Nextcloud AIO - podman (rootless) problem

Tschenkel · April 27, 2026, 4:03pm

The Basics

Nextcloud Server version (e.g., 29.x.x):
- 32.06
Operating system and version (e.g., Ubuntu 24.04):
- Almalinux 10.1
Web server and version (e.g, Apache 2.4.25):
- No idea how to figgure out
Reverse proxy and version _(e.g. nginx 1.27.2)
- nginx 1.26.3
PHP version (e.g, 8.3):
- No idea how to figgure out :/
Is this the first time you’ve seen this error? (Yes / No):
- Yes
When did this problem seem to first start?
- Today
Installation method (e.g. AlO, NCP, Bare Metal/Archive, etc.)
- AIO
Are you using CloudfIare, mod_security, or similar? (Yes / No)
- No

Summary of the issue you are facing:

So today I restarted my raspberry pi, where my nextcloud AIO is running. I have a “special“ scenario here, because I use podman (rootless) to host nextcloud AIO instead of docker.

Now after the reboot I get `502 Bad Gateway` from my nginx. I am not sure but I think its because there is no mastercontainer there:

[nextcloud@cpi /]$ podman ps -a
CONTAINER ID  IMAGE                                              COMMAND               CREATED      STATUS                       PORTS                               NAMES
57b33b00645e  ghcr.io/nextcloud-releases/aio-watchtower:latest                         2 weeks ago  Exited (0) 54 minutes ago                                        nextcloud-aio-watchtower
750cd7e75b87  ghcr.io/nextcloud-releases/aio-borgbackup:latest                         2 weeks ago  Exited (0) 51 minutes ago                                        nextcloud-aio-borgbackup
5eec6676d3d1  ghcr.io/nextcloud-releases/aio-notify-push:latest                        2 weeks ago  Exited (143) 50 minutes ago                                      nextcloud-aio-notify-push
8063e7a88fbf  ghcr.io/nextcloud-releases/aio-postgresql:latest                         2 weeks ago  Exited (1) 50 minutes ago    5432/tcp                            nextcloud-aio-database
84cb11077f22  ghcr.io/nextcloud-releases/aio-redis:latest                              2 weeks ago  Exited (0) 50 minutes ago    6379/tcp                            nextcloud-aio-redis
13ecb0a00f3a  ghcr.io/nextcloud-releases/aio-nextcloud:latest    /usr/bin/supervis...  2 weeks ago  Exited (0) 50 minutes ago    9000/tcp                            nextcloud-aio-nextcloud
3815cfd766f0  ghcr.io/nextcloud-releases/aio-apache:latest       /usr/bin/supervis...  2 weeks ago  Up 4 minutes (healthy)       127.0.0.1:11000->11000/tcp, 80/tcp  nextcloud-aio-apache

I am not quite sure if there should be a mastercontainer to see??

My mastercontainer should start automatically through this .container file:

[nextcloud@cpi /]$ cat ~/.config/containers/systemd/nextcloud-aio-mastercontainer.container
[Unit]
Description=Nextcloud AIO Master Container
Documentation=https://github.com/nextcloud/all-in-one/blob/main/docker-rootless.md
After=local-fs.target
Requires=podman.socket

[Container]
ContainerName=nextcloud-aio-mastercontainer
Image=docker.io/nextcloud/all-in-one:latest
AutoUpdate=registry
PublishPort=127.0.0.1:11001:8080
Volume=nextcloud_aio_mastercontainer:/mnt/docker-aio-config
Volume=/run/user/1002/podman/podman.sock:/var/run/docker.sock:ro,z
Network=bridge
SecurityLabelDisable=true

Environment=NEXTCLOUD_DATADIR="/media/raid1/nextcloud/"
Environment=APACHE_PORT=11000
Environment=APACHE_IP_BINDING=127.0.0.1
Environment=WATCHTOWER_DOCKER_SOCKET_PATH=/run/user/1002/podman/podman.sock
Environment=SKIP_DOMAIN_VALIDATION=true

[Install]
WantedBy=multi-user.target default.target

But it stays on fail, also when I restart it manually.

[nextcloud@cpi /]$ systemctl restart --user nextcloud-aio-mastercontainer.service 
[nextcloud@cpi /]$ systemctl status --user nextcloud-aio-mastercontainer.service 
× nextcloud-aio-mastercontainer.service - Nextcloud AIO Master Container
     Loaded: loaded (/home/nextcloud/.config/containers/systemd/nextcloud-aio-mastercontainer.container; generated)
     Active: failed (Result: exit-code) since Mon 2026-04-27 15:57:14 UTC; 7s ago
   Duration: 736ms
 Invocation: 9667508c633c4396b186c339e8e48153
       Docs: https://github.com/nextcloud/all-in-one/blob/main/docker-rootless.md
    Process: 11302 ExecStart=/usr/bin/podman run --name nextcloud-aio-mastercontainer --replace --rm --cgroups=split --network bridge --sdnotify=conmon -d --security-opt label=disable -v ne>
    Process: 11425 ExecStopPost=/usr/bin/podman rm -v -f -i nextcloud-aio-mastercontainer (code=exited, status=0/SUCCESS)
   Main PID: 11302 (code=exited, status=1/FAILURE)
        CPU: 568ms

This is what the journal says when I execute the restart command above.

