Great writeup, I feel I have more control, and I donât have to learn Docker!
Was easier to add my own data drive.
Thank you very much for this.
1 Like
Great guide.
I do have a question and donât mind me as I am starting on Nextcloud. Where do i get the information for âx_yourdomainâ from?
Secondly the part for nginx âsudo nano /etc/nginx/sites-available/cloud.x_youromain.confâ it says directory does not exist.
Could you please help out? Thanks.
Glad you like it.
x_yourdomain is your actual domain that you bought. Something like ilovemusicinthemorning.com that you bought from godaddy or some other registrar.
that is because it does not exist yet and we create it with nano 
But letâs say I want to use it locally to store/upload my files. Can I leave it blank or something else first? I may buy a domain name later.
Just run the ISPConfig autoinstaller on your fresh Debian/Ubuntu installation, setup your vHost for Nextcloud and you are done.
Do you know where I could get a free domain name? I want to try out and see how Nextcloud works for my needs.
may i also ask do i need the cloud. part or i just put in the domain name? Any sample i can look at?
Do I need the âcloud.â?
sudo certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter âcâ to cancel):
Requesting a certificate for nuc-cloud.asuscomm.com
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: nuc-cloud.asuscomm.com
Type: connection
Detail: ip4: Fetching http://nuc-cloud.asuscomm.com/.well-known/acme-challenge/9iW7Z6214Tsev8PCV0X4SIKlRKzJfsWS9jsXip-nkzg: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
Any idea how to resolve it?
Letâs Encrypt cannot connect to your webserver to validate the domian name via HTTP challenge. Generally the following requiremets must be met in order for this to work:
-
A fully qualified domain name (FQDN) based on a registered domain name, e.g
cloud.yourdomain.tld -
A corresponding DNS A record, pointing to the public IP address of your server or a CNAME record, pointing to your Dynamic DNS name.
-
If the server is behind NAT and / or a firewall, inbound traffic on port 80/tcp and port 443/tcp must be forwarded / allowed.
The first point seems to be in place, and DNS should work as well, as you seem to use the Dynamic DNS service from asuscomm.com, so itâs most likely point three thatâs causing the problem.
Did you forward ports 80 and 443 to the local IP of your Nextcloud server in your router?
1 Like
Just as I suspected. But how do i setup port forwarding?
Secondly, Why i need to port forward? Is it always the case?
I am also considering to use Tailscale.
This has to be done in the router, so I suggest you consult the documentation of your router model.
Because Letâs Encryptâs HTTP challenge needs to be able to connect directly to your web server on port 80 to validate the domain name.
If you want to expose your Nextcloud instance directly to the internet (without Tailscale, VPN, Cloudflare or whatever) you will need to forward at least port 443, and if you want to use the HTTP challenge to get your certificates you will also need to forward port 80. So yes, to follow this tutorial 1:1 you will need to forward ports 80 and 443.
Sorry, I canât help with that, as I have no experience with it.
1 Like
Hi thanks for the reply. I am using an Asus router and was able to port forward port 80. However, port forward for port 443 is not working. After port forward port 443 and port check still says port 443 is closed.
Any idea what I can do to open it?
Hard to say without more information about your setupâŚ
Did you maybe enable a firewall on the Nextcloud server itself?
Or maybe your ISP is blocking port 443, but thatâs not very likely because otherwise they would probably block port 80 as wellâŚ
Can you advise what information you need about my setup that I can provide? Thanks.
How exactly have you checked if port 443 is open?
Maybe it says âclosedâ because no service is listening on port 443 at the moment. Have you tried running sudo certbot --apache again after forwarding ports 80 and 443?
Iâm asking because the above command not only gets the certificates, it also creates the Apache virtual host, which then listens on port 443 for HTTPS requests. Without that, Apache only listens on port 80.
Oh, and if youâre using Ubuntu, make sure that the UFW (UncomlicatedFirewall) is either disabled or that both ports are open. You can check with the following command:
sudo ufw status
I made the port forwarding on my Asus router for ports 80 & 443. Used ping.eu to check if ports are opened. Only port 80 is opened and 443 closed. Thatâs how I checked.
Secondly on my Ubuntu server I installed ufw and allowed 80/http & 443/https.
Might it be some config issues in Apache?
Did you also run sudo cerbot --apache again, after you forwarded the ports, as I suggested in my previous post?
Whatâs the output of:
sudo lsof -nPi
and
ls -al /etc/apache2/sites-enabled/
Good. If ports 80 and 443 are allowed, then UFW isnât causing the issue.
Could be, but please answer the above questions first, and then weâll see where that takes us⌠
Hi apologies for the late reply. I will follow what you suggest and report here soon. Thanks for helping out.