Nextcloud AIO setup

Hello Tailscale community! I hope all are well.

I am trying to create a Nextcloud server on AWS. I am able to launch an EC2 instance running Ubuntu and install Tailscale on it. I was able to delete all inbound rules to this EC2 instance and still access it from my Tailscale network. So far, so good!

Then I tried installing Nextcloud’s All-In-One Docker image (AIO) using these instruction from their website, and this too seems good. However, the issue is when I go to my Nextcloud website and begin its setup process. I get stuck at creating a “New AIO instance” where it requires a certified domain. I tried enabling HTTPS in Tailscale with the cert command, but this is not enough. This Tailscale article about Caddy seems promising, but I’m missing background information to implement it. Please advise. Thank you.

From reading this article, I learned of Tailscale’s serve command and how it could be used on a Docker image. HTTPS now seems to be working. However, now I get an Apache error. I suspect I need to follow these Reverse Proxy instructions for Apache (from Nextcloud’s AIO GitHub). Unfortunately, how to edit a Docker image is not explained in these instructions. Please advise. Thank you.

Just ssh into the host machine, then ssh into the docker container from there using:
docker exec -it container_ID_or_name /bin/bash
(where “container_ID” or “name” is the ID or name of the docker container)

Hello @companero! Thank you for that command. Turns out it was unecessary. The Apache error is coming from Nextcloud AIO in its docker container. So, I installed Caddy on the AWS EC2 Ubuntu host computer (not in Nextcloud AIO’s docker container) following Caddy’s installation instructions on their website. Then I needed to edit the Caddyfile, as per the Reverse Proxy instructions. I can’t edit it if I can’t find it. I finally found it at /etc/caddy/Caddyfile. I was able to complete the Reverse Proxy instructions successfully.

I then opened my Nextcloud AIO webpage using my domain at port 8080 ( So far so good! But then I get an error when I try to finish the setup process on that webpage. When I submit my domain under “New AIO instance,” I get the error "DNS config is not set for this domain or the domain is not a valid domain! (it was found to be set to “).” It is worth mentioning that when I try to check my domain at, no records are found. Perhaps it takes time to register. Please advise. Thank you.

PS: Obviously my machine name isn’t literally called my-machine-name, and my tailnet isn’t literally called my-tailnet-name. That’s just for this public post, but the point still stands.

Okay, this is not as simple as I thought and it is definitely turning into a long-term project. As such, let me provide a summary of what has happened thus far.

I am trying to create a Nextcloud server up and running on AWS within my Tailscale network (Tailnet).

Experiment 1
I am able to launch an EC2 instance running Ubuntu and install Tailscale on it. I was able to delete all inbound rules to this EC2 instance and still access it from my Tailscale network. So far so good.

I then tried to install Nextcloud from Snapcraft (snap). While the installation worked, this version of Nextcloud from Snapcraft is malfunctioning, particularly Nextcloud Office.

Experiment 2
If Nextcloud from Snapcraft is broken, perhaps Nextcloud AIO will work - this is their All-In-One solution as a docker image. This version seems better maintained than other versions.

I was able to install Nextcloud AIO successfully, following their installation instructions rather easily. However, Nextcloud AIO requires an HTTPS protected domain to complete its setup process. So, how do I get an HTTPS protected domain under Tailscale?

Experiment 3
Docker containers are complicated. To simply, this experiment will not be using Docker. The purpose of this experiment is to see if I can get HTTPS working under Tailscale. To do so, I will try the use of Caddy. Caddy is a server software with automatic HTTPS, and Caddy is compatible with Tailscale.

I will make a new clean EC2 instance and install Tailscale and Caddy on it. If I can HTTPS into a dummy website on this EC2 instance, then I will call this experiment a success, and then try to implement Docker (Nextcloud AIO) again.

Since Tailscale Forum announced that it will be read-only mode after July 15th, I have moved my project over to Reddit as recommended. Thanks.