Ubuntu 24.04 + Nextcloud

ℹ️ Support
21

Hello,

On the official Github, there is this compose.yaml file, which has some important things like the DATA directory “/data” in the root of Ubuntu.

=============
services:
nextcloud-aio-mastercontainer:
image: Package all-in-one · GitHub # This is the container image used. You can switch to ghcr.io/nextcloud-releases/all-in-one:beta if you want to help testing new releases. See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.
init: true # This setting makes sure that signals from main process inside the container are correctly forwarded to children. See Services | Docker Docs
restart: always # This makes sure that the container starts always together with the host OS. See Services | Docker Docs
container_name: nextcloud-aio-mastercontainer # This line is not allowed to be changed as otherwise AIO will not work correctly
volumes:

  • nextcloud_aio_mastercontainer:/mnt/docker-aio-config # This line is not allowed to be changed as otherwise the built-in backup solution will not work
  • /var/run/docker.sock:/var/run/docker.sock:ro # May be changed on macOS, Windows or docker rootless. See the applicable documentation. If adjusting, don’t forget to also set ‘WATCHTOWER_DOCKER_SOCKET_PATH’!
    network_mode: bridge # This adds the container to the same network as docker run would do. Comment this line and uncomment the line below and the networks section at the end of the file if you want to define a custom MTU size for the docker network

networks: [“nextcloud-aio”]

ports:

security_opt: [“label:disable”] # Is needed when using SELinux. See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

environment: # Is needed when using any of the options below

AIO_DISABLE_BACKUP_SECTION: false # Setting this to true allows to hide the backup section in the AIO interface. See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

APACHE_PORT: 11000 # Is needed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md

APACHE_IP_BINDING: 127.0.0.1 # Should be set when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) that is running on the same host. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md

APACHE_ADDITIONAL_NETWORK: frontend_net # (Optional) Connect the apache container to an additional docker network. Needed when behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) running in a different docker network on same server. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md

BORG_RETENTION_POLICY: --keep-within=7d --keep-weekly=4 --keep-monthly=6 # Allows to adjust borgs retention policy. See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

COLLABORA_SECCOMP_DISABLED: false # Setting this to true allows to disable Collabora’s Seccomp feature. See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

FULLTEXTSEARCH_JAVA_OPTIONS: “-Xms1024M -Xmx1024M” # Allows to adjust the fulltextsearch java options. See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

NEXTCLOUD_DATADIR: /mnt/ncdata # Allows to set the host directory for Nextcloud’s datadir. :warning::warning::warning: Warning: do not set or adjust this value after the initial Nextcloud installation is done! See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

NEXTCLOUD_MOUNT: /mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host

NEXTCLOUD_UPLOAD_LIMIT: 16G # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-upload-limit-for-nextcloud

NEXTCLOUD_MAX_TIME: 3600 # Can be adjusted if you need more. See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

NEXTCLOUD_MEMORY_LIMIT: 512M # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-php-memory-limit-for-nextcloud

NEXTCLOUD_TRUSTED_CACERTS_DIR: /path/to/my/cacerts # CA certificates in this directory will be trusted by the OS of the nextcloud container (Useful e.g. for LDAPS) See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

NEXTCLOUD_STARTUP_APPS: deck twofactor_totp tasks calendar contacts notes # Allows to modify the Nextcloud apps that are installed on starting AIO the first time. See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

NEXTCLOUD_ADDITIONAL_APKS: imagemagick # This allows to add additional packages to the Nextcloud container permanently. Default is imagemagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-os-packages-permanently-to-the-nextcloud-container

NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS: imagick # This allows to add additional php extensions to the Nextcloud container permanently. Default is imagick but can be overwritten by modifying this value. See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

NEXTCLOUD_ENABLE_DRI_DEVICE: true # This allows to enable the /dev/dri device for containers that profit from it. :warning::warning::warning: Warning: this only works if the ‘/dev/dri’ device is present on the host! If it should not exist on your host, don’t set this to true as otherwise the Nextcloud container will fail to start! See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud

NEXTCLOUD_ENABLE_NVIDIA_GPU: true # This allows to enable the NVIDIA runtime and GPU access for containers that profit from it. :warning::warning::warning: Warning: this only works if an NVIDIA gpu is installed on the server. See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud.

