Persistent DNS Resolution Error in Nextcloud Docker after restart

Hello all,
Apologies if this question has been asked before, but I couldn’t find a topic that was comparable on the forum.
I’m new with Nextcloud; I setup a docker stack in my virtual machine (as a staging step before using a raspberry pi).
My Docker stack consists of the following services:

• db: PostgreSQL (official image Debian 15.13-1.pgdg120+1)
• cloud: Nextcloud (official image v31.0.6.2)
• redis: Redis (official image v8.0.2)
• traefik: Traefik (official image v2.11.25)

I was able to pass Nextcloud’s initial settings when I first started the stack (I used “php occ” to modify trusted_domains and overwrite.cli.url in config.php within the container). Initially, everything worked smoothly. I logged in as an administrator, I created a user, and successfully tested user access via both the Android app and a browser..

After a restart, Nextcloud stopped working, displaying the following error in the logs (which reappears after every restart):
"Doctrine\DBAL\Exception: Failed to connect to the database: An exception occurred in the driver: SQLSTATE[08006] [7] could not translate host name "db" to address: Temporary failure in name resolution"

I believe it is not a docker networking issue because when I used nicolaka/netshoot (a container with all net tools) to examine the stack network, db was correctly resolved.

I flushed all volumes of all services, and restarted from scratch, Nextcloud started correctly and initial configuration passed correctly until the next restart, where Nextcloud stops working and raises the same error.

Is this a known bug or a common misconfiguration? If you have any insights, I’d appreciate your help. I’m happy to provide necessary files if needed.

Defcongamer

Hello @defcongamer,
welcome to the community of Nextcloud

You started a topic in support category. Unfortunately you ignored the template and a lot of information to help you is missing. Please edit your original post and add all required details like Nextcloud version, webserver type and version, os version, related log file content. Use the support template.

Without additional information the community members cannot help you.

Regards,
wwe

there is no general known issue - it works well for me since ages - likely you config is wrong.

Hello wwe,

My apologies for my mistake about the template! I thought it is a simple reminder not a mandatory template to follow.

I expected an error in the configuration, but I spend a whole day searching without success.

here are the versions used:

• OS: Ubuntu 24.04 LTS
• Nextcloud: 31.0.6.2
• PostgreSQL: Debian 15.13-1.pgdg120+1
• Redis: 8.0.2
• Traefik: 2.11.25

I was unable to upload config files, so here they are:

• config.php:

<?php
$CONFIG = array (
  'passwordsalt' => '[HIDDEN]',
  'secret' => '[HIDDEN]',
  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 => '[HIDDEN]',
    2 => '[HIDDEN]',
  ),
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'pgsql',
  'version' => '31.0.6.2',
  'overwrite.cli.url' => 'http://[HIDDEN]',
  'dbname' => 'nextcloud',
  'dbhost' => 'db',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'oc_admin',
  'dbpassword' => '[HIDDEN]',
  'installed' => true,
'instanceid' => 'och5ypffp9qc',
'memcache.local' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' => array(
   'host' => 'redis',
   'port' => 6379,
   'password' => trim(file_get_contents('/run/secrets/redis_password')),
   'timeout' => 0.0,
),
  'overwriteprotocol' => 'https',
);

• Network declaration:

docker network create --driver overlay --internal --subnet 172.20.0.0/16 next_internal
docker network create --driver overlay --subnet 172.10.0.0/16 next_external

• The Stack file:

