Setting up Nextcloud behind Traefik in Docker

1. docker-compose.yml

version: "2"

services:
  # Reverse Proxy and Let's Encrypt
  traefik:
    container_name: traefik
    image: traefik:alpine
    restart: always
    networks:
      - srv
    ports:
      - 80:80
      - 443:443
    volumes:
      - /opt/traefik/traefik.toml:/traefik.toml
      - /var/run/docker.sock:/var/run/docker.sock
      - /opt/traefik/acme.json:/acme.json
  # NextCloud
  nextcloud:
    container_name: nextcloud
    image: nextcloud
    hostname: cloud.yourdomain.tld
    restart: always
    networks:
      - srv
      - dbnet
    ports:
      - "8081:80"
    links:
      - db
    volumes:
      - nextcloud:/var/www/html
    labels:
      - traefik.enable=true
      - traefik.port=80
      - traefik.frontend.rule=Host:cloud.your-domain.tld
      - traefik.docker.network=traefik_srv
      - traefik.frontend.entryPoints=https
      - traefik.frontend.headers.STSSeconds=315360000
      - traefik.frontend.headers.referrerPolicy=no-referrer

  db:
    container_name: nextcloud-db
    image: mariadb
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
    restart: always
    networks:
      - dbnet
    volumes:
      - db:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=[Enter a password here!!]
      - MYSQL_PASSWORD=[Enter a password here!!]
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud

volumes:
   nextcloud:
   db:

networks:
   srv:
   dbnet:

2. Explanations

This docker-compose setup opens a port for directly accessing your Nextcloud container, but also puts it behind Traefik to be accessed 
from the domain. When you initially access Nextcloud, you will create your username and password, but make sure to click on the 
little arrow below to configure an external database. You can use the sqlite database that comes stock within the Nextcloud image, 
however Nextcloud themselves recommends running an external database as sqlite has performance limitations.

Finally, I ran into an issue where accessing the Nextcloud page through the Traefik proxy lead me to an error message saying 
I was accessing it through an Untrusted Domain. To configure your URL, you must edit the config.php file inside your Nextcloud 
named volume.

I used a text editor like vim or nano to alter the config.php file directly. Initially the file will look like this:

  'trusted_domains' =>
  array (
    0 => 'my_ip_address:port',
  ),
  
You will simply need to add a new line to the array as such (obviously replacing the text with your specific domain):

'trusted_domains' =>
  array (
    0 => 'my_ip_address:port',
    1 => 'subdomain.yourdomain.tld',
  ),

3. config.php

$ nano /var/lib/docker/volumes/[volume_name]/_data/config/config.php

<?php
$CONFIG = array (
  'htaccess.RewriteBase' => '/',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' =>
  array (
    0 =>
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 =>
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'instanceid' => 'REDACTED',
  'passwordsalt' => 'REDACTED',
  'secret' => 'REDACTED',
  'trusted_domains' =>
  array (
    0 => 'my_ip_address:port',
    1 => 'subdomain.yourdomain.tld',
  ),
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'mariadb',
  'version' => '16.0.0.9',
  'overwrite.cli.url' => 'http://my_ip_address:port',
  'installed' => true,
);