Nextcloud behind reverse-proxy: Connection refused

I recently switched from nextcloudpi to plain nextcloud. I can access nextcloud instance from localhost, login and access the data.

Problem: I cannot access the instance via reverse proxy.

The configuration of the reverse proxy is almost the same as before. Other instances referred but reverse-proxy are working fine.
Here is the error I see in the logs of reverse-proxy:

2023/03/28 17:30:17 [warn] 23#23: *138 a client request body is buffered to a temporary file /var/cache/nginx/client_temp/0000000015, client: 79.244.33.204, server: *censored*.de, request: "POST /index.php/apps/phonetrack/logPostMultiple/ae8a077fdec82cf9d59e8473ba75ab96/Pixel2 HTTP/1.1", host: "censored.de"
2023/03/28 17:30:17 [error] 23#23: *138 connect() failed (111: Connection refused) while connecting to upstream, client: 79.244.33.204, server: censored.de, request: "POST /index.php/apps/phonetrack/logPostMultiple/ae8a077fdec82cf9d59e8473ba75ab96/Pixel2 HTTP/1.1", upstream: "https://172.18.0.6:443/index.php/apps/phonetrack/logPostMultiple/ae8a077fdec82cf9d59e8473ba75ab96/Pixel2", host: "censored"

The config of nextcloud is a bit different as before:

<?php
$CONFIG = array (
  'passwordsalt' => '*censored*',
  'secret' => '*censored*',
  'trusted_domains' =>
  array (
    0 => 'localhost',
    5 => 'nextcloudpi.local',
    7 => 'nextcloudpi',
    8 => 'nextcloudpi.lan',
    1 => '172.18.0.6',
    6 => '192.168.103.44',
    20 => *censored*',
    12 => '*censored*',
    21 => '*censored*',
    22 => '192.168.103.44',
    11 => '79.244.33.204',
    3 => 'dbe5e509ecaf',
    14 => 'dbe5e509ecaf',
    '' => '01f946771284',
15 => '79.244.33.204',
  ),
 'dbtype' => 'mysql',
  'version' => '25.0.3.2',
  'overwrite.cli.url' => 'https://dbe5e509ecaf/',
  'dbname' => 'nextcloud',
  'dbhost' => 'nc_mariadb',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => '*censored*',
  'dbpassword' => '*censored*',
  'installed' => true,
  'instanceid' => 'oc7g2bq3dse1',



 'trusted_proxies' =>
  array (
    0 => '192.168.103.44',
    2 => '127.0.0.1',
    1 => 'localhost',
    11 => '127.0.0.1',
    12 => '::1',
    13 => 'dbe5e509ecaf',
    14 => '172.18.0.6',
15 =>'79.244.33.204',

),

);

So, your reverse proxy is connecting to your backend NC server via a public IP address? Maybe you should give more detail about your setup because that’s highly unusual.

Thats indeed strange.

The setup consists of three docker container:
mariadb
nextcloud
reverse-proxy

Of course, I have some more docker container, but thats the relevant part here. So all on the same physical machine in my living room. The reverse proxy connects via http to the nextcloud docker container. The reverse proxy is responsible for the ssl certificates.

This line suggests that your reverse proxy is trying to connect to the Nextcloud instance on port 443 (HTTPS), not 80 (HTTP): upstream: "https://172.18.0.6:443/index.php/apps/phonetrack/logPostMultiple/ae8a077fdec82cf9d59e8473ba75ab96/Pixel2"