Issue with domain verification during Nextcloud AIO setup in Docker

Hi,

I’m currently setting up the Nextcloud AIO using Docker, but I’m running into some issues. I’m stuck at the step where I need to enter my domain — I get a port 443 error.

Let me explain my current setup:

I have a firewall (i have the poort 443 end 8080 Open only voor mijn nexcloud Container) with a home server behind it, running Ubuntu 24.04 and Docker. The server has three network interfaces. I’ve attached a Docker container to the physical network interface using the following command:

docker network create -d macvlan -o parent=eth3 --subnet=e.f.g.0/24 --gateway=e.f.g.254 eth3
I did this because I want the container to be directly accessible on my physical network. I’m also planning to create an additional isolated network on the same Docker host for a second Nextcloud instance for a friend.

So currently, I have:

My home network (192.168.3.X) – used as a management network

My personal Nextcloud environment (192.168.2.X) – domain: domain2.nl

My friend’s Nextcloud environment (192.168.1.X) – domain: domain.nl

The reason for this setup is that I already host several self-hosted applications on my home network, including a mail server that uses port 443. To avoid conflicts, I decided to use separate networks for each Nextcloud instance los form my managent network because for now i only want to now of this is possible and i do not want to change my other applicaties.

And I’ve successfully reached the initial setup page of Nextcloud AIO. However, the problem seems to be that during domain verification, Nextcloud automatically creates an container to check the domain but it makes a new network for this on in bridge. That container ends up on my home network, where port 443 is already in use by my a other application. As a result, the domain verification container cannot access the internet properly.

Even when I try to define the network explicitly in the Docker Compose file for the domain verification container, it seems to revert back to the default settings or replace the container i am not fully sure.

Does anyone know how to resolve this issue or force the domain verification container to use a custom macvlan network instead of the new bridge network?

Thanks in advance for your help!

I want to show you a relatively easy approach to address the issues you’ve run into.

With NGINX Proxy Manager (NPM), you can host virtually any domain or subdomain within your LAN, as long as the devices share the same IP address range, and without needing to create any special new network ranges or VLANs.
You also don’t have to modify your external network setup—everything stays simple inside your local infrastructure.

My setup:
I personally run 5 virtual machines (VMs) on Proxmox at home, hosting a wide range of self-hosted services in Docker, including Nextcloud AIO, Paperless-ngx, Rocket.Chat, Mattermost, MeshCentral, and more. Everything is routed through NGINX Proxy Manager, and it all works flawlessly.

Proof that NGINX Proxy Manager handles large Nextcloud file syncs well:
→ My forum post: Testing large file synchronization (23.7 GB) with Nextcloud AIO and NGINX Proxy Manager

Additional benefits of using NGINX Proxy Manager:

• Easy SSL certificate management via Let’s Encrypt (including wildcard support)
• Automatic certificate renewal
• Simple web UI for managing all domains, subdomains, ports, and rules
• Supports IP allow/block lists, HTTP authentication, and rate limiting
• Fully Dockerized – easy to back up, migrate, or restart

NGINX Proxy Manager is an excellent solution for anyone running multiple self-hosted services and looking for a clean, centralized way to manage access within their LAN or from the internet.

alright thanks i will try this tomorrow. thanks for your quick reply.