Iāve recently migrated to Traefik from Nginx Proxy Manager, but have been having issues accessing the AIO container behind Traefik. Iāve done my best to follow the instructions on the GitHub page (link) and these community posts (1, 2, 3, 4, 5, 6), but havenāt been able to get things set up. Iāve included my config files below. Would love some help getting this working, as Iāve been banging my head against this for a couple days now.
## nextcloud compose.yaml
services:
nextcloud-aio-mastercontainer:
image: nextcloud/all-in-one:latest
init: true
restart: unless-stopped
container_name: nextcloud-aio-mastercontainer
ports:
- 16001:8080
# have also tried with the following:
# - 16000:80
# - 16002:8443
volumes:
- nextcloud_aio_mastercontainer:/mnt/docker-aio-config
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
APACHE_PORT: 11000
# have not tried setting APACHE_BIND_IP_ADDRESS, see provided config files in link #4
networks:
- proxy
volumes:
nextcloud_aio_mastercontainer:
name: nextcloud_aio_mastercontainer
external: true
networks:
proxy:
external: true
## traefik compose.yaml
services:
traefik:
container_name: traefik
image: traefik:v3.1
ports:
- "80:80"
- "8080:8080"
- "443:443"
volumes:
- ./static.yaml:/etc/traefik/traefik.yaml
- ./dynamic:/etc/traefik/dynamic
- ./letsencrypt:/letsencrypt
networks:
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.routers.dashboard.rule=Host(`traefik.[my-domain].com`)"
- "traefik.http.routers.dashboard.tls.certresolver=cloudflare"
- "traefik.http.routers.dashboard.service=api@internal"
- "traefik.http.routers.dashboard.middlewares=traefik_auth"
- "traefik.http.middlewares.traefik_auth.digestauth.users=justin:traefik:[password hash]"
environment:
CF_DNS_API_TOKEN_FILE: /run/secrets/cf_dns_api
secrets:
- "cf_dns_api"
networks:
proxy:
external: true
secrets:
cf_dns_api:
file: ./secrets/cf_dns_api.secret
## traefik static.yaml
global:
checkNewVersion: true
sendAnonymousUsage: true
entryPoints:
http:
address: :80
https:
address: :443
log:
level: DEBUG
api:
insecure: false
dashboard: true
providers:
docker:
# from traefik documentation
endpoint: tcp://socket-proxy:2375
watch: true
exposedByDefault: false
file:
directory: /etc/traefik/dynamic/
watch: true
certificatesresolvers:
cloudflare:
acme:
dnschallenge:
provider: cloudflare
email: justin@[my-domain].com
storage: /letsencrypt/acme.json
## nextcloud dynamic config (dynamic/nextcloud.yaml)
http:
routers:
nextcloud:
rule: "Host(`cloud.[my-domain].com`)"
entrypoints:
- "https"
service: nextcloud
middlewares:
- nextcloud-chain
tls:
certresolver: "cloudflare"
services:
nextcloud:
loadBalancer:
servers:
# have tried localhost, 0.0.0.0
- url: "http://[VPS IP]:11000" # Use the host's IP address if Traefik runs outside the host network
middlewares:
nextcloud-secure-headers:
headers:
hostsProxyHeaders:
- "X-Forwarded-Host"
referrerPolicy: "same-origin"
https-redirect:
redirectscheme:
scheme: https
nextcloud-chain:
chain:
middlewares:
# - ... (e.g. rate limiting middleware)
- https-redirect
- nextcloud-secure-headers