Is there a docker-compose example somewhere that does NOT use letsencrypt? I’ve seen the question asked in a few search results, but doesn’t ever seem to be a decent answer - just hacking up of the LE solution.
Seems beyond strange to me that there’s not a ready-made example for those who have valid SSL certificates… unless I’m just missing it 
Can you post your compose? You absolutely don’t need LE certs — heck you could use self-signed if you wanted to. You usually just need to specify the name of the crt file, private key file and CA file and sometimes a dhparam file.
Well, I would if I could figure out how to put a code block in…
Edit: Got it I think.
services:
proxy:
image: jwilder/nginx-proxy:alpine
container_name: next-proxy
networks:
- next_network
ports:
- 80:80
- 443:443
volumes:
- /next/proxy/conf.d:/etc/nginx/conf.d:rw
- /next/proxy/vhost.d:/etc/nginx/vhost.d:rw
- /next/proxy/html:/usr/share/nginx/html:rw
- /next/proxy/certs:/etc/nginx/certs:ro
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/tmp/docker.sock:ro
restart: unless-stopped
db:
image: mariadb
container_name: next-mariadb
networks:
- next_network
volumes:
- db:/var/lib/mysql
- /etc/localtime:/etc/localtime:ro
environment:
- MYSQL_ROOT_PASSWORD=xxx
- MYSQL_PASSWORD=xxx
- MYSQL_DATABASE=xxx
- MYSQL_USER=xxx
restart: unless-stopped
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
app:
image: nextcloud
container_name: next-app
networks:
- next_network
depends_on:
- proxy
- db
volumes:
- next:/var/www/html
- /next/app/config:/var/www/html/config
- /next/app/custom_apps:/var/www/html/custom_apps
- /next/app/data:/var/www/html/data
- /next/app/themes:/var/www/html/themes
- /etc/localtime:/etc/localtime:ro
environment:
- VIRTUAL_HOST=n.xxx.info
- NEXTCLOUD_OVERWRITEPROTOCOL=https
- MYSQL_PASSWORD=xxx
- MYSQL_DATABASE=xxx
- MYSQL_USER=xxx
- MYSQL_HOST=db
restart: unless-stopped
volumes:
next:
db:
networks:
next_network:
You can configure a Docker-based web server in the same manner you would a normal one, and there are a few different ways to go about it. For example, you could use a folder-based volume to inject both your certificate and configuration into the container.
I personally run the Docker-based Nextcloud but with the proxy and LE running on the host instead of a container.
I’m already doing the mapping for certs.
- /next/proxy/certs:/etc/nginx/certs:ro
It even loads the right cert. Just gives me a 500 error on nginx and basically nothing to go on.
I guess I figured this would be common. I’m simply amazed there’s not an example configuration anywhere on how to accomplish this already.
you are missing that letsencrypt certs are also valid. 
back to the subject. imho you have to possibilities.
a) you examine the nc image. that is to say find the httpd conf in the image and replace it with a ssl enabled one. (if that’s possible. that means sslmod is not disabled.)
b) you use a plain vanilla nginx image to terminate the ssl connection and proxy to your nextcloud container.
but you don’t need to you use the jwilder/nginx-proxy image.
500 error means your backend is down. (database, php or redis.)
nginx is working.
I’m almost ready to look for another solution. The more I mess with this, the further I get from a working config.
weird – have you tried looking at either the nginx or nextcloud logs? What you want to do shouldn’t be so hard.
I did finally tinker with it enough to get it working. Probably missing a use case or two, but for now this seems to work.
upstream app {
server app:80;
}
server {
listen 443 ssl;
server_name n.example.com;
ssl_certificate /etc/nginx/certs/n.chain.crt;
ssl_certificate_key /etc/nginx/certs/n.key;
client_max_body_size 200M;
location / {
proxy_pass http://app;
proxy_redirect http:// $scheme://;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
}
}