Nextcloud AIO behind pangolin has performance issues

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP, AIO)
, , , , , ,
1

In the last few weeks I moved my Nextcloud AIO from Strato to my home lab and use Pangolin GitHub - fosrl/pangolin: Tunneled Mesh Reverse Proxy Server with Identity and Access Control and Dashboard UI as reverse proxy tunnel solution.

So far so good. It looks like everything is working, but I have a strange problem.
As soon as I try to open a larger PDF (greater 1.75 MB) the download hangs around 30 seconds and then continues for the next 1.75 MB. So opening/downloading a large file is very annoying.
Everything else is working. Office, Talk, Calendar and so on.

I did a lot of experiments and research to find a solution for the problem. At the end I think I start here, because it is only the combination Nextcloud AIO and Pangolin that has the problem.
I did not try cloudflare tunnel, because this would mean to change my DNS for my domain entries so drastic that other stuff would not work any more. I do not have only a Nextcloud behind Pangolin.

I tried all Nexcloud AIO performance articles I could find, but nothing helped.

My setup:

  1. Proxmox 8.3 VM for Nextcloud. (16GB, 8 cores on an AMD EPYC 7413)
    Ubuntu 24.04 LTS, latest updates. No SELinux, no firewall. Minimal OS only docker and nothing else.

  2. Newt (Wireguard endpoint for Pangolin) (docker on Synology RS 1221+)

  3. Router ipFire (Core 192) VM on same Proxmox

  4. ISP Telekom DSL 100/50

  5. Pangolin (Starto KVM 8GB, 4 cores)
    Ubuntu 24.04 LTS latest updates. SELinux, Firewall, Crowdsec.
    Pangolin uses Treafik as proxy.

I tried running Newt on LXC/VM with an without docker. Always the same problem.

I installed several time a second Nextcloud to experiment.

  • NC AIO directly on the Strato machine. (no problem)
  • NC AIO directly on the Strato machine behind Pangolin (no problem)
  • NC AIO directly accessed through router by opening the ports (no problem)
  • NC by Carsten Rieger installation behind Pangolin (no problem)

I tried to change the MTU of docker/machine to the MTU of Newt (1280) but that does not help.

Also none of the container show any type of error during download of the files. Looks like their is no problem.

I also installed other files share software to see if the size of the files is the problem. But they all work perfectly. Their is something strange in the combination of Newt and NC AIO. Why is their this wired size of 1.75 MB?

So to start somewhere I open this request for help. May be it is something in Pangolin/Newt that cause the problem, or it is something in NC AIO that is wrongly configured.
I will open a request for Help in github from Pangolin if I find no solution here.

Maybe someone has an Idea. Any help or Idea is appreciated.

Regards

2

Hello. I’m afraid can’t help you, but I have a question - how did you get AIO working behind pangolin? I am finding that the AIO installer can’t pass the domain check, even though I’m already running it from the domain that I’m trying to point the installer to. I commented out the 8443 and 80 ports on the docker compose, and had to change the published docker port of 8080 because there’s already something at 8080, (ie, 8085:8080).

Pangolin points the nextcloud domain to this new port and the installer loads from this domain. Is there some additional config that needs to happen for nextcloud to “find itself” through pangolin? If I skip the domain check everything installs fine, apache, db and nextcloud can all communicate, but when it comes to launching nextcloud from the aio installer, the it won’t load, and the nextcloud log displays

‘2025-05-18T08:31:46.187454050Z ✓ Fetched /hosting/discovery endpoint
2025-05-18T08:31:46.187717620Z Failed to fetch discovery endpoint from [nextcloud.mydomain.com]

I’m curious to know which port you’re pointing pangolin at, and if you had to do anything special to get this to work?