Unable to authorize Desktop client for synchronization when behind NGINX on a different host

Hi together,

I am having a problem with my nextcloud install. My Setup looks as follows:
I have got a RaspberryPi 4 at home which runs my nextcloud instance with docker. I do also use a postgresql container for the nextcloud DB.
My Raspberry Pi is connected to a VPS via VPN.
On my VPS I have a NGINX reverse proxy which proxies all traffic coming to a certain domain to my Raspberry Pi with my nextcloud instance.
Unfortunately, I can not run a NGINX container alongside the nextcloud container directly on the Pi as in the examples on GitHub. This is due to my ISP (Unitymedia) which does not give me a unique IPv4 Adress so I can not simply use port forwarding on my Router and point my Domain to the IPv4 Adress of my Router.

Using this setup I am able to use my Nextcloud via the Web Interface and the mobile sync clients (I had to use the old authentication methob where you specify the username and password directly inside the application though).
The only issue I encounter when using the Web Interface is, when I first sign in, the Login button keeps showing the loading indicator and continues forever. I am able to work around this by manually reloading the page. If I do that, I get to my Files. So I suppose the login works and just something with the automatic redirect does not work.

Which leads to my actual problem:
When I try to connect the Desktop Sync client and enter my Domain name, I am able to connect and the sync client is able to identify, that there is a nextcloud instance running.
When I try to authorize the desktop client and the Browser opens i first click on “Login”. After that, there is a Page which says “You are about to grant … access to your nextcloud account” when I click on “Grant access” (or whatever the buttons name is in English, I have my instance set to German) I encounter the same behavior as with the login button on the login page. So the loading indicator keeps spinning and nothing happens. This goes on for at least 10 Minutes without anything happening in the Desktop client. I guess, that the redirect to the “Successful” page does not work (similar to the redirect after logging in to the web interface does not work).

I did already try to connect to the Nextcloud instance on the raspberry Pi directly without NGINX inbetween. If I do that, it redirects to another page after clicking “Grant Access” and obviously sends some kind of response to the Desktop client because it says, that it is authorized and I can then continue to configure the synchronization.
Therefore I suppose it has something to do with my configuration of the NGINX reverse proxy.

So, my configuration of NGINX looks as follows:

server {
        listen 443 ssl;
        listen [::]:443 ssl;

server_name mydomain.tld;

ssl_certificate /etc/letsencrypt/live/mydomain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.tld/privkey.pem;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;

location ^~ /.well-known/acme-challenge/ {
        proxy_pass http://localhost:60000;
location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

Is there anything I am missing in the configuration which causes the redirect to not work?
Or do you think the problem is related to something else?

If you need any additional information, feel free to ask!

Thanks in advance for your time and help!!

I am hitting the same issue with a new client I am trying to set up today.

I use NextCloud inside Docker behind a proxy.