Using:
- nextcloud/all-in-one:latest
- Arch Linux with kernel 6.12.1
- Caddy (latest) as reverse proxy
Summary of the issue you are facing:
- Main issue: the Nextcloud container doesn’t seem to be using the specified port, 11000, despite setting the env variables in the Docker compose file.
- Is setting
APACHE_PORT
and the other variables supposed to disable built-in HTTPS? Or is there something I need to do to trigger that? Or will that always be running and the 11000 thing is a bypass? - Is setting
APACHE_PORT
and the other variables supposed to disable built-in caddy? Or is the Caddyfile in the root directory of the container and in the logs not indicative that Caddy in being used? - I am not seeing any other spawned containers, is that supposed to happen yet?
- Also: I can wget the initial startup page on the host machine at 48080 as mapped in the compose file, but both Firefox and Chrome (navigating to https://localhost:48080, same URL as with curl and wget) get a connection refused. Might be an unrelated issue.
I am probably forgetting something, I’ve been at this awhile and I’m tired and so is Claude.
Config
relevant section of docker-compose.yaml:
nextcloud-aio-mastercontainer:
container_name: nextcloud-aio-mastercontainer
image: nextcloud/all-in-one:latest
init: true
restart: always
networks:
liyuannet:
ports:
- "48080:8080"
environment:
APACHE_PORT: 11000
APACHE_IP_BINDING: 0.0.0.0
APACHE_ADDITIONAL_NETWORK: liyuannet
NEXTCLOUD_DATADIR: /mnt/nextclouddata
# SKIP_DOMAIN_VALIDATION: true
volumes:
- nextcloud_aio_mastercontainer:/mnt/docker-aio-config
- /var/run/docker.sock:/var/run/docker.sock:ro
- /mnt/fs/host/nextcloud:/mnt/nextclouddata
depends_on:
- caddy
relevant section of Caddyfile (subbing in example for actual domain):
mywebsite.com {
reverse_proxy nextcloud-aio-mastercontainer:11000
}
This config works with all the other sites I am using with caddy in this way.
Logs
docker logs nextcloud-aio-mastercontainer
gives:
Trying to fix docker.sock permissions internally...
Creating docker group internally with id 971
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
........+....+......+......+.....+......+....+.........+..+++++++++++++++++++++++++++++++++++++++++++++*........+........+...+...+.......+........+.+...+...+.........+.....+.+.....+.........+.+++++++++++++++++++++++++++++++++++++++++++++*......................+.+......+..+......+.+......+...+..............+.......+...+++++
.+...+.....+.......+.....+.+++++++++++++++++++++++++++++++++++++++++++++*.................+....+.....+.+.....+...............+.+.....+.+..............+...+......+......+.........+....+..+.+..+...+.........+................+...+.....+......+.+..+.+...............+..+....+......+.....+.........+.+++++++++++++++++++++++++++++++++++++++++++++*..........................+...+.+......+......+........+......+...............+...+......+.......+.....+........................+......+....+...+..+....+..............+.+...........+...................+..+....+......+++++
-----
Initial startup of Nextcloud All-in-One complete!
You should be able to open the Nextcloud AIO Interface now on port 8080 of this server!
E.g. https://internal.ip.of.this.server:8080
⚠️ Important: do always use an ip-address if you access this port and not a domain as HSTS might block access to it later!
If your server has port 80 and 8443 open and you point a domain to your server, you can get a valid certificate automatically by opening the Nextcloud AIO Interface via:
https://your-domain-that-points-to-this-server.tld:8443
[Mon Nov 25 01:42:17.393272 2024] [mpm_event:notice] [pid 192:tid 192] AH00489: Apache/2.4.62 (Unix) OpenSSL/3.3.2 configured -- resuming normal operations
[Mon Nov 25 01:42:17.393295 2024] [core:notice] [pid 192:tid 192] AH00094: Command line: 'httpd -D FOREGROUND'
{"level":"info","ts":1732498937.4002242,"msg":"using config from file","file":"/Caddyfile"}
[25-Nov-2024 01:42:17] NOTICE: fpm is running, pid 202
[25-Nov-2024 01:42:17] NOTICE: ready to handle connections
{"level":"info","ts":1732498937.4011843,"msg":"adapted config to JSON","adapter":"caddyfile"}
output of sudo netstat -tulpn
in the nextcloud aio container:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:2019 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:9876 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.11:46791 0.0.0.0:* LISTEN -
tcp 0 0 :::8000 :::* LISTEN 192/httpd
tcp 0 0 :::8080 :::* LISTEN 192/httpd
tcp 0 0 :::80 :::* LISTEN -
tcp 0 0 :::8443 :::* LISTEN -
tcp 0 0 :::9000 :::* LISTEN 202/php-fpm.conf)
udp 0 0 127.0.0.11:42803 0.0.0.0:* -
I don’t see any relevant-looking logs in the container other than access logs showing my successful curl and wget connections. The caddy container’s logs show that when I’m trying to connect to my domain, caddy isn’t getting a connection on port 11000, which is expected given that the port isn’t being set correctly.
I really, really appreciate any ideas anyone has on this!