Problems when using docker-compose with-nginx-proxy and mariadb and apache

Hi i tried to setup my docker-compose from this example
https://github.com/nextcloud/docker/tree/master/.examples/docker-compose/with-nginx-proxy/mariadb/apache

When i run this retrieving of the certificated failed. What i have done:

1. I clone the example
2. add in the db.env MYSQL_PASSWORD=mysupersecretpassword
3. editing in docker-compose.yml in the mariadb image section the MYSQL_ROOT_PASSWORD=mysupersecretrootpassword
4. in the nextcloud image section i edit the VIRTUAL_HOST and LETSENCRYPT_HOST to mydomainname.duckdns.org and put LETSENCRYPT_EMAIL to mymail@provider.org
5. editing the volume section to volumes:

db:
  driver_opts:
    type: none
    device: /sharedfolders/Docker/210829NextcloudDB
    o: bind
nextcloud:
  driver_opts:
    type: none
    device: /sharedfolders/Docker/210829Nextcloud/data
    o: bind
certs:
  driver_opts:
    type: none
    device: /sharedfolders/Docker/210829Nextcloud/proxy/certs
    o: bind
acme:
  driver_opts:
    type: none
    device: /sharedfolders/Docker/210829Nextcloud/proxy/acme
    o: bind
vhost.d:
  driver_opts:
    type: none
    device: /sharedfolders/Docker/210829Nextcloud/proxy/vhost.d
    o: bind
html:
  driver_opts:
    type: none
    device: /sharedfolders/Docker/210829Nextcloud/proxy/html
    o: bind

What is going wrond?
generation of the certificate failed with following log messages

[Sun Aug 29 09:00:18 UTC 2021] The domain key is here: /etc/acme.sh/mymail@provider.org/mydomainname.duckdns.org/mydomainname.duckdns.org.key
[Sun Aug 29 09:00:18 UTC 2021] Single domain='mydomainname.duckdns.org'
[Sun Aug 29 09:00:18 UTC 2021] Getting domain auth token for each domain
[Sun Aug 29 09:00:20 UTC 2021] Getting webroot for domain='mydomainname.duckdns.org'
[Sun Aug 29 09:00:20 UTC 2021] Verifying: mydomainname.duckdns.org
[Sun Aug 29 09:00:24 UTC 2021] mydomainname.duckdns.org:Verify error:No valid IP addresses found for mydomainname.duckdns.org

What i did to find to problem:
I can visit the http version of mydomainname… so the message seems to be not suitable because the ip is valid any other ideas what actually goes wrong? (and really seeing my nextcloud side and see in proxy log the access to the side).
If i visit the https version i get an 500 which fits to the generated default.conf i guess this would be updated when the certificate generation was successfully.

https part of the generated default.conf

server {                                              
        server_name mydomainname.duckdns.org;                          
        listen 443 ssl http2 ;                                                                     
        access_log /var/log/nginx/access.log vhost;                   
        return 500;                                                                                                                                                                
        ssl_certificate /etc/nginx/certs/default.crt;
        ssl_certificate_key /etc/nginx/certs/default.key;                                                                                                    
}   

has any one an idea what this invalid ip could cause? (since to problems of my provider i only have a ipv4 addresse not a ipv6)

Hi,
Not shure about this answer, but I think your website need to be accessible on port 80 when the verification is done. Not the all website need to be accessible, but at least, you have to have a redirect rule to the https.
See the certbot documentation , go to:

To use Certbot, you’ll need…

regards
vandman

hi thank you for this suggestion the http side is reachable via. IPv4 on port 80 (it gets redirected from my router settings.) so i can use mydomainname.duckdns.org:80 and i still reach my nextcloud site.

i found the problem the ipv4 Address is just a internal nat from my provider so i have no real external ip address to reach my server
How i tested it: Smartphone WiFi on site is reachable, WiFi off site isn’t reachable anymore.