I’m trying to setup the nextcloud AIO image on my server but I’m having issues with a few things. I attached my nextcloud compose and traefik config down below. I want to set them up for local access only so I read both of these guides on the repo (reverse-proxy and local-instance)
For my setup, I have traefik running in a different server (and the reverse proxy is working with proxmox and pihole). I have pihole running with records to point proxmox, pihole and nextcloud to my reverse proxy IP address.
The issues I get are:
- Domain validation fails on setup when I use “cloud.domain.com” (which I tried to circumvent by using skip_domain_validation)
- When skipping domain validation, I get 404 page not found when I go to cloud.domain.com. I can access cloud-ip:8080 and do the install containers but I cannot access nextcloud after that.
For traefik config.yml, not sure if cloud.loadBalancer.servers.url should be set to “https://cloud-ip:11000” or “https://cloud-ip:8080” or use http, but I tried all of them and non of them work.
I also check nc -z cloud-ip11000; echo $? from the reverse proxy and it returned 0. Output from mastercontainer logs below. https://your-domain-that-points-to-this-server.tld:8443 doesn’t work either
Here’s my apache container logs as well:
nextcloud compose.yml
services:
nextcloud-aio-mastercontainer:
image: nextcloud/all-in-one:latest
init: true
restart: always
container_name: nextcloud-aio-mastercontainer
volumes:
- nextcloud_aio_mastercontainer:/mnt/docker-aio-config
- /var/run/docker.sock:/var/run/docker.sock:ro
ports:
- 80:80
- 8080:8080
- 8443:8443
environment:
- APACHE_PORT=11000
- APACHE_IP_BINDING=0.0.0.0
# - NEXTCLOUD_DATADIR=/mnt/ncdata
# - NEXTCLOUD_MOUNT=/mnt/
- SKIP_DOMAIN_VALIDATION=true
volumes:
nextcloud_aio_mastercontainer:
name: nextcloud_aio_mastercontainer
traefik config.yml
http:
#region routers
routers:
pve:
entryPoints:
- "https"
rule: "Host(`pve.domain.com`)"
middlewares:
- default-headers
- https-redirectscheme
tls: {}
service: pve
pihole:
entryPoints:
- "https"
rule: "Host(`pihole.domain.com`)"
middlewares:
- redirectregex-pihole
- default-headers
- addprefix-pihole
- https-redirectscheme
tls: {}
service: pihole
cloud:
entryPoints:
- "https"
rule: "Host(`cloud.domain.com`)"
middlewares:
- https-redirectscheme
- cloud-secure-headers
tls: {}
service: cloud
#endregion
#region services
services:
pve:
loadBalancer:
servers:
- url: "https://proxmoxve-ip:8006"
passHostHeader: true
pihole:
loadBalancer:
servers:
- url: "http://pihole-ip:80"
passHostHeader: true
cloud:
loadBalancer:
servers:
- url: "https://cloud-ip:11000"
passHostHeader: true
#endregion
middlewares:
addprefix-pihole:
addPrefix:
prefix: "/admin"
https-redirectscheme:
redirectScheme:
scheme: https
permanent: true
redirectregex-pihole:
redirectRegex:
regex: /admin/$
replacement: /
cloud-secure-headers:
headers:
hostsProxyHeaders:
- "X-Forwarded-Host"
referrerPolicy: "same-origin"
customResponseHeaders:
X-Robots-Tag: "none"
default-headers:
headers:
frameDeny: true
browserXssFilter: true
contentTypeNosniff: true
forceSTSHeader: true
stsIncludeSubdomains: true
stsPreload: true
stsSeconds: 15552000
customFrameOptionsValue: SAMEORIGIN
customRequestHeaders:
X-Forwarded-Proto: https
default-whitelist:
ipWhiteList:
sourceRange:
# - "10.0.0.0/8"
- "192.168.0.0/16"
# - "172.16.0.0/12"
secured:
chain:
middlewares:
- default-whitelist
- default-headers