[root@cpi ~]# journalctl -f
Apr 27 15:59:19 cpi.jp.home systemd[926]: Starting nextcloud-aio-mastercontainer.service - Nextcloud AIO Master Container...
Apr 27 15:59:19 cpi.jp.home kernel: podman0: port 1(veth1) entered blocking state
Apr 27 15:59:19 cpi.jp.home kernel: podman0: port 1(veth1) entered disabled state
Apr 27 15:59:19 cpi.jp.home kernel: veth1: entered allmulticast mode
Apr 27 15:59:19 cpi.jp.home kernel: veth1: entered promiscuous mode
Apr 27 15:59:19 cpi.jp.home kernel: podman0: port 1(veth1) entered blocking state
Apr 27 15:59:19 cpi.jp.home kernel: podman0: port 1(veth1) entered forwarding state
Apr 27 15:59:19 cpi.jp.home conmon[11807]: conmon 17e15b2a95107e1ec622 <nwarn>: Failed to add inotify watch for /sys/fs/cgroup/user.slice/user-1002.slice/user@1002.service/app.slice/nextcloud-aio-mastercontainer.service/libpod-payload-17e15b2a95107e1ec622f8729ded23ce4b802290141586087062e598b954c582/memory.events
Apr 27 15:59:19 cpi.jp.home systemd[926]: Started 17e15b2a95107e1ec622f8729ded23ce4b802290141586087062e598b954c582-4ee6bece61fe2eca.timer - [systemd-run] /usr/bin/podman healthcheck run 17e15b2a95107e1ec622f8729ded23ce4b802290141586087062e598b954c582.
Apr 27 15:59:19 cpi.jp.home systemd[926]: Started nextcloud-aio-mastercontainer.service - Nextcloud AIO Master Container.
Apr 27 15:59:19 cpi.jp.home nextcloud-aio-mastercontainer[11769]: 17e15b2a95107e1ec622f8729ded23ce4b802290141586087062e598b954c582
Apr 27 15:59:19 cpi.jp.home systemd[926]: Starting podman.service - Podman API Service...
Apr 27 15:59:19 cpi.jp.home systemd[926]: Started podman.service - Podman API Service.
Apr 27 15:59:19 cpi.jp.home conmon[11854]: conmon 17e15b2a95107e1ec622 <nwarn>: Failed to add inotify watch for /sys/fs/cgroup/user.slice/user-1002.slice/user@1002.service/app.slice/nextcloud-aio-mastercontainer.service/libpod-payload-17e15b2a95107e1ec622f8729ded23ce4b802290141586087062e598b954c582/memory.events
Apr 27 15:59:19 cpi.jp.home conmon[11854]: conmon 17e15b2a95107e1ec622 <nwarn>: Failed to open cgroups file: /sys/fs/cgroup/user.slice/user-1002.slice/user@1002.service/app.slice/nextcloud-aio-mastercontainer.service/libpod-payload-17e15b2a95107e1ec622f8729ded23ce4b802290141586087062e598b954c582/memory.events
Apr 27 15:59:19 cpi.jp.home podman[11850]: time="2026-04-27T15:59:19Z" level=info msg="/usr/bin/podman filtering at log level info"
Apr 27 15:59:19 cpi.jp.home podman[11850]: time="2026-04-27T15:59:19Z" level=info msg="Setting parallel job count to 13"
Apr 27 15:59:19 cpi.jp.home podman[11850]: time="2026-04-27T15:59:19Z" level=info msg="Using sqlite as database backend"
Apr 27 15:59:19 cpi.jp.home podman[11850]: time="2026-04-27T15:59:19Z" level=info msg="Using systemd socket activation to determine API endpoint"
Apr 27 15:59:19 cpi.jp.home podman[11850]: time="2026-04-27T15:59:19Z" level=info msg="API service listening on \"/run/user/1002/podman/podman.sock\". URI: \"unix:///run/user/1002/podman/podman.sock\""
Apr 27 15:59:19 cpi.jp.home podman[11816]: unhealthy
Apr 27 15:59:19 cpi.jp.home podman[11850]: @ - - [27/Apr/2026:15:59:19 +0000] "HEAD /_ping HTTP/1.1" 200 0 "" "Docker-Client/29.3.1 (linux)"
Apr 27 15:59:19 cpi.jp.home systemd[926]: 17e15b2a95107e1ec622f8729ded23ce4b802290141586087062e598b954c582-4ee6bece61fe2eca.service: Main process exited, code=exited, status=1/FAILURE
Apr 27 15:59:19 cpi.jp.home systemd[926]: 17e15b2a95107e1ec622f8729ded23ce4b802290141586087062e598b954c582-4ee6bece61fe2eca.service: Failed with result 'exit-code'.
Apr 27 15:59:19 cpi.jp.home podman[11850]: @ - - [27/Apr/2026:15:59:19 +0000] "GET /v1.41/info HTTP/1.1" 200 2487 "" "Docker-Client/29.3.1 (linux)"
