Migration to Podman Quadlet - everything ok?

Hello all. I’ve migrated my manual installation of Nextcloud 31.0.4 from vServer A (nextcloud.mydomain.com) to a Podman quadlet on vServer B (test.mydomain.com). I use the docker.io/nextcloud:31 image (so it is running apache). So far, it looks very good.

I have a Caddy server running on the host, just doing

test.mydomain.com {
        reverse_proxy 127.0.0.1:8086
}

And I added my local network to trusted proxies:

'trusted_proxies' =>
  array (
    0 => '10.0.0.0/8',
  ),

With that, I see no error messages in the log and I could connect to my calendar via (desktop) Thunderbird and my Andoid Nextcloud app to the new instance.

But before I actually flip the switch, I want to check again that everything is configured correctly. For example, I saw that some people have this in their Caddyfile:

redir /.well-known/carddav /remote.php/dav 301
redir /.well-known/caldav /remote.php/dav 301

But I don’t need this, because I use the apache-image (not php-fpm), right?

And can I somehow check whether Nexcloud sees the real IP of my clients or only that of the proxy? Or is that not important at all?

Yes, it should be possible. If you run a container with rootless podman on a custom network and publish a port with the quadlet directive PublishPort= then the program in the container will not see the correct source IP address. This problem can be solved by using socket activation instead of using PublishPort=

I wrote a demo of how to run nextcloud with rootless Podman + nginx + socket activation:

But you could probably get it working by using caddy because caddy supports socket activation.
I wrote some examples (not related to nextcloud)

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.