I tried to run the docker aio based on the github documentation using a reverse proxy.
This is the startup command:
sudo docker run
--sig-proxy=false
--name nextcloud-aio-mastercontainer
--restart always
--publish 8080:8080
-e APACHE_PORT=11000
-e APACHE_IP_BINDING=127.0.0.1
-e NEXTCLOUD_DATADIR="/volume1/docker/nextcloud_aio/data"
-e NEXTCLOUD_MOUNT="/volume1/external_test"
-e NEXTCLOUD_MEMORY_LIMIT=2G
--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config
--volume /var/run/docker.sock:/var/run/docker.sock:ro
nextcloud/all-in-one:latest
The container starts but repeats following log output:
2022-11-22T16:27:04.741626867Z,stderr,Error: loading initial config: loading new config: http app module: start: listening on :80: listen tcp :80: bind: permission denied
2022-11-22T16:27:04.741475266Z,stderr,"{\"level\":\"info\",\"ts\":1669134424.7411804,\"logger\":\"tls.cache.maintenance\",\"msg\":\"stopped background certificate maintenance\",\"cache\":\"0xc0004cd7a0\"}
"
2022-11-22T16:27:04.740653388Z,stderr,"{\"level\":\"warn\",\"ts\":1669134424.7404296,\"logger\":\"tls\",\"msg\":\"YOUR SERVER MAY BE VULNERABLE TO ABUSE: on-demand TLS is enabled, but no protections are in place\",\"docs\":\"https://caddyserver.com/docs/automatic-https#on-demand-tls\"}
"
2022-11-22T16:27:04.739981077Z,stderr,"{\"level\":\"info\",\"ts\":1669134424.7397861,\"logger\":\"tls.cache.maintenance\",\"msg\":\"started background certificate maintenance\",\"cache\":\"0xc0004cd7a0\"}
"
2022-11-22T16:27:04.739817250Z,stderr,"{\"level\":\"warn\",\"ts\":1669134424.7394106,\"logger\":\"http\",\"msg\":\"automatic HTTP->HTTPS redirects are disabled\",\"server_name\":\"srv1\"}
"
2022-11-22T16:27:04.739622536Z,stderr,"{\"level\":\"warn\",\"ts\":1669134424.7393675,\"logger\":\"http\",\"msg\":\"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server\",\"server_name\":\"srv0\",\"http_port\":80}
"
2022-11-22T16:27:04.738674287Z,stderr,"{\"level\":\"info\",\"ts\":1669134424.738365,\"logger\":\"admin\",\"msg\":\"admin endpoint started\",\"address\":\"localhost:2019\",\"enforce_origin\":false,\"origins\":[\"//localhost:2019\",\"//[::1]:2019\",\"//127.0.0.1:2019\"]}
"
2022-11-22T16:27:04.736849689Z,stderr,"{\"level\":\"warn\",\"ts\":1669134424.736496,\"msg\":\"Caddyfile input is not formatted; run the 'caddy fmt' command to fix inconsistencies\",\"adapter\":\"caddyfile\",\"file\":\"/Caddyfile\",\"line\":2}
"
2022-11-22T16:27:04.733843215Z,stderr,"{\"level\":\"info\",\"ts\":1669134424.733408,\"msg\":\"using provided configuration\",\"config_file\":\"/Caddyfile\",\"config_adapter\":\"\"}
"
2022-11-22T16:27:03.687131515Z,stderr,[Tue Nov 22 16:27:03.684942 2022] [core:notice] [pid 95] AH00094: Command line: 'apache2 -D FOREGROUND'
2022-11-22T16:27:03.686857350Z,stderr,[Tue Nov 22 16:27:03.684903 2022] [mpm_prefork:notice] [pid 95] AH00163: Apache/2.4.54 (Debian) PHP/8.0.25 OpenSSL/1.1.1n configured -- resuming normal operations
2022-11-22T16:27:03.684359684Z,stderr,[Tue Nov 22 16:27:03.680329 2022] [ssl:warn] [pid 95] AH01909: 172.18.0.2:8080:0 server certificate does NOT include an ID which matches the server name
2022-11-22T16:27:03.682930297Z,stderr,[Tue Nov 22 16:27:03.680298 2022] [ssl:warn] [pid 95] AH01906: 172.18.0.2:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
2022-11-22T16:27:03.625133716Z,stderr,"AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.18.0.2. Set the 'ServerName' directive globally to suppress this message
