I recently setup my own nextcloud AIO server on a proxmox container in my homelab (ubuntu 24.10). I have it setup and running to work with my own domain that allows access anywhere. I have it specifically setup under a subdomain (cloud.placeholder.com), to allow other things used for that website. I decided I wanted to add a website to the domain (placeholder.com) to make it look more professional espically for use with family and friends. I want to host this website on my own server, however when researching this ive run into the issue that the ports 443 and 80 are forwarded to my nextcloud vm. I saw that in order to use the ports I needed a reverse proxy to get it working. I dont have much experience with them and would like suggestions and help on how best to set this up, and weather or not I should host the website on a seperate vm. Thanks in advance!
System setup:
Proxmox ct container running ubuntu 24.10
Nextcloud AIO installed using docker following the nextcloud guide
A traffic rule on my cloudflare domain that forwards to my ip
Thanks for sharing your setup! Using a reverse proxy like Nginx or Traefik is a great way to manage multiple services on ports 80/443. You can run the reverse proxy on the same VM or a lightweight separate container/VM for better isolation. The proxy will route traffic based on domain or subdomain - e.g., cloud.placeholder.com to Nextcloud and placeholder.com to your website. Make sure to configure SSL (Let’s Encrypt works well) on the proxy for secure connections. If you need, I can help with example configs or setup steps!
Hey @nuclearatlas ,
I have a very similar setup at home – everything runs on my own Proxmox server (using VMs only) where I host Nextcloud AIO, two websites, and a bunch of other services like Plex, Vaultwarden, Jellyfin, Paperless, Calibre, etc. I dealt with exactly the same situation as you’re describing.
Best solution:
Set up a reverse proxy — I recommend NGINX Proxy Manager (NPM) in Docker with its simple GUI. Forward ports 80 and 443 on your router to the NPM server. NPM will handle routing traffic to Nextcloud, your websites, and other services. NPM takes care of SSL — it obtains and renews Let’s Encrypt certificates automatically, so you don’t need to manage certificates manually.
Website hosting:
I recommend a separate VM/CT for the website — it’s easier to manage and scale. I personally run WordPress on its own VM behind the same NPM, and everything works flawlessly. If it’s a simple website, you could also run it on the same machine as NPM.
Cloudflare:
The best approach is to have your own public IP address — this saves you a lot of trouble and unnecessary debugging and is the best way to avoid Cloudflare altogether. Cloudflare proxy mode (orange cloud) often causes issues when uploading large files to Nextcloud. If you do use Cloudflare, stick to DNS only (grey cloud).
Thanks for the help, Ive gotten as far as getting NPM running on a seperate container, and im struggling with the getting the proxy host to work. Ive got it pointing to the internal ip of the server and ive got the domain in there, ports forwarded to the NPM container now, but when i go to my nextcloud i get a 502 bad gateway error. I also have the ssl cert setup using NPM and i have the thing set to https and port 443. is there something I need to do on both vm’s to link them, i added the npm server as a proxy and domain in the config.php, but thats all? thanks!
EDIT: I decided to try to setup my apache and wordpress site in the meantime and I was able to get that working. It seems like my issue is nextcloud specific with the NPM server.
Glad to hear you got the WordPress site working — that’s a good sign your NPM setup is generally working fine.
Your 502 Bad Gateway with Nextcloud usually means NPM isn’t correctly reaching your Nextcloud AIO backend. Here’s the key thing to check (this is how I run it at home):
In my docker-compose.yml for Nextcloud AIO, I have Apache in the mastercontainer listening on port 11000 (not 443).
In NGINX Proxy Manager, I point the proxy host to http://<Nextcloud AIO internal IP>:11000, not to 443 or 80.
I don’t use Cloudflare at all — I have a public IP and that keeps things much cleaner.
So double-check your NPM host config — make sure you’re targeting the internal IP of your Nextcloud AIO server and port 11000 (or whatever port your Apache inside the mastercontainer is actually listening on).
You can see on my screenshot examples that both my docker-compose.yml and NPM config match on port 11000 — that’s what makes it work without 502 errors.
Once that’s set, your SSL cert in NPM does the job and you don’t need to touch ports like 443 or 80 inside Nextcloud AIO — NPM terminates SSL and talks to the backend on the internal port.
Best solution:
Forward ports 80 and 443 on your router to the NPM server.
Cloudflare:
Here’s my detailed testing of large file uploads (Nextcloud AIO + Nginx Proxy + Proxmox ballooning + Ubuntu server):
So double-check your NPM host config — make sure you’re targeting the internal IP of your Nextcloud AIO server and port 11000 (or whatever port your Apache inside the mastercontainer is actually listening on).