Apr 27 15:59:19 cpi.jp.home podman[11850]: @ - - [27/Apr/2026:15:59:19 +0000] "HEAD /_ping HTTP/1.1" 200 0 "" "Docker-Client/29.3.1 (linux)"
Apr 27 15:59:19 cpi.jp.home podman[11850]: @ - - [27/Apr/2026:15:59:19 +0000] "GET /v1.41/version HTTP/1.1" 200 1029 "" "Docker-Client/29.3.1 (linux)"
Apr 27 15:59:19 cpi.jp.home conmon[11807]: conmon 17e15b2a95107e1ec622 <nwarn>: Failed to open cgroups file: /sys/fs/cgroup/user.slice/user-1002.slice/user@1002.service/app.slice/nextcloud-aio-mastercontainer.service/libpod-payload-17e15b2a95107e1ec622f8729ded23ce4b802290141586087062e598b954c582/memory.events
Apr 27 15:59:20 cpi.jp.home systemd[926]: Stopped 17e15b2a95107e1ec622f8729ded23ce4b802290141586087062e598b954c582-4ee6bece61fe2eca.timer - [systemd-run] /usr/bin/podman healthcheck run 17e15b2a95107e1ec622f8729ded23ce4b802290141586087062e598b954c582.
Apr 27 15:59:20 cpi.jp.home kernel: podman0: port 1(veth1) entered disabled state
Apr 27 15:59:20 cpi.jp.home kernel: veth1 (unregistering): left allmulticast mode
Apr 27 15:59:20 cpi.jp.home kernel: veth1 (unregistering): left promiscuous mode
Apr 27 15:59:20 cpi.jp.home kernel: podman0: port 1(veth1) entered disabled state
Apr 27 15:59:20 cpi.jp.home systemd[926]: nextcloud-aio-mastercontainer.service: Main process exited, code=exited, status=1/FAILURE
Apr 27 15:59:20 cpi.jp.home systemd[926]: nextcloud-aio-mastercontainer.service: Failed with result 'exit-code'.
Apr 27 15:59:24 cpi.jp.home podman[11850]: time="2026-04-27T15:59:24Z" level=info msg="Received shutdown.Stop(), terminating!" PID=11850
Apr 27 15:59:35 cpi.jp.home conmon[11958]: conmon 3815cfd766f08e089f26 <nwarn>: Failed to add inotify watch for /sys/fs/cgroup/user.slice/user-1002.slice/user@1002.service/user.slice/libpod-3815cfd766f08e089f26a028f1428d90ac6d6b2626eb21335cba20a8e4b03dbe.scope/container/memory.events
Apr 27 15:59:35 cpi.jp.home conmon[11958]: conmon 3815cfd766f08e089f26 <nwarn>: Failed to open cgroups file: /sys/fs/cgroup/user.slice/user-1002.slice/user@1002.service/user.slice/libpod-3815cfd766f08e089f26a028f1428d90ac6d6b2626eb21335cba20a8e4b03dbe.scope/container/memory.events
Apr 27 15:59:37 cpi.jp.home conmon[11976]: conmon 1e8977e8f1eaa222895f <nwarn>: Failed to add inotify watch for /sys/fs/cgroup/user.slice/user-1003.slice/user@1003.service/app.slice/immich-redis.service/libpod-payload-1e8977e8f1eaa222895fc0489dbd6a81561313ac3da3820a7d42de4922155ee9/memory.events
Apr 27 15:59:37 cpi.jp.home conmon[11976]: conmon 1e8977e8f1eaa222895f <nwarn>: Failed to open cgroups file: /sys/fs/cgroup/user.slice/user-1003.slice/user@1003.service/app.slice/immich-redis.service/libpod-payload-1e8977e8f1eaa222895fc0489dbd6a81561313ac3da3820a7d42de4922155ee9/memory.events
Apr 27 15:59:38 cpi.jp.home systemd[1]: systemd-hostnamed.service: Deactivated successfully.

I know, its not much.

I am confused that the mastercontainer (maybe) tries to start-up , fails, and then immediatly disappears so neatly that I can’t tell if it ever existed at all.

Every help would be much appreciated!!!

Tschenkel · May 1, 2026, 9:44am

Just want to share quickly how I proceeded with this.

So I made my experience with nextcloud AIO in podman and I learned a lot about NC. But I would not recommend it anyone who just wants a stable and running system.

I gave up with podman aio, since it wasnt even able to restore a backup (permission denied on .htaccess file). I installed docker and created a fresh nc aio container, restored my backup and now everything is fine again.

szaimen · May 3, 2026, 3:37pm

Hi, Podman is indeed not officially supported by AIO. See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance. · GitHub