I am experiencing a very weird behavior when trying to configure Nextcloud to work behind a Nginx reverse proxy managed with Nginx Proxy Manager (probably due to my lack of knowledge on how RP interact with services).
I have a Docked based setup: both Nextcloud (NC) and Nginx Proxy Manager (NPM) are running in containers.
NC and NPM share the same bridged network, so they should be able to talk.
Everything is installed in a Synology NAS (this might not be relevant but something weird is happening with a redirection that might be due to Synology having its own Nginx running).
Finally, I also have a VM in the Synology NAS running Diet-Pi with Pi-Hole, Unbound and Wireguard running on it. My network is configured to use this server for DNS and I have a local DNS entry pointing (mydomain.com) to the Synology NAS IP (192.168.0.100).
DNS resolution and VPN is working properly, so I assume the VM is properly configured.
IN NPM I have several servers configured, including cops for ebooks management and Home Assistant. Both of them are being served from subdomains (cops.mydomain.com and ha.mydomain.com) without issues (in the case of HA I had to modify the config.yml file to make HA aware of being behind a reverse proxy). HTTPS is being served on a non standard port (4443) because Synology’s Nginx manages ports 443 and 80 and I did not want to mess with its config files as they are recreated every update and/or reboot.
However, I have been unable to make NC to work under a similar configuration. If I just configure the RP to point to NC’s IP, I get to connect (so NPM and NC are talking) but I get an error about “untrusted domain”. If I then update NC’s config.php to include nextcloud.mydomain.com as a trusted domain (along with the IP that was already configured) I can not longer connect to NC: I do not even see the error page of “trusted domains” but, instead, and this is they weird thing, it redirects to port 443 (managed by Synology). Then it of course complains about the certificate because it is the self-signed Synology certificate which is being sent.
This is pretty weird and I do not have a clue of what I might being done wrong.
I might have also missed something in my post as this is a somehow complicated setup, so feel free to ask any details that is not included in my description.
Any help is appreciated.