I am currently planning to set up nextcloud as it is described in https://help.nextcloud.com/t/nextcloud-docker-compose-setup-with-caddy-2024/204846 and make it available via tailscale.
I found a tailscale reverse proxy example for the AIO Version: https://github.com/nextcloud/all-in-one/discussions/5439 which also uses caddy as reverse proxy.
It might be possible to adjust it to the nextcloud:fpm stack.
But it might also be possible to use the built in reverse proxy of the tailscale sidecar by using a TS_SERVE_CONFIG . In this json file the multiple paths (/push/* and the / root) can be configured and can redirect to the right internal dns name and port (notify_push:7867 and web:80) https://tailscale.com/blog/docker-tailscale-guide
Has anyone done that? Can someone share a complete example?
The manual istall now seems too cluttered for me, aswell as the caddy webserver configuration. The AIO probably has an more up to date configuration which is vetted by the community.
I will try to configure the AIO version how i like it, but still apply what i have learned connecting tailscale (https://github.com/nextcloud/all-in-one/discussions/5439)
@BakedCatboy@lemmy.ml your example helped clarify the network and service linking, thank you.
I kind of followed the tutorial, but changed the tailscale configuration to how it is advised by tailscale in their blog about tailscale in docker. It is running fine for me.
compose.yml:
services: nextcloud-aio-mastercontainer: image: nextcloud/all-in-one:latest init: true restart: always container_name: nextcloud-aio-mastercontainer volumes: - nextcloud_aio_mastercontainer:/mnt/docker-aio-config # do not change - /var/run/docker.sock:/var/run/docker.sock:ro # do not change networks: - nextcloud-aio ports: - 8091:8080 environment: APACHE_PORT: 11000 APACHE_IP_BINDING: 127.0.0.1 SKIP_DOMAIN_VALIDATION: true nc-caddy: image: caddy:alpine container_name: nc-caddy restart: always environment: NC_DOMAIN: nc.tailnet.ts.net volumes: - ./caddy/Caddyfile:/etc/caddy/Caddyfile - ./caddy/caddy_data:/data - ./caddy/caddy_config:/config - ./caddy/caddy_certs:/certs - ./tailscale/tailscale_sock:/var/run/tailscale/:ro network_mode: service:nc-tailscale labels: - com.centurylinklabs.watchtower.enable=true nc-tailscale: image: tailscale/tailscale:latest container_name: nc-tailscale restart: always init: true environment: - TS_HOSTNAME=nc - TS_AUTH_KEY=tskey-auth-xxx - TS_EXTRA_ARGS=--advertise-tags=tag:container - TS_STATE_DIR=/var/lib/tailscale volumes: - ./tailscale/state:/var/lib/tailscale - ./tailscale/config:/config - ./tailscale/tailscale_sock:/tmp devices: - /dev/net/tun:/dev/net/tun cap_add: - net_admin - sys_module networks: - nextcloud-aio labels: - com.centurylinklabs.watchtower.enable=true volumes: nextcloud_aio_mastercontainer: name: nextcloud_aio_mastercontainer networks: nextcloud-aio: name: nextcloud-aio driver: bridge enable_ipv6: falseCaddyfile:
https://{$NC_DOMAIN}:443 { reverse_proxy nextcloud-aio-apache:11000 }