Docker Compose with External Firewall

I have a Nextcloud 16 ( dockerised install) running on top of my Synology. I have configured this to run http traffic in port 8080
This is on a 10.x.x.x based network. Everything seems to function properly.
I also have a hardware Sophos UTM firewall. I have applied a WAF policy mapping with a signed cert ) on 443 through to the docker nextcloud instance.

Logging in and uploading files etc works as expected.
When i try and connect the nextcloud app it fails to connect. I suspect this is because the server address ( taken from the settings section) reports its internal address.


I have the above settings in the docker compose file but no dice.

Im clearly missing something but cant work out what

Which client are you referring to? iOS, Android, Windows, Mac, Linux?

This is with the Mac Client.

My first suspicion is that because you’re not listing on port 80, the client may be attempting to connect first with http and not getting redirected. Can you manually specify https:// when setting the server address?

Its actually the other way round. The connection in the app works at some point over https and then somewhere is attempting to connect via http.

I think what I am going to try is to add a self signed cert on the apache instance and then map 443 external to an internal port with HTTPS

@jameskilbynet do you have a ‘overwrite.cli.url’ => ‘https://nextcloud.example.tld’ in your config.php?

Yes it is set to http://nextcloud.example.tld

I suspect it is setting this on first run. If i trash everything and run the create admin account by the internal IP. it gets set to that.

If i run the first run wizard from external its set to http://nextcloud.example.tld

How do i set this to https://nextcloud.example.tld in the docker compose file? ( I Realise i could just edit the config.php file )

there is also a occ command to set config.php values. something like docker exec --user www-data <container-id> php occ config:system:set ....