Reflections on my failed journey for local LAN access of my AIO instance

I am running AIO v4.9.0 on Docker Windows. I access through a Cloudflare tunnel. I have been fine with this usage, but now want a speedier connection on my home desktop clients, and possibly my Android client. All of my attempts yesterday were unsuccessful. I can’t begin to think about NAT Reflection/ Split DNS/ etc. until I can actually access the Apache portal on the HOST using it’s own IP address.

  1. I have familiarized myself with the OCC commands, specifically that I need the preclude any command with:

    docker exec --user www-data <container-id>

  2. I have removed the overwritehost entry, but having a string or empty doesn’t change anything.

  3. I can’t have --env APACHE_IP_BINDING= or --env APACHE_IP_BINDING= because I won’t be able to access the AIO Login. The server will constantly timeout unless --env APACHE_IP_BINDING= is set.

  4. I have added to TRUSTED DOMAINS and to TRUSTED PROXIES, though I think TP is unnecssary. Even if it is added to TP I cannot access from Cloudflare with the HOST IP as URL; only if the URL is set to localhost in the Cloudflare config.

  5. I’m not sure if APACHE_DISABLE_REWRITE_IP=1 has any affect on this pursuit. Enabling or disabling it with any startup variation had no noticeable changes.

I had to go back to the basics at this point, so here is my startup script:

docker run ^
--sig-proxy=false ^
--name nextcloud-aio-mastercontainer ^
--restart always ^
--publish 8080:8080 ^
--env APACHE_PORT=11000 ^
--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config ^
--volume //var/run/docker.sock:/var/run/docker.sock:ro ^

What I learned NOT to do:

  1. Don’t edit the config.php file directly. It will break read/write permissions. I couldn’t get them fixed. Always use the OCC commands in an elevated CMD prompt.

  2. The config.php file to edit is in nextcloud-aio-nextcloud, NOT in nextcloud-aio-apache, even though they have the EXACT same config files.

  3. If you break the config/system, you can replace the .vhdx file, but it’s NOT easy. You have to stop all docker stuff, move drive to a different PC, add user/admin permissions, delete it, then copy over your clone .vhdx file. Start Docker back up.


  5. When you move the clone drive back, with the .vhdx copy, it will break Docker Credential Desktop. Stop Docker. Navigate to C:\Users\"user"\.docker\config.json and change credsStore to credStore. Reboot PC and it should be fine again.

  6. When removing the container to rebuild with new startup DON’T delete docker-aio-nextcloud. Only delete docker-aio-mastercontainer. You won’t get the first one back, it will break your instance, and you’ll have to do the clone trick again.

At this point I have exhausted all ideas. I’m not sure if this is possible. I CANNOT get the frontend to load on anything either than on the HOST at https://locolhost:11000 or through Cloudflare at I’d love to know what I am doing wrong. Can provide any details and test any other methods.


Hi, I have the exact same issue! Tried all your steps independently and I never got it working either. Did you ever find a fix for this, or did you use a different setup in the end?