I just installed NC via Snap on Ubuntu and I can now access it locally and externally, but not yet securely.
I first wanted to use NC without a domain name, but when I saw that let’s encrypt needs a domain name as well I went ahead and got one anyway. The domain comes with one included SSL certificate. I have set this domain to redirect to my IP external IP address (and force HTTPS) and I get the following Error: NSURLErrorDomain.
I think the problem is with NC’s generation of certificates which (correct me if I’m wrong) is supposed to happen automatically with the Snap version as I found out later. This does not seem to be working correctly and I cannot find a solution to this online as most manuals are for the cli installed versions.
Can anyone point me in the right direction here? Semi-N00b but willing to go for the manual installation if people here believe that would make things easier.
Many thanks in advance for your help!
Edit:
Let’s encrypt [sudo nextcloud.enable-https lets-encrypt] end up giving me the following error:
Domain: nextcloud.ow37.nl
Type: connection
Detail: 2a01:238:20a:202:1161::: Fetching
https://143.176.234.210/.well-known/acme-challenge/XXXXXXXXXXXXXXXXXXX:
Invalid host in redirect target “143.176.234.210”. Only domain
names are supported, not IP addresses
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you’re using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
- Your account credentials have been saved in your Certbot
configuration directory at
/var/snap/nextcloud/current/certs/certbot/config. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
The problem there is that I can’t set AAAA record as my ISP still only has ipv4…