SWAG optional security headers not passed on to nextcloud container

I am running both swag and nextcloud (with mariadb and redis) containers from linuxserver.io without any issues. My docker-compose file is available here.

Now after reading

I decided to turn all of the optional headers on. However, when I uncomment in ssl.conf

add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;

and restart swag and nextcloud, I get the following warning in the nextcloud admin panel:

If instead I leave the lines uncommented, I don’t get the warnings. Isn’t this counter-intuitive?