NEXTCLOUD_KEEP_DISABLED_APPS: false # Setting this to true will keep Nextcloud apps that are disabled in the AIO interface and not uninstall them if they should be installed. See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

SKIP_DOMAIN_VALIDATION: false # This should only be set to true if things are correctly configured. See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

TALK_PORT: 3478 # This allows to adjust the port that the talk container is using which is exposed on the host. See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

WATCHTOWER_DOCKER_SOCKET_PATH: /var/run/docker.sock # Needs to be specified if the docker socket on the host is not located in the default ‘/var/run/docker.sock’. Otherwise mastercontainer updates will fail. For macos it needs to be ‘/var/run/docker.sock’

# Optional: Caddy reverse proxy. See Caddy Docker Compose Example · nextcloud/all-in-one · Discussion #575 · GitHub

# Alternatively, use Tailscale if you don’t have a domain yet. See Easy setup: Container-less Tailscale as reverse proxy · nextcloud/all-in-one · Discussion #6817 · GitHub

# Hint: You need to uncomment APACHE_PORT: 11000 above, adjust cloud.example.com to your domain and uncomment the necessary docker volumes at the bottom of this file in order to make it work

# You can find further examples here: docker-compose examples for reverse proxies and other guides · nextcloud/all-in-one · Discussion #588 · GitHub

caddy:

image: caddy:alpine

restart: always

container_name: caddy

volumes:

- caddy_certs:/certs

- caddy_config:/config

- caddy_data:/data

- caddy_sites:/srv

network_mode: “host”

configs:

- source: Caddyfile

target: /etc/caddy/Caddyfile

configs:

Caddyfile:

content: |

# Adjust cloud.example.com to your domain below

https://cloud.example.com:443 {

reverse_proxy localhost:11000

}

volumes: # If you want to store the data on a different drive, see GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.
nextcloud_aio_mastercontainer:
name: nextcloud_aio_mastercontainer # This line is not allowed to be changed as otherwise the built-in backup solution will not work

caddy_certs:

caddy_config:

caddy_data:

caddy_sites:

# Adjust the MTU size of the docker network. See GitHub - nextcloud/all-in-one: 📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

networks:

nextcloud-aio:

name: nextcloud-aio

driver_opts:

com.docker.network.driver.mtu: 1440

For a production server, could this composer file be enough? For you friends who are already professionals with Nextcloud, would you add anything else to this file, or would you take it out?

I’m running a production server using Proxmox, with the following configuration for NextCloud:

Intel Xeon-E 2288G 4 (2 sockets, 2 cores)
16GB RAM

I have the possibility of increasing both processing and RAM memory.

Would you change any configuration in this file for a production server?

Thank you all !!!

22

Regarding the compose file: what you pasted is the official AIO example and it is suitable for production. There’s no need to “optimize” it, only to adapt storage location and how you expose it to the internet (reverse proxy).

I’ve already published a complete, tested setup (including docker-compose.yml, NGINX Proxy Manager, and also Ubuntu VM configuration in Proxmox – XFS + ballooning explained) here:
https://help.nextcloud.com/t/testing-large-file-synchronization-with-nextcloud-aio-and-nginx-proxy-june-2025-update/226681?u=vawaver

Compose – first run (initial AIO installation)

(without external: true; Docker will create the volume itself)

volumes:
  nextcloud_aio_mastercontainer:

services:
  nextcloud:
    image: ghcr.io/nextcloud-releases/all-in-one:latest
    restart: unless-stopped
    container_name: nextcloud-aio-mastercontainer
    volumes:
      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /etc/cups/client.conf:/etc/cups/client.conf:ro
    ports:
      - 6789:8080  # AIO web UI
    environment:
      - APACHE_PORT=11000
      - NEXTCLOUD_MEMORY_LIMIT=4096M

(the line NEXTCLOUD_ADDITIONAL_APKS=cups imagemagick is no longer needed)

After installation / on later restarts

(add external: true so Docker will always reuse the existing volume – you won’t lose AIO configuration)

volumes:
  nextcloud_aio_mastercontainer:
    external: true

services:
  nextcloud:
    image: ghcr.io/nextcloud-releases/all-in-one:latest
    restart: unless-stopped
    container_name: nextcloud-aio-mastercontainer
    volumes:
      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /etc/cups/client.conf:/etc/cups/client.conf:ro
    ports:
      - 6789:8080
    environment:
      - APACHE_PORT=11000
      - NEXTCLOUD_MEMORY_LIMIT=4096M

Why external: true: the volume is already created on the first run. With external: true, Docker will not create a new empty one but will always mount the existing volume with your AIO configuration.

