docker-aio/php/vendor/slim/slim/Slim/Handlers/Strategies/RequestResponse.php(38): Closure->{closure}(Object(GuzzleHttp\Psr7\ServerRequest), Object(GuzzleHttp\Psr7\Response), Array)
#17 /var/www/docker-aio/php/vendor/slim/slim/Slim/Routing/Route.php(363): Slim\Handlers\Strategies\RequestResponse->__invoke(Object(Closure), Object(GuzzleHttp\Psr7\ServerRequest), Object(GuzzleHttp\Psr7\Response), Array)
#18 /var/www/docker-aio/php/vendor/slim/slim/Slim/MiddlewareDispatcher.php(73): Slim\Routing\Route->handle(Object(GuzzleHttp\Psr7\ServerRequest))
#19 /var/www/docker-aio/php/vendor/slim/slim/Slim/MiddlewareDispatcher.php(73): Slim\MiddlewareDispatcher->handle(Object(GuzzleHttp\Psr7\ServerRequest))
#20 /var/www/docker-aio/php/vendor/slim/slim/Slim/Routing/Route.php(321): Slim\MiddlewareDispatcher->handle(Object(GuzzleHttp\Psr7\ServerRequest))
#21 /var/www/docker-aio/php/vendor/slim/slim/Slim/Routing/RouteRunner.php(74): Slim\Routing\Route->run(Object(GuzzleHttp\Psr7\ServerRequest))
#22 /var/www/docker-aio/php/vendor/slim/csrf/src/Guard.php(482): Slim\Routing\RouteRunner->handle(Object(GuzzleHttp\Psr7\ServerRequest))
#23 /var/www/docker-aio/php/vendor/slim/slim/Slim/MiddlewareDispatcher.php(177): Slim\Csrf\Guard->process(Object(GuzzleHttp\Psr7\ServerRequest), Object(Slim\Routing\RouteRunner))
#24 /var/www/docker-aio/php/vendor/slim/twig-view/src/TwigMiddleware.php(117): Psr\Http\Server\RequestHandlerInterface@anonymous->handle(Object(GuzzleHttp\Psr7\ServerRequest))
#25 /var/www/docker-aio/php/vendor/slim/slim/Slim/MiddlewareDispatcher.php(129): Slim\Views\TwigMiddleware->process(Object(GuzzleHttp\Psr7\ServerRequest), Object(Psr\Http\Server\RequestHandlerInterface@anonymous))
#26 /var/www/docker-aio/php/src/Middleware/AuthMiddleware.php(36): Psr\Http\Server\RequestHandlerInterface@anonymous->handle(Object(GuzzleHttp\Psr7\ServerRequest))
#27 /var/www/docker-aio/php/vendor/slim/slim/Slim/MiddlewareDispatcher.php(280): AIO\Middleware\AuthMiddleware->__invoke(Object(GuzzleHttp\Psr7\ServerRequest), Object(Psr\Http\Server\RequestHandlerInterface@anonymous))
#28 /var/www/docker-aio/php/vendor/slim/slim/Slim/Middleware/ErrorMiddleware.php(77): Psr\Http\Server\RequestHandlerInterface@anonymous->handle(Object(GuzzleHttp\Psr7\ServerRequest))
#29 /var/www/docker-aio/php/vendor/slim/slim/Slim/MiddlewareDispatcher.php(129): Slim\Middleware\ErrorMiddleware->process(Object(GuzzleHttp\Psr7\ServerRequest), Object(Psr\Http\Server\RequestHandlerInterface@anonymous))
#30 /var/www/docker-aio/php/vendor/slim/slim/Slim/MiddlewareDispatcher.php(73): Psr\Http\Server\RequestHandlerInterface@anonymous->handle(Object(GuzzleHttp\Psr7\ServerRequest))
#31 /var/www/docker-aio/php/vendor/slim/slim/Slim/App.php(209): Slim\MiddlewareDispatcher->handle(Object(GuzzleHttp\Psr7\ServerRequest))
#32 /var/www/docker-aio/php/vendor/slim/slim/Slim/App.php(193): Slim\App->handle(Object(GuzzleHttp\Psr7\ServerRequest))
#33 /var/www/docker-aio/php/public/index.php(189): Slim\App->run()
#34 {main}

I just want this over and done with. Getting boring now haha.

Hi Maximilian118 ,

Do I understand correctly that you have now:

  • Unraid running bare-metal
  • Ubuntu in a VM on Unraid
  • Nextcloud-AiO with Docker on that Ubuntu

I may have overlooked it in your last post, but I think szaimen will be asking for the output of

With your Nextcloud just being installed anew, there is not so much to lose. What other apps/services do you rely on, or do you want to start using? I run Nextcloud installed via Yunohost (in a Debian container on Proxmox), which does not seem to give me too many headaches (save for the incompatible NC-apps during upgrades, now and again).

If you donā€™t have a fixed requirement for NC-AiO, you may give Yunohost a look.