It’s looping back to itself? Location header is pointing back to itself.
Is it possible your backend is sending back an http 301 redirect back to caddy, which forwards it to your browser?
Possibly some old configuration on your backend from the letsencrypt beforehand? Can you check the logs from your backend and see what they’re sending back?
I’m assuming the request might replace the host with the IP on your reverse Proxy and that your next cloud backend is replying with a redirect to https://nextcloud.domain.com:443
Edit: I think this is the most incoherent message I wrote to date.
I think your reverse Proxy is forwarding the request to your next cloud, but replacing the Host header with the IP you specified as reverse Proxy. As a result the request arrives at your next cloud with the IP as “host”.
Your next cloud installation is then sending back a 301 redirect to tell the client that they should connect to https://nextcloud.domain.com. this arrives through caddy at your browser, goes through the same loop until you’ve reached the max redirects.
Have a look at your next cloud backend http logs to see what requests are arriving there and what HOST( http header ) it’s trying to connect to on that IP.
What happens when you directly curl the nextcloud? From a device that can access it, such as the machine where your caddy is running.
I am assuming it will reply with a
301 moved
and add a location header that points to “https://nextcloud.domain.com”.