With a standard Docker deployed nexcloud 13, login takes ~30 seconds

See also the corresponding GitHub issue

Nextcloud version 12 and 13:
Operating system and version Debian 9:
Apache or nginx version Docker / nginx proxy / apache:

The issue you are facing:

On both instances (one nextcloud 12 and the other nextcloud 13) deployed in the same way

Is this the first time you’ve seen this error? N:

Steps to replicate it:

1. git clone https://github.com/nextcloud/docker
2. cd .examples/docker-compose/with-nginx-proxy/postgres/apache
3. sudo docker-compose up -d
4. go to https://cloud.mycloud.com/ and login
5. it takes ~30 seconds to load /app/files

During these 30 seconds, the CPU and the I/O are mostly idle.

There are no additional lines in Admin > Logging:

The output of your Apache/nginx/system log in /var/log/____:

sudo docker-compose logs -f proxy
proxy_1                  | nginx.1    | XXXXXXXXXXXXXX - - [25/Mar/2018:12:09:20 +0000] "GET /login HTTP/2.0" 200 3115 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0"
proxy_1                  | nginx.1    | XXXXXXXXXXXXXX - - [25/Mar/2018:12:09:21 +0000] "GET /cron.php HTTP/2.0" 200 20 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0"
proxy_1                  | nginx.1    | XXXXXXXXXXXXXX - - [25/Mar/2018:12:09:54 +0000] "POST /login HTTP/2.0" 303 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0"
proxy_1                  | nginx.1    | XXXXXXXXXXXXXX - - [25/Mar/2018:12:09:54 +0000] "GET /apps/files/ HTTP/2.0" 200 6341 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0"
proxy_1                  | nginx.1    | XXXXXXXXXXXXXX - - [25/Mar/2018:12:09:55 +0000] "GET /apps/gallery/config?extramediatypes=1 HTTP/2.0" 200 102 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0"
proxy_1                  | nginx.1    | XXXXXXXXXXXXXX - - [25/Mar/2018:12:09:55 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/2.0" 200 74 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0"
proxy_1                  | nginx.1    | XXXXXXXXXXXXXX - - [25/Mar/2018:12:09:56 +0000] "GET /apps/encryption/ajax/getStatus HTTP/2.0" 200 77 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0"
proxy_1                  | nginx.1    | XXXXXXXXXXXXXX - - [25/Mar/2018:12:09:56 +0000] "PROPFIND /remote.php/webdav/ HTTP/2.0" 207 4598 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0"
proxy_1                  | nginx.1    | XXXXXXXXXXXXXX - - [25/Mar/2018:12:09:56 +0000] "GET /apps/systemtags/lastused HTTP/2.0" 200 9 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0"
proxy_1                  | nginx.1    | XXXXXXXXXXXXXX - - [25/Mar/2018:12:09:56 +0000] "GET /index.php/apps/files/ajax/getstoragestats.php?dir=%2F HTTP/2.0" 200 189 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0"
proxy_1                  | nginx.1    | XXXXXXXXXXXXXX - - [25/Mar/2018:12:09:56 +0000] "GET /cron.php HTTP/2.0" 200 20 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0"
proxy_1                  | nginx.1    | XXXXXXXXXXXXXX - - [25/Mar/2018:12:10:25 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/2.0" 200 74 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0"

Hi, this sounds like the NC brute force detection is slowing down your login on purpose. This happens when too many logins failed.
There is a section in the admin settings where you can whitelist IPs. I suggest you enter your IP there.
And maybe yet to delete your IP from the DB table oc_bruteforceattempts if that’s possible in the docker.

Sounds like this could indeed be the cause! The Admin Logging panel shows a number of lines like:

Warning	core	Login failed: 'Max' (Remote IP: '172.19.0.2')	2018-03-25T23:47:30+0200

There is no user Max meaning it’s brute force attack but… this was deployed using Docker and all requests incorrectly originate from the same IP 172.19.0.2. So, as soon as anyone makes too many failed login attempts everyone is blocked.

A given IP can be whitelisted with the Bruteforce app which is convenient when conducting tests from a given location. Otherwise the IP from which multiple failed attempts happen for a legitimate reason will be throttled.