services:
  db:
    image: postgres:15
    environment:
      POSTGRES_USER: nextcloud_dbuser
      POSTGRES_PASSWORD_FILE: /run/secrets/db_pass
      POSTGRES_DB: nextcloud
    volumes:
      - /opt/nextcloud/db:/var/lib/postgresql/data
    networks:
      - next_internal
    healthcheck:
      test: ["CMD-SHELL","pg_isready -U nextcloud_dbuser -d nextcloud"]
      interval: 10s
      timeout: 5s
      retries: 5
    secrets:
      - source: db_pass
        target: db_pass
    deploy:
      restart_policy:
        condition: any
        delay: 5s
        max_attempts: 3
      labels:
        - "traefik.enable=false"
  cloud:
    image: nextcloud:31
    depends_on:
      - db
      - redis
    environment:
      - PHP_MEMORY_LIMIT=1024M
      - PHP_UPLOAD_LIMIT=10G
      - APACHE_DISABLE_REWRITE_IP=1
      - APACHE_REMOTEIP_HEADER=X-Forwarded-For
      - TRUSTED_PROXIES=traefik
      - APACHE_SERVER_NAME=[HIDDEN]
      - APACHE_REMOTEIP_INTERNAL_PROXY=172.20.0.0/24
      - NEXTCLOUD_ADMIN_USER=admin
      - NEXTCLOUD_ADMIN_PASSWORD_FILE=/run/secrets/nextcloud_admin_pass
      - NEXTCLOUD_DATA_DIR=/var/www/html/data
      - POSTGRES_HOST=db
      - POSTGRES_USER=nextcloud_dbuser
      - POSTGRES_PASSWORD_FILE=/run/secrets/db_pass
      - POSTGRES_DB=nextcloud
    volumes:
      - /opt/nextcloud/nextcloud/data:/var/www/html/data
      - /opt/nextcloud/nextcloud/config:/var/www/html/config
      - /opt/nextcloud/nextcloud/apps:/var/www/html/apps
      - /opt/nextcloud/nextcloud/log:/var/log/nextcloud
    networks:
      - next_internal
    secrets:
      - source: db_pass
        target: db_pass
      - source: nextcloud_admin_pass
        target: nextcloud_admin_pass
      - source: redis_password
        target: redis_password
    deploy:
      restart_policy:
        condition: on-failure
        delay: 20s
        max_attempts: 3
      labels:
        - "traefik.enable=true"
        - "traefik.http.routers.nextcloud.rule=Host(`[HIDDEN]`)"
        - "traefik.http.routers.nextcloud.entrypoints=websecure"
        - "traefik.http.services.nextcloud.loadbalancer.server.port=80"
        - "traefik.http.routers.nextcloud.tls=true"
        - "traefik.http.routers.nextcloud.tls.certresolver=le"
        - "traefik.http.middlewares.nextcloud-https.headers.sslredirect=true"
  redis:
    image: redis:alpine
    command: >
      sh -c "redis-server --requirepass $$(cat /run/secrets/redis_password)"
    volumes:
      - /opt/nextcloud/redis/data:/data
    secrets:
      - source: redis_password
        target: redis_password
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
      labels:
        - "traefik.enable=false"
    networks:
      - next_internal
  traefik:
    image: traefik:v2.11
    deploy:
      restart_policy:
        condition: any
        delay: 5s
        max_attempts: 5
      labels:
        - "traefik.http.middlewares.lan-whitelist.ipwhitelist.sourcerange=192.168.1.0/24, 127.0.0.1/32"
        - "traefik.http.routers.traefik.rule=Host(`[HIDDEN]`)"
        - "traefik.http.routers.traefik.service=api@internal"
        - "traefik.http.routers.traefik.entrypoints=web"
        - "traefik.http.routers.traefik.middlewares=lan-whitelist"
        - "traefik.http.services.traefik.loadbalancer.server.port=8080"
    ports:
      - target: 80
        published: 80
        protocol: tcp
        mode: host
      - target: 443
        published: 443
        protocol: tcp
        mode: host
      - target: 8080
        published: 8080
        protocol: tcp
        mode: host
    command:
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--providers.docker=true"
      - "--providers.docker.swarmMode=true"
      - "--providers.docker.exposedbydefault=false"
      - "--certificatesresolvers.le.acme.dnschallenge=true"
      - "--certificatesresolvers.le.acme.dnschallenge.provider=cloudflare"
      - "--certificatesresolvers.le.acme.httpchallenge.entrypoint=web"
      - "--certificatesresolvers.le.acme.email=[HIDDEN]"
      - "--certificatesresolvers.le.acme.storage=/traefik/acme.json"
    environment:
      - CLOUDFLARE_API_EMAIL=[HIDDEN]
      - CLOUDFLARE_DNS_API_TOKEN_FILE=/run/secrets/cloudflare_challenge_dns
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /opt/nextcloud/traefik/traefik.yml:/etc/traefik/traefik.yml
      - /opt/nextcloud/traefik/acme.json:/etc/traefik/acme.json
    networks:
      - next_internal
      - next_external
    secrets:
      - source: cloudflare_challenge_dns
        target: cloudflare_challenge_dns


networks:
  next_internal:
    external: true
  next_external:
    external: true

secrets:
  db_pass:
    external: true
  nextcloud_admin_pass:
    external: true
  redis_password:
    external: true
  cloudflare_challenge_dns:
    external: true

Thank you in advance for your help.