"
2022-11-22T16:27:03.583698917Z,stderr,[Tue Nov 22 16:27:03.581138 2022] [ssl:warn] [pid 95] AH01909: 172.18.0.2:8080:0 server certificate does NOT include an ID which matches the server name
2022-11-22T16:27:03.582896991Z,stderr,[Tue Nov 22 16:27:03.580699 2022] [ssl:warn] [pid 95] AH01906: 172.18.0.2:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
2022-11-22T16:27:03.577096301Z,stderr,"AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.18.0.2. Set the 'ServerName' directive globally to suppress this message
"
2022-11-22T16:27:03.522878079Z,stderr,Error: loading initial config: loading new config: http app module: start: listening on :80: listen tcp :80: bind: permission denied
2022-11-22T16:27:03.520056519Z,stderr,"{\"level\":\"info\",\"ts\":1669134423.5198145,\"logger\":\"tls.cache.maintenance\",\"msg\":\"stopped background certificate maintenance\",\"cache\":\"0xc000182ee0\"}
"
2022-11-22T16:27:03.518951596Z,stderr,"{\"level\":\"info\",\"ts\":1669134423.5186913,\"logger\":\"http.log\",\"msg\":\"server running\",\"name\":\"srv1\",\"protocols\":[\"h1\",\"h2\",\"h3\"]}
"
2022-11-22T16:27:03.517883223Z,stderr,"{\"level\":\"info\",\"ts\":1669134423.517677,\"msg\":\"failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size for details.\"}
"
2022-11-22T16:27:03.517651773Z,stderr,"{\"level\":\"info\",\"ts\":1669134423.5165832,\"logger\":\"tls\",\"msg\":\"finished cleaning storage units\"}
"
2022-11-22T16:27:03.516729505Z,stderr,"{\"level\":\"info\",\"ts\":1669134423.5157094,\"logger\":\"tls\",\"msg\":\"cleaning storage unit\",\"description\":\"FileStorage:/mnt/docker-aio-config/caddy/\"}
"
2022-11-22T16:27:03.515963610Z,stderr,"{\"level\":\"info\",\"ts\":1669134423.5157094,\"logger\":\"http\",\"msg\":\"enabling HTTP/3 listener\",\"addr\":\":8443\"}
"
2022-11-22T16:27:03.515016032Z,stderr,"{\"level\":\"warn\",\"ts\":1669134423.5147154,\"logger\":\"tls\",\"msg\":\"YOUR SERVER MAY BE VULNERABLE TO ABUSE: on-demand TLS is enabled, but no protections are in place\",\"docs\":\"https://caddyserver.com/docs/automatic-https#on-demand-tls\"}
"
2022-11-22T16:27:03.514105215Z,stderr,"{\"level\":\"warn\",\"ts\":1669134423.5136123,\"logger\":\"http\",\"msg\":\"automatic HTTP->HTTPS redirects are disabled\",\"server_name\":\"srv1\"}
"
2022-11-22T16:27:03.513099747Z,stderr,"{\"level\":\"warn\",\"ts\":1669134423.5128827,\"logger\":\"http\",\"msg\":\"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server\",\"server_name\":\"srv0\",\"http_port\":80}
"
2022-11-22T16:27:03.512280194Z,stderr,"{\"level\":\"info\",\"ts\":1669134423.5120091,\"logger\":\"tls.cache.maintenance\",\"msg\":\"started background certificate maintenance\",\"cache\":\"0xc000182ee0\"}
"
2022-11-22T16:27:03.511004252Z,stderr,"{\"level\":\"info\",\"ts\":1669134423.5106463,\"logger\":\"admin\",\"msg\":\"admin endpoint started\",\"address\":\"localhost:2019\",\"enforce_origin\":false,\"origins\":[\"//localhost:2019\",\"//[::1]:2019\",\"//127.0.0.1:2019\"]}
"
2022-11-22T16:27:03.508721577Z,stderr,"{\"level\":\"warn\",\"ts\":1669134423.508379,\"msg\":\"Caddyfile input is not formatted; run the 'caddy fmt' command to fix inconsistencies\",\"adapter\":\"caddyfile\",\"file\":\"/Caddyfile\",\"line\":2}
"
2022-11-22T16:27:03.505160411Z,stderr,"{\"level\":\"info\",\"ts\":1669134423.5046253,\"msg\":\"using provided configuration\",\"config_file\":\"/Caddyfile\",\"config_adapter\":\"\"}