Hardware and VM configuration (Proxmox)

  • Physical CPU: Intel Xeon E-2288G is 8 cores / 16 threads.
    Your VM is currently set to 4 vCPUs (2 sockets × 2 cores) – that’s what Nextcloud actually sees - it is OK for few modules.

  • If you plan to enable more AIO modules (Collabora, Talk HPB, preview generation, fulltextsearch), I recommend increasing the VM to 8–12 vCPUs.
    Practically: in Proxmox set Sockets = 1, Cores = 8–12, CPU type = host, enable ballooning.

  • RAM: 16 GB is fine to start for a smaller number of users. If you run the full AIO stack (Collabora + HPB + previews + FTS), consider 24–32 GB later.

  • VM disk: XFS (as in my guide), VirtIO SCSI single, SSD emulation enabled.

Do not change any lines marked as not allowed to be changed in the compose.
If you have a public IP and domain, use a reverse proxy (see my guide for an NGINX Proxy Manager example) for the simplest SSL setup.

23

Hello,

In your example, I would just add the “/data” directory, correct?

====
volumes:
nextcloud_aio_mastercontainer:
external: true

services:
nextcloud:
image: Package all-in-one · GitHub
restart: unless-stopped
container_name: nextcloud-aio-mastercontainer
volumes:

  • nextcloud_aio_mastercontainer:/mnt/docker-aio-config
  • /var/run/docker.sock:/var/run/docker.sock:ro
  • /etc/cups/client.conf:/etc/cups/client.conf:ro
    ports:
  • 6789:8080
    environment:
  • APACHE_PORT=11000
  • NEXTCLOUD_MEMORY_LIMIT=4096M
  • NEXTCLOUD_DATADIR=/data
    =====

This way, the docker-compose.yaml file with the location of the Nexcloud Data directory.

Thank you.

24

Hello,

I created the docker-compose.yaml file with this data and ran the docker command.

docker compose up -d

Me retornou o seguinte erro:

“external volume “nextcloud_aio_mastercontainer” not found”

I just copied and pasted it into the file, I didn’t change any lines, could there be something wrong with that code?

Guys, I apologize for being a complete novice when it comes to Docker. I set up a server here for testing Nextcloud+Docker. My questions are truly from beginners, so I sincerely apologize for the type of questions here in this thread.

I’m really trying to understand and also reading some “How To” about Docker.

Thank you!

25

You’re getting that error because you used the version with external: true right away.

I already explained that external: true is only for later, after the first successful start, when the volume already exists.

At the very first run you must use version 1 without external: true, and only after installation switch to the version with external: true for all future restarts.

If you had followed exactly what I wrote, you wouldn’t run into this mistake.

26

that is why I would advise against running it in production yourself (yet).

27

Hello,

I uploaded as mentioned, without the “external: true”, Docker is working as you can see:

# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5672cdc7e837 ghcr.io/nextcloud-releases/all-in-one:latest “/start.sh” 3 hours ago Restarting (1) 7 seconds ago nextcloud-aio-mastercontainer

However, Nextcloud did not load. I tried accessing https://drive.networld.com.br:6789 without https. I also tried accessing it using the IP address, but it’s not working either.

I disabled the “ufw” firewall:

systemctl status ufw
○ ufw.service - Uncomplicated firewall
Loaded: loaded (/usr/lib/systemd/system/ufw.service; disabled; preset: enabled)
Active: inactive (dead)
Docs: man:ufw(8)

Thank you.

28

The restart loop normally points to something being off in the compose file. To avoid chasing errors, first try my complete docker-compose.yml from the guide exactly as it is. That file is tested and 100% working.

Once it runs correctly with the provided file, then experiment with changes on your own setup. If you start by editing your old file or mixing configs, you’ll only make troubleshooting harder.

Run it once with the exact file I shared. If it still fails, post your current docker-compose.yml here so we can compare line by line.

29

Hello,

The “docker-compose.yaml” file is exactly the same as the one posted here. Below are the file contents.

=====

cat docker-compose.yaml

volumes:
nextcloud_aio_mastercontainer:

services:
nextcloud:
image: ghcr.io/nextcloud-releases/all-in-one:latest
restart: unless-stopped
container_name: nextcloud-aio-mastercontainer
volumes:

  • nextcloud_aio_mastercontainer:/mnt/docker-aio-config
  • /var/run/docker.sock:/var/run/docker.sock:ro
  • /etc/cups/client.conf:/etc/cups/client.conf:ro
    ports:
  • 6789:8080
    environment:
  • APACHE_PORT=11000
  • NEXTCLOUD_MEMORY_LIMIT=4096M
    ======

I created this file inside “/root/nextcloud”, and ran the command “docker compose up -d”.

