wedge_film
The cleanest way would be to do something described here, in the expanded section “On the same server in a Docker container”. I don’t know your docker setup though. You can however port forward the apache port and expose it on the machine IP, that way you can point the file config to the machine IP. This is the setup you would use if traefik was on a different machine than nextcloud (or any other service), but it will also work in your case. It has a big upside, if you decide to migrate your setup you can just spin up traefik on another machine and copy-paste the dynamic config file with minimal downtime (you would only need to adjust trusted proxy on the nextcloud side, if it’s in use).
I’ve used a AIO + traefik docker setup once, but I might be a little bit rusty, it’s been some time. Docs state that labels do not work with the AIO, due to the fact that mastercontainer manages the containers. With the AIO it is better to not get in the way of the mastercontainer - if any issues occur you have a non-standard deployment and need to consider that while troubleshooting. Not the most elegant solution, but you could run vanilla AIO with traefik external routing via exposed apache port on the node IP using the file provider. If you don’t have one you’ll need to adjust the traefik config file to include:
providers:
file:
filename: #dynamic config file path goes here, example: /etc/traefik/fileConfig.yml
watch: true
Create such file and restart traefik container.
You can use this file to provide all sorts of configs, traefik constantly checks it and makes adjustments. Here’s an example:
http:
## EXTERNAL ROUTING ##
routers:
nextcloud:
rule: "Host(`nextcloud.example.com`)"
entrypoints:
- "https"
service: nextcloud
middlewares:
tls:
certresolver: "letsencrypt"
## SERVICES ##
services:
nextcloud:
loadBalancer:
servers:
- url: "http://IP:PORT of the apache container"
You may route internally if traefik runs on the host network. Check the link to the github documentation above for more info. Consider adjusting for a trusted proxy by limiting access to the apache container as described there.
If I remember correctly setting APACHE_PORT env variable in the mastercontainer section in your compose file should be enough to expose apache port on the node IP, mastercontainer should handle the process. These are the defaults from their compose example.
services:
nextcloud-aio-mastercontainer:
environment:
APACHE_PORT: 11000
As you’ve noticed, forwarding things that way seems counterintuitive, because mastercontainer handles the managed containers and accepts limited config options as variables. Check the example compose file for common config options, like the upload limits. This is a major tradeoff of the AIO, by design, it is a standardised deployment, easy to troubleshoot and hadles a lot of things automatically, but it’s inflexible. Once you get it running though it rarely causes problems.