Nextcloud AIO with Nginx Proxy Manager

RjPiston · June 23, 2024, 4:56am

I know there are already a bunch of nginx proxy manager related questions but I’m pretty sure I’ve gone through all of them today and I’m still stumped.

I have my domain’s dns with Cloudflare and I have next.mydomain.com successfully pointing to my server’s public ip address.

I’ve managed to get the install partially done, and the only way I was able to get it was with the proxy host setup below. It won’t work with http, or localhost, or even with the 11000 apache port.

as of right now I can get it to show https://next.mydomain.com/containers and it starts up all the containers and then there is a ‘open your nextcloud’ button, I click on it and it just redirects back to the /containers page.

compose file:

services:
  nextcloud-aio-mastercontainer:
    image: nextcloud/all-in-one:latest
    container_name: nextcloud-aio-mastercontainer
    restart: always
    volumes:
      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /srv/storage/nextcloud/data:/mnt/ncdata
    environment:
      NEXTCLOUD_TRUSTED_DOMAINS: next.mydomain.com
      SKIP_DOMAIN_VALIDATION: true
      APACHE_PORT: 11000
      APACHE_IP_BINDING: 0.0.0.0
      NEXTCLOUD_DATADIR: /mnt/ncdata
      NC_TRUSTED_PROXIES: 172.25.0.4
      NEXTCLOUD_ADMIN_PASSWORD: SuperSecretPassword
      NEXTCLOUD_ADMIN_USER: username
      OVERWRITEHOST: next.mydomain.com
    ports:
      - 8080:8080

volumes:
  nextcloud_aio_mastercontainer:
    external: true

I’ve read top to bottom the following links already:

https://github.com/nextcloud/all-in-one/discussions/4240
https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#nginx-proxy-manager

I’ve used this as a reference:

github.com

nextcloud/all-in-one/blob/main/compose.yaml

services:
  nextcloud-aio-mastercontainer:
    image: nextcloud/all-in-one:latest
    init: true
    restart: always
    container_name: nextcloud-aio-mastercontainer # This line is not allowed to be changed as otherwise AIO will not work correctly
    volumes:
      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config # This line is not allowed to be changed as otherwise the built-in backup solution will not work
      - /var/run/docker.sock:/var/run/docker.sock:ro # May be changed on macOS, Windows or docker rootless. See the applicable documentation. If adjusting, don't forget to also set 'WATCHTOWER_DOCKER_SOCKET_PATH'!
    network_mode: bridge # add to the same network as docker run would do
    ports:
      - 80:80 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
      - 8080:8080
      - 8443:8443 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
    # environment: # Is needed when using any of the options below
      # AIO_DISABLE_BACKUP_SECTION: false # Setting this to true allows to hide the backup section in the AIO interface. See https://github.com/nextcloud/all-in-one#how-to-disable-the-backup-section
      # APACHE_PORT: 11000 # Is needed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
      # APACHE_IP_BINDING: 127.0.0.1 # Should be set when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) that is running on the same host. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
      # BORG_RETENTION_POLICY: --keep-within=7d --keep-weekly=4 --keep-monthly=6 # Allows to adjust borgs retention policy. See https://github.com/nextcloud/all-in-one#how-to-adjust-borgs-retention-policy
      # COLLABORA_SECCOMP_DISABLED: false # Setting this to true allows to disable Collabora's Seccomp feature. See https://github.com/nextcloud/all-in-one#how-to-disable-collaboras-seccomp-feature

This file has been truncated. show original

szaimen · June 23, 2024, 6:38am

Hi, can you follow all-in-one/reverse-proxy.md at main · nextcloud/all-in-one · GitHub?

RjPiston · June 23, 2024, 3:30pm

Ok i’ve done a full reset and followed the guide again. This is where I’m at.

this is my docker-compose.yml file that starts the master container, I’m able to load up https://ip.address.of.the.host:8080 and go through the initial setup of receiving my passphrase and logging in. it then redirects me to /containers where I can select the containers I want and it starts them all up successfully. I checked the logs and everything looks good.

services:
  nextcloud-aio-mastercontainer:
    image: nextcloud/all-in-one:latest
    container_name: nextcloud-aio-mastercontainer
    init: true
    restart: always
#    network_mode: host
    volumes:
      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /srv/storage/nextcloud/data:/mnt/ncdata
    environment:
      SKIP_DOMAIN_VALIDATION: true
      NEXTCLOUD_DATADIR: /srv/storage/nextcloud/data
      NEXTCLOUD_ADMIN_PASSWORD: ZmhV5cbvB3aPiK
      NEXTCLOUD_ADMIN_USER: santino
      APACHE_PORT: 11000
    ports:
      - 8080:8080

volumes:
  nextcloud_aio_mastercontainer:
    external: true

Now this is where I’m confused with the npm proxy setup. The guide says to use network_mode host. but if i do that then the mastercontainer tries to run on port 80 which obvsiouly conflicts, the only way for it to run on 8080 is to comment network_mode and add the ports: -8080:8080 manually.

Any combination of ip-address, “localhost”, “127.0.0.1” causes the redirect loop error in the browser when I go to https://next.mydomain.com

I’m not sure what i’ve missed

szaimen · June 23, 2024, 3:32pm

You need to run npm (and not the mastercontainer) in network_mode: host in order to make 127.0.0.1 work in your config

RjPiston · June 23, 2024, 3:45pm

but then how do i set the port to 81? if i enable network_mode: host, the ports i set are discarded and I cant access npm web ui

~/docker/nginx-proxy-manager$ docker-compose up -d
[+] Running 2/2
 ✔ Container nginx-proxy-manager-app-1                            Started                                                                                                                                                                               0.0s 
 ! app Published ports are discarded when using host network mode

this is my npm compose:

services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: always
    ports:
#      - '80:80'
      - '81:81'
#      - '443:443'
    environment:
      DB_MYSQL_HOST: "localhost"            # Use the service name of your existing MySQL container
      DB_MYSQL_PORT: 3306
      DB_MYSQL_USER: "npm"
      DB_MYSQL_PASSWORD: "PASSWORD"
      DB_MYSQL_NAME: "npm"
    volumes:
      - /srv/storage/npm/data:/data
      - /srv/storage/npm/letsencrypt:/etc/letsencrypt
    network_mode: host

RjPiston · June 23, 2024, 4:01pm

Ok I had to open port 81 on the server. I’ve now got access back to npm web ui.

but I’m still getting the redirect loop error when i go to next.mydomain.com

RjPiston · June 23, 2024, 4:02pm

ok i think I got it working! I had to remove the “force_ssl” flag, presumably because Im using cloudlare.

thank you so much for the network_mode: host on npm!

system · September 23, 2024, 1:28pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.