Change Nextcloud docker to nextcloud:fpm on apache host and proxy

I was running Nextcloud 26.0.2 with php8.2-fpm on apache2 and Ubuntu server 22.04. This was working very well. Reachable on

Recently I switched from native Nextcloud install to docker. Therefor I run nextcloud as:

docker run -d \
--name="nextcloud" \
--restart unless-stopped \
-v /home/bart/docker/nextcloud:/var/www/html \
-v /data:/var/www/html/data \
-p 8080:80 \
--net bridge \

Nextcloud connects to mariadb on the host via bridge network.
Apache on the host is configured as:

RewriteEngine on
        RewriteCond %{HTTP:Upgrade} =websocket [NC]
        ProxyPass / http://localhost:8080/
        ProxyPassReverse / http://localhost:8080/
        ProxyPreserveHost On
        ProxyRequests Off
        RequestHeader set X-Real-IP %{REMOTE_ADDR}s

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        <IfModule mod_headers.c>
          Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"

        <IfModule mod_dav.c>
          Dav off

RewriteEngine On
RewriteRule ^/\.well-known/carddav https://%{SERVER_NAME}/remote.php/dav/ [R=301,L]
RewriteRule ^/\.well-known/caldav https://%{SERVER_NAME}/remote.php/dav/ [R=301,L]


I had some trouble to get this running, but it is working now. Now I found out that it is also possible to use the nextcloud:fpm version. nextcloud:fpm .

My thoughts where changing this config as:

docker run -d \
--name="nextcloud" \
--restart unless-stopped \
-v /home/bart/docker/nextcloud:/var/www/html \
-v /data:/var/www/html/data \
-p 8080:9000 \
--net bridge \

and apache config could be the same,
But when I
docker stop nextcloud, docker rm nextcloud, docker pull nextcloud:fpm
and start docker run … as mentioned above, the server is up according to docker, but not reachable. Firefox tells me:

Beveiligde verbinding mislukt

Fout tijdens het verbinden met

    De pagina die u wilt bekijken kan niet worden weergegeven, omdat de echtheid van de ontvangen gegevens niet kon worden geverifieerd.
    Neem contact op met de website-eigenaars om ze over dit probleem te informeren.

In english translate:

Secure connection failed

Error while connecting to

    The page you want to view cannot be displayed because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.

What am I missing here? Something with https connection?

Edit: I did some experiments with:

  'overwrite.cli.url' => '',
  'trusted_proxies' =>
  array (
    0 => '',
  'overwriteprotocol' => 'https',
 'overwritehost' => '', 
 'overwriteprotocol' => 'https', 

in config.php. But no effect.

When I bash connect to this docker and execute php-fpm:

/var/www/html# php-fpm
[11-Jun-2023 11:43:39] NOTICE: Failed implicitly binding to ::, retrying with
[11-Jun-2023 11:43:39] ERROR: unable to bind listening socket for address '9000': Address already in use (98)
[11-Jun-2023 11:43:39] ERROR: FPM initialization failed

I see this error about binding issues. Is that a clue to a solution?

Because of this binding issue I tried to change the port inside nextcloud:fpm. by changing zz-docker.conf in /usr/local/etc/php-fpm.d/zz-docker.conf. There I changed listen to 9002. But this gave me the same error: “unable to bind listening socket for address ‘9000’:”

Because of this binding 9000 error I executed netstat -tunap in this nextcloud:fpm docker:

netstat -tunap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0      TIME_WAIT   -                   
tcp        0      0      TIME_WAIT   -                   
tcp6       0      0 :::9000                 :::*                    LISTEN      1/php-fpm: master p

php-fpm is not binded to nor Changing listen to in zz-docker.conf has no effect.
I’m almost out of ideas. Is this a bug?

let’s start with the most obvious issue - as long the service fails to bind a port it’s definitely unable to work… I would start the troubleshooting there. as you do port bind -p 8080:9000 please double check if the port 8080 is used on the host. looks it did successfully bind port 9000 for IPv6…

another hint :fpm variant is not a drop-in replacement for :apache - you need additional container running a webserver like Apache or Nginx to serve static content…

it is not easy to run multiple containers using plain docker - I highly recommend you docker-compose all parts of the application defined in one config file makes understanding, troubleshooting and management much easier.

When I start the normal nextcloud as docker run -p 8080:80 netcloud, Nextcloud is working well. So 8080 is not the problem here. I do stop en rm between attempts.

I do not want to run another webserver in a container. Apache is running on my host because of other services. Wouldn’t that be possible then. If not, I’d better stay with apache - php-fpm setup on host. Nextcloud running with php-fpm is faster then direct apache, in my opinion.

I could not find any instructions about docker nextcloud:fpm and the static content te be served from apache.

you can’t judge until you proof. I’ve seen reports NC Docker instance running :apache performs better, even majority would expect :fpm+Nginx to win… It might be better tuning of this system… might be it’s just by wrong measures - you can only gain hard fact related to your system by testing your use case… this might differ from some dry benchmarks…

nothing is wrong of running multiple webserver instances for different applications… especially in case of containerized applications