Issues with apache reverse proxy using the docker AIO image

Nextcloud version (eg, 20.0.5): latest
Operating system and version (eg, Ubuntu 20.04): Ubuntu 22.04
Apache or nginx version (eg, Apache 2.4.25): 2.4.52
PHP version (eg, 7.4): 8.1.2

I have the docker AIO image deployed with the following compose file:

    image: nextcloud/all-in-one:latest
    restart: always
    container_name: nextcloud-aio-mastercontainer
      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - 8081:8080
      - APACHE_PORT=11000 
      - NEXTCLOUD_DATADIR=/mnt/hdd/data
    name: nextcloud_aio_mastercontaine

And virtual host configuration:

<VirtualHost *:80>

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    RewriteCond %{SERVER_NAME}
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

<VirtualHost *:443>

    RewriteEngine On
    ProxyPreserveHost On
    AllowEncodedSlashes NoDecode
    ProxyPass / http://localhost:11000/ nocanon
    ProxyPassReverse / http://localhost:11000/
    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteCond %{HTTP:Connection} upgrade [NC]
    RewriteCond %{THE_REQUEST} "^[a-zA-Z]+ /(.*) HTTP/\d+(\.\d+)?$"
    RewriteRule .? "ws://localhost:11000/%1" [P,L]

    Protocols h2 h2c http/1.1
    H2WindowSize 5242880

    SSLEngine on
    Include /etc/letsencrypt/options-ssl-apache.conf
    SSLCertificateFile /etc/letsencrypt/live/
    SSLCertificateKeyFile /etc/letsencrypt/live/

    # Disable HTTP TRACE method.
    TraceEnable off
    <Files ".ht*">
        Require all denied

    # Support big file uploads
    LimitRequestBody 0

Which are both basically copies form the official AIO Github page.

Nextcloud is accessible if I connect to the server through it’s local ip and port 8081, but when trying to access it through the domain all I get is the default apache “it works” landing page. I’ve been toying with both of these files for hours trying to change different things but nothing has worked yet.

This requires more info.

Have you setup your own Apache Reverse Proxy outside of the container?

Yeah my bad, Apache is not running in a docker container.


Client browser → Apache reverse Proxy → Container ?

Yes. And if it’s any help I’m currently using Apache as a reverse proxy for other things so the problem I would assume is with the configuration files listed above or maybe some configuration I missed.

Container is setup to listen to (bind) on ports 8080 and 8081 on the Docker engine host.

The reverse proxy needs to proxy to the host machine (if on same machine as the container, you can use localhost) on the correct port.

When hitting the container, then apache inside that container, needs to listen on that interface.

Container binds on port 8081 on host machine:

client browser (default HTTPS port 443) → Apache Reverse Proxy (listening to 443) → proxy HTTP 11000 on host machine. Is the container recieving 11000 (is it bound to 11000)? Localhost is the host itself, so Apache on the host machine - not the container - recieves the proxy request, hence the answer comes from the reverse proxy itself.

Hi @hexte can you follow

1 Like

The Nextcloud container itself is bound to port 8081 externally and it maps to 8080 inside the container but from how it’s documented in the example compose file (atleast how i understood it) is that the port declared with the environment variable “APACHE_PORT” should be the one the proxy points to, in the examples that is 11000 and i just stuck with it.

I did also try setting up the reverse proxy to point to localhost:8081 in which case two things would happen, either I would get error 500 or it saying that I’m trying to access an HTTPS only service with an HTTP request.

I did go over it before, and now again, sadly it did not help.

Did you already enter your domain in the AIO interface?

The only thing I did is save the password nothing else. Though going through the documentation again right now I see where I messed up in relation to @Kerasit 's explanation above.

So what do you see in the AIO interface currently? Can you maybe post a screenshot?

The page for creating a new AIO/restoring an existing AIO instance.

All right. Then you missed step 4:

If i try that it gives me an error “Domain does not point to this server or the reverse proxy is not configured correctly.” Thats why I did not do it yet.

Then see GitHub - nextcloud/all-in-one: Nextcloud AIO stands for Nextcloud All-in-One and provides easy deployment and maintenance with most features included in this one Nextcloud instance.

Ok I did this now, however the issue remains. Now that it’s set up i would assume it would be accessible on port 80/443 if trying to connect locally?

See GitHub - nextcloud/all-in-one: Nextcloud AIO stands for Nextcloud All-in-One and provides easy deployment and maintenance with most features included in this one Nextcloud instance.

This doesn’t really help since I still only get the default apache page when trying to access it.

Whatt happens if you open