NextCloud + Docker + Proxy

Hi,

i run docker container:

docker run -d -p 4443:4443 -p 4433:443 -p 8080:80 -v /media/external/wd_ext4/nextcloud:/data --name nextcloudpi ownyourbits/nextcloudpi

in Caddy file:

choo.duckdns.org {
        proxy / https://localhost:4433  
}

But after the launch of all the services when I click on the link (https://choo.duckdns.org) I get a message in my browser:

502 Bad Gateway

But if I specify the port directly (https://choo.duckdns.org:4433), the site opens

What might be the problem?
How to fix it?

Do you need to click through a certificate warning to do this?

Jumping in the conversation as I am encountering almost the same issue.

My caddyfile is like:

domain.duckdns…org {
proxy / https://localhost:444 {
websocket
transparent
}
}

In my case I manually changed nextcloud apache2 port to 444 to free 443 for caddy and I can regularly access the instance in my LAN as nextcloudhostip:444.

I’ve also added the websocket and transparent options becuase I’ve read somewhere else that they are needed (but honestly I’m blindly adding these options as I didn’t fully grasp their purpose).

In my case however if I specify the port I get a connection timeout as expected since on my router I’ve opened only ports 80 and 443 and reverse proxying everything “inside” my network using Caddy proxy functionality.

No certificate warning is shown for me, actually the certificate is valid and the connection secure as shown:

Edit
Adding to the proxy directive the option insecure_skip_verify, solves the issue but I’m not really sure I should permanently use this solution, doesn’t it lower the security?

Furthermore even with this option enabled I still have a HTTPS connection, am I misunderstanding something?
From the documentation:

insecure_skip_verify overrides verification of the backend TLS certificate, essentially disabling security features over HTTPS.