Nextcloud and Caddy

ComradDart · January 21, 2024, 8:50am

Hello, I want my nextcloud to be available only via LAN or VPN. So, I’ve installed nextcloud aio and caddy via docker compose:

version: "3.8"

services:
  caddy:
    image: caddy:alpine
    restart: unless-stopped
    container_name: caddy
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile
      - ./certs:/certs
      - ./config:/config
      - ./data:/data
      - ./sites:/srv
    network_mode: "host"

  nextcloud:
    image: nextcloud/all-in-one:latest
    restart: unless-stopped
    container_name: nextcloud-aio-mastercontainer
    ports:
      - "8080:8080"
    environment:
      - APACHE_PORT=11000
      - NEXTCLOUD_DATADIR=/mnt/nas 
      - NEXTCLOUD_MOUNT=/mnt/
      - SKIP_DOMAIN_VALIDATION=true
    volumes:
      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
      - /var/run/docker.sock:/var/run/docker.sock:ro
    depends_on:
      - caddy

volumes:
  nextcloud_aio_mastercontainer:
    name: nextcloud_aio_mastercontainer

And here is my caddy file:

myname.ddns.net:443 {
    reverse_proxy localhost:11000
}

I’ve opened port 80 on my router and always get a cert error, so I had to open 443 too. The main problem is that I can access my nextcloud from the Internet, but I want it to be accessible only from LAN. I’ve read a million of times reverse-proxy and local-instance manuals and it didn’t help me to solve the problem

szaimen · January 21, 2024, 8:59am

Hi, see https://github.com/nextcloud/all-in-one/blob/main/local-instance.md

ComradDart · January 21, 2024, 9:01am

Sry, but I’ve read it really, I got it to work, but I can’t get why I have access from internet. If I close port 443 on my router I got SSL error

ComradDart · January 21, 2024, 9:44am

I’ve added - APACHE_IP_BINDING=127.0.0.1 to docker-compose, but still got access from the Internet

szaimen · January 21, 2024, 4:46pm

This will be further answered in Nextcloud and Caddy · nextcloud/all-in-one · Discussion #4091 · GitHub