Collabora & Nextcloud -> Caddy & Local Domains & Arambian & NanoPi R4S ARM64

Help
1

Hi Everybody,

I’m trying to set up Nextcloud with Collabora Office on my NanoPi R4S running Armbian, but I’m having trouble configuring the reverse proxy (nginx/Caddy) for HTTPS with local domains.
Current Setup:

Running via docker-compose.yml (shown below)

Without HTTPS, everything works: Collabora can open documents in Nextcloud's web UI

With HTTPS enabled, Collabora integration breaks

Added to /etc/hosts:

127.0.0.1 nextcloud.lan collabora.nextcloud.lan

What I Need:

HTTPS configuration for both services

Reverse proxy to local domains:

    Nextcloud: https://nextcloud.lan

    Collabora: https://collabora.nextcloud.lan

My docker-compose.yml (HTTP-only version):

networks:
network:
driver: bridge

volumes:
mariadb_config:
mariadb_data:
nextcloud_config:
nextcloud_data:

services:
collabora:
image: collabora/code
restart: unless-stopped
container_name: collabora
hostname: collabora
domainname: collabora.nextcloud.lan
networks:
- network
ports:
- “9980:9980”
cap_add:
- MKNOD

nextcloud_db:
image: linuxserver/mariadb
restart: unless-stopped
container_name: nextcloud_db
hostname: nextcloud_db
networks:
- network
volumes:
- mariadb_config:/config
- mariadb_data:/data
environment:
- PUID=1000
- PGID=1000
- TZ=UTC
- MYSQL_ROOT_PASSWORD=nextcloud
- MYSQL_DATABASE=nextcloud_db
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD=nextcloud

nextcloud:
image: linuxserver/nextcloud
restart: unless-stopped
depends_on:
- nextcloud_db
- collabora
container_name: nextcloud
hostname: nextcloud
domainname: nextcloud.lan
networks:
- network
ports:
- “8080:80”
volumes:
- nextcloud_config:/config
- nextcloud_data:/data
environment:
- PUID=1000
- PGID=1000
- TZ=UTC
- NEXTCLOUD_UPLOAD_LIMIT=16G
- NEXTCLOUD_MAX_TIME=3600
- NEXTCLOUD_MEMORY_LIMIT=3G
- SKIP_DOMAIN_VALIDATION=true
- NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.lan

Key Questions:

How should I modify the docker-compose.yml to:

    Enable HTTPS for both services?

    Properly configure the reverse proxy for the local domains?

    Set up valid SSL certificates for *.lan domains?

For Collabora:

    What extra_params or environment variables are needed for HTTPS?

    How to configure Nextcloud's config.php for the Collabora HTTPS endpoint?

I’d prefer a solution using Caddy if possible, as it’s simpler for automatic HTTPS. Any working configuration examples would be greatly appreciated!

Thanks in advance for your help!

Viktor Malygin
WordPress Developer
https://vm-project.pro

2

What exactly do you mean by that? Do you have any configuration or error logs you could share from when you tried and it didn’t work?

Just a heads-up: .lan isn’t a valid top-level domain, so any *.lan certificate won’t be publicly trusted unless you properly distribute your own CA certificate across your network.

If you’re using Docker, here’s a Caddy + docker-compose example from the docs:

If you run Caddy on the same Docker bridge network as your nextcloud and collabora containers, here’s a quick Caddyfile example that might work for you:

nextcloud.lan {
    reverse_proxy http://nextcloud:8080
    tls internal
}

collabora.nextcloud.lan {
    reverse_proxy http://collabora:9980
    tls internal
}

You can read more about the tls directive and the tls internal option here:

Note:

Caddy will attempt to install the root CA certificate to the system trust store, but this may fail when Caddy is running as an unprivileged user, or when running in a Docker container. In that case, the root CA certificate will need to be manually installed, either by using the caddy trust command, or by copying out of the container.