Hi,
I am trying to deploy nextcloud-aio behind reverse-proxy (nginx) using docker compose on my VPS.
Since I am using docker compose, nginx is running in its own docker network.
Therefore, following the documentation, I added APACHE_ADDITIONAL_NETWORK env to my nextcloud service and adjusted nginx config with http://nextcloud-aio-apache:$APACHE_PORT.
In the AIO interface, the domain check fails (error: “Domain does not point to this server or the reverse proxy is not configured correctly. See the mastercontainer logs for more details. (‘sudo docker logs -f nextcloud-aio-mastercontainer’)”).
Logs from the nextcloud-aio-mastercontainer don’t give much information (to my understanding):
nextcloud-aio-mastercontainer | NOTICE: PHP message: The response of the connection attempt to "https://mydomain</html>nter>nginx/1.28.0</center>/center>d>
nextcloud-aio-mastercontainer | NOTICE: PHP message: Expected was: be563f44aa170befecb6d2253d69121d6b9d490a0a63e110
nextcloud-aio-mastercontainer | NOTICE: PHP message: The error message was:
nextcloud-aio-mastercontainer | NOTICE: PHP message: Please follow https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#6-how-to-debug-things in order to debug things!
But I also have this in the nginx container logs:
nginx-1 | 2025/08/04 09:27:07 [error] 20#20: *39 no resolver defined to resolve nextcloud-aio-apache, client: 172.18.0.1, server: mydomain.com, request: "GET / HTTP/2.0", host: "mydomain.com"
nginx-1 | 172.18.0.1 - - [04/Aug/2025:09:27:07 +0000] "GET / HTTP/2.0" 502 157 "-" "-" "-"
Running through the debugging steps, when checking if reverse proxy container manages to reach apache port, I have this result (but I am not sure what to conclude from it):
# From within nginx container
nc -z localhost 11000; echo $? # Returns 1
nc -z <host IP> 11000; echo $? # Returns 0
I tried to add port 11000 to the nginx service in compose, I obtained the same result.
Here is my compose.yaml file (I removed certbot stuff and other nginx volumes, which are not related to my error I think):
services:
nginx:
image: nginx:1.28-alpine
ports:
- 80:80
- 443:443
restart: always
volumes:
- /home/tvoirand/tvoirand/webserver_tvoirand/webserver_tvoirand/conf.d:/etc/nginx/conf.d:ro
nextcloud:
image: nextcloud/all-in-one:20250325_084656
init: true
restart: always
container_name: nextcloud-aio-mastercontainer
volumes:
- nextcloud_aio_mastercontainer:/mnt/docker-aio-config
- /var/run/docker.sock:/var/run/docker.sock:ro
ports:
- 8080:8080
environment:
APACHE_IP_BINDING: 0.0.0.0
APACHE_ADDITIONAL_NETWORK: webserver_tvoirand_default
I am not sure how to fix my issue. I suspect that it is related to docker networks. Should I use the default bridge network, adding network_mode: bridge to my services in compose? I would prefer keeping nextcloud and the reverse-proxy in a dedicated network, to isolate this stack from other stuff on my host.
Many thanks in advance for you help!
Here is also my nginx configuration file.
The modifications I applied to the default file from documentation:
- Replace “your-nc-domain”
- Replace “127.0.0.1” with “nextcloud-aio-apache” in proxy_pass directive
- Adjust stuff related to nginx version (1.28.0 in my case)
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
listen [::]:80;
if ($scheme = "http") {
return 301 https://$host$request_uri;
}
if ($http_x_forwarded_proto = "http") {
return 301 https://$host$request_uri;
}
listen 443 ssl;
listen [::]:443 ssl;
http2 on;
proxy_buffering off;
proxy_request_buffering off;
client_max_body_size 0;
client_body_buffer_size 512k;
# http3_stream_buffer_size 512k;
proxy_read_timeout 86400s;
server_name mydomain.com www.mydomain.com;
location / {
proxy_pass http://nextcloud-aio-apache:11000$request_uri;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header Early-Data $ssl_early_data;
# Websocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
ssl_certificate /etc/nginx/ssl/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/live/mydomain.com/privkey.pem;
ssl_dhparam /etc/dhparam; # curl -L https://ssl-config.mozilla.org/ffdhe2048.txt -o /etc/dhparam
ssl_early_data on;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ecdh_curve x25519:x448:secp521r1:secp384r1:secp256r1;
ssl_prefer_server_ciphers on;
ssl_conf_command Options PrioritizeChaCha;
ssl_ciphers TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256;
}
- Nextcloud Server version:
- Docker image
nextcloud/all-in-one:20250325_084656
- Docker image
- Operating system and version:
- Ubuntu 24.04
- Reverse proxy and version:
- Nginx 1.28.0
- Installation method:
- AIO