When I type “docker ps” it shows that the container is active, but I can’t access the address to open the NextCloud website to finish the configuration.

Thank you!

30

First rule:

DO NOT run this as root.
Everything must be done under your normal sudo user.

Root has no place here.

Steps:

  1. Install Docker with the official script (one command):

    curl -fsSL https://get.docker.com | sh

  2. Add your user to the docker group and reboot the system:

    sudo usermod -aG docker $USER
reboot

  3. Create a directory for the project, for example:

    mkdir ~/nextcloud
cd ~/nextcloud

  4. Create the docker-compose.yml based on my example, first version without external: true.

  5. Start the installation:

    docker compose up -d

  6. Finish the installation through the AIO UI and connect it to NGINX Proxy Manager (as shown in the video I shared).

  7. Then stop it:

    docker compose down

    add external: true to the docker-compose.yml, and start it again:

    docker compose up -d

Do it this way – clean, functional, no mess.

Do not create any custom directories or play with paths until the default installation works.
If the default AIO setup doesn’t run cleanly, adding extra directories or mounts will only make things worse.

Before trying again, remove any previously created nextcloud_aio_mastercontainer volume (easiest way is through Portainer).
You want this to be a completely clean installation, otherwise you’ll keep running into leftover configuration issues.

31

And if you run your services on dual-stack IPv4+IPv6? Does docker provide direct IPv6 connectivity? Are IPv6 SLAAC-generated addresses stable and persistent?

How many commands do you need to ensure all of that?

32

Why? With sudo usermod -aG docker $USER you are still running the Docker daemon as a fully privileged service. You are just granting your normal non-root user access to it.

To make it actually more secure, you’d have to run Docker deamon in rootless mode, but I’m not sure if AIO is fully compatible with that.

33

It is. See all-in-one/docker-rootless.md at main · nextcloud/all-in-one · GitHub

1 Like
34

I strongly recommend against using docker. As long as everthing runs well (when does it ever???) and you don’t use (too many) own config options it might be “so easy” but in case of trouble it just adds several layers of complexity. If you have some experience in linux administration running (and customizing) a lam(p)p-stack is far from rocket science.

(IMHO since nextcloud-docker was introduced an outsized part of the forum support-requests seem to be related to dockerized installs and ppl just don’t know what to do/where to look because when it’s not “so easy” it can be really complex.)

1 Like
35

I’d strongly recommend Nextcloud AIO, If your goal is to deal with as little complexity as possible, It’s the official appliance, very well documented, has a large community, and with @szaimen a maintainer who is very responsive both here in the forum and on GitHub.

That said, I also run a LAMP stack myself. But for new users who want to minimize dealing with the complexity of different backend technologies, I wouldn’t recommend that route anymore.

Yes, AIO uses Docker. And yes, one should learn at least the basics of how Docker works. But that’s knowledge you can easily reuse for other things you might want to host later. Being able to tune a LAMP stack, on the other hand, doesn’t help much if your goal is just to host a few apps for yourself, friends, or family.

That’s mainly because Docker has pretty much become the universal standard for self-hosting and homelabs. It’s what most people start with nowday, before then experimenting with K8s or K3s clusters—only to usually go back to Docker again, since high availability isn’t necessary in a home setup and the added complexity just isn’t worth it. :wink:

Seriously, the reality is that many people who started self-hosting in recent years have never hosted a website or maintained a LAMP stack, and they often have relatively little Linux experience. They start out with things like Plex, Jellyfin, often on appliances like TrueNAS or Unraid, where Docker is the recommended, or sometimes even the only way to install apps besides running them in a VM.

On top of that, practically every popular self-hosted project today offers official Docker images, again, often as the only supported installation method, even if you could technically build those apps from source. This is especially true for projects that started in the last five years or so, which, by the way, usually don’t even use PHP anymore.

