Nextcloud won't get client IP behind Caddy reverse proxy


I’m running both Nextcloud and Caddy with their official Docker images.

Nextcloud docker-compose.yml
    external: true

    image: nextcloud
    container_name: nextcloud
      - db
      - MYSQL_HOST=db
      - TRUSTED_PROXIES=caddy
      - ./db-creds.env
      - proxy
      - ./app:/var/www/html

Nextcloud and Caddy are both inside the the proxy-network, so ports 80/443 are only exposed to the host on Caddys side.
The Caddyfile for Nextcloud looks like this: {
    reverse_proxy nextcloud:80

    header Strict-Transport-Security max-age=31536000;
    redir /.well-known/carddav /remote.php/carddav 301
    redir /.well-known/caldav /remote.php/caldav 301


Nextcloud doesn’t get the real origin of the client requests but only sees the reverse proxys IP (

nextcloud | - - [23/Apr/2023:07:51:32 +0000] "GET /login HTTP/1.1"
nextcloud | - - [23/Apr/2023:07:51:32 +0000] "GET /dist/core-files_fileinfo.js?v=232911c0-0 HTTP/1.1"
nextcloud | - - [23/Apr/2023:07:51:32 +0000] "GET /apps/theming/js/theming.js?v=232911c0-0 HTTP/1.1"

When I just swap Caddy for i.e. NGINX Reverse Proxy Manager, Nextcloud suddenly starts getting the public IP of the requesting client.
This makes me think the issue is on Caddys side?

header_up Host {remote}
header_up X-Real-IP {remote}
header_up -X-Forwarded-For
header_up X-Forwarded-Port {server_port}
header_up X-Forwarded-Proto {scheme}

As far as I get it, you need to add some sort of those directives to Caddyfile however I’ve tried them all in different combinations and had no success so far.

I found this article Howto get real IP but couldn’t find out a working solution from it.

You posted in the wrong cattegory “Installation” instead of “Support, sub-cattegory Appliances (Docker, Snappy, VM, NCP, AIO)

Yes, I’m using a dockerized setup, but the issue has nothing to do with it.
Native Nextcloud behind native Caddy reverse proxy has the same issue.

PS: Changed category @ernolf.
Any suggestions regarding that issue?

please take a look at this Wiki: Apache Docker behind reverse proxy