4 Likes
36

Hello,

@vawaver See the step-by-step process I followed:

I stopped the container and deleted it from the AIO:
=> docker stop ID
=> docker rm ID

I also removed the image that was downloaded before:
=> docker rmi ID

After completely removing the entire AIO installation, I accessed it in user mode and created the “docker-compose.yml” file. I copied the configuration:

========
volumes:
nextcloud_aio_mastercontainer:

services:
nextcloud:
image: ghcr.io/nextcloud-releases/all-in-one:latest
restart: unless-stopped
container_name: nextcloud-aio-mastercontainer
volumes:

  • nextcloud_aio_mastercontainer:/mnt/docker-aio-config
  • /var/run/docker.sock:/var/run/docker.sock:ro
  • /etc/cups/client.conf:/etc/cups/client.conf:ro
    ports:
  • 6789:8080
    environment:
  • APACHE_PORT=11000
  • NEXTCLOUD_MEMORY_LIMIT=4096M
    ======

After creating the file with the above configuration, I ran the command:
=> docker compose up -d

[+] Running 22/22
? nextcloud Pulled 6.7s
? 9824c27679d3 Pull complete 0.3s
? 353f572fd542 Pull complete 0.7s
? 1e9c94b0909a Pull complete 0.8s
? ec9ff0d439a3 Pull complete 0.8s
? fe2e3d945599 Pull complete 1.0s
? 19ca1a47cc47 Pull complete 1.1s
? 39209a6c6883 Pull complete 1.8s
? 4874ed0db284 Pull complete 1.8s
? 35a90145122a Pull complete 1.9s
? 5f6d20677bb4 Pull complete 2.1s
? 4f4fb700ef54 Pull complete 2.4s
? 0261ebfbfde2 Pull complete 2.6s
? 50bbb029c333 Pull complete 3.0s
? 85c3e33e146d Pull complete 3.3s
? c4f07865f50e Pull complete 3.4s
? 54db4a02edca Pull complete 3.6s
? 9c32efb1a497 Pull complete 3.8s
? 472b2cf60d2b Pull complete 3.9s
? 923d362e7aca Pull complete 4.2s
? 0b93aabc92a4 Pull complete 4.4s
? 85fbd983472d Pull complete 5.9s
[+] Running 1/1
? Container nextcloud-aio-mastercontainer Started

The procedures regarding the installation of Docker “1 - 2 and 3” had already been done.

After running the command “docker compose up -d” I tried to access via IP on port 6789, the Nextclou main page did not load, nothing opened.

Remembering that my Ubuntu 24.04 has nothing installed, no Apache, no Ngnix, no database, my Ubuntu is a clean installation.

In this configuration example, does it already install everything it needs, Apache, DB?

Thank you!

37

You’re using the right compose.

AIO includes Apache, DB, Redis and everything it needs, you don’t install those separately.

Make sure you connect with https, not http:
https://<server-ip>:6789
Accept the self-signed cert. Don’t use your domain yet, only raw IP. Try different browsers.

If it still doesn’t load, open Portainer and check the logs of the container nextcloud-aio-mastercontainer. Post the log output here — that will show exactly what’s happening.

I’ve done 10+ installs with this config and all worked on the first try, so something in your environment must be blocking or failing.

38

Hello,

@vawaver I’ve tried several different browsers (Edge, Chrome, Firefox, Brave), but they all don’t open the page.

https://192.99.89.41:6789

I only installed Docker, I don’t know if Portainer is installed together. And I don’t know how to open it to check the logs and post here.

Since this is a server that I’m testing to use Docker, if possible you have time, I can pass the server connection data via “private”, and that way, you could tell if I’m doing something wrong, even though I followed the steps correctly as described by you.

Thank you!

39

Hi @kleresonbravo

I think this link will help you. Anyhow if you need any support feel free to ask in private.

40

Portainer is not included with Nextcloud AIO. It’s a separate container that gives you a web UI for managing Dockers – you can see your containers, volumes, images and check logs with a few clicks. It can also be deployed with its own docker-compose.yml. If you’ve never used it, check some short demos on YouTube, it helps to understand how Docker works in practice.

Since you don’t have Portainer right now, check things from the CLI:

Logs of the mastercontainer:

docker logs --tail=200 nextcloud-aio-mastercontainer

Verify if port 6789 is actually listening:

ss -ltnp | grep 6789

If the logs show the container is running normally but ss shows nothing on 6789, then the problem is not AIO but firewall/networking.

Keep in mind:

  • UFW being disabled doesn’t mean no firewall. Proxmox itself has its own firewall feature which can be active on the host or on the VM level.

  • Your provider can also enforce firewall rules upstream.

So the next step is: check logs, check if port 6789 is bound, then confirm there is no Proxmox/host/provider firewall blocking it.