I do not use docker. I think the nextcloud-docker-images includes the linuxserver.io-certificate without the other certificates. Perhaps it is also possible to change it to Lets Encrypt.
Perhaps someone can help with the docker-configuration or post the way for change the certificate in the docker-container. Perhaps it is possible to install ācertbotā and use this software.
If you want to use Letās Encrypt certs ā (which I recommend) ā itās actually pretty easy to do.
You need to install an acme client (certbot or acme.sh or a docker container that runs either certbot or acme). It just depends on what you want to do. I personally just install acme.sh on the docker host and obtain certs that method, however Iām aware many use a docker container. For example one container you could use is: https://hub.docker.com/r/linuxserver/letsencrypt/.
It just depends on you how want to install your certs.
Iāve seen a few different ways people have enabled (or tried to enable) certbot with Docker. My solution to this was to run a reverse proxy and certbot on the host. I wrote a guide for this type of setup if you want to have a look.
Iām sorry Iāll have to defer to @devnull about that.
He (she? not sure!) picked it up when helping me get it accessible.
I know my way around a PC but Linux is a little bit beyond me but I am trying to learn.
What I can say is;
I have nextcloud, mariadb and letscert installed in docker on UnRaid.
I can access the nextcloud over the web but it isnāt secured.
I donāt know if there is something up with ports maybe?
I figured a snapshot of my docker might help.
I donāt think there is any info in here that puts me at risk. All the IPs seem to be internal to my networkā¦
I hope youāll tell me if I left something in I didnāt notice!
Okā¦ I donāt know how someone writes a guide for running a website without mentioning the web server, but I guess thatās beside the point.
So Nextcloud is a website. A web server is what actually ārunsā a website. In the Nextcloud Docker container, there is a web server called Apache that is ārunningā Nextcloud. This is already running on your system.
Apache is what ultimately needs to use the Letās Encrypt certificate to provide HTTPS for the site.
# Section for Apache 2.4 to 2.6
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order Allow,Deny
Deny from all
Satisfy All
</IfModule>
# Section for Apache 2.2
<IfModule !mod_authz_core.c>
<IfModule !mod_access_compat.c>
<IfModule mod_authz_host.c>
Order Allow,Deny
Deny from all
</IfModule>
Satisfy All
</IfModule>
</IfModule>
# Section for Apache 2.2 to 2.6
<IfModule mod_autoindex.c>
IndexIgnore *
</IfModule>
EDIT
Ok I think i might know what Iām looking for now, I just have no idea how to find itā¦
In the container, under /etc/apache2/sites-available is probably where youāll find the site configs.
Apache needs to use the certificate thatās being pulled by the Letās Encrypt container. Iām wondering if thatās where this is getting messed up because I donāt see a mount in common between them in your containers. I donāt use unraid so it may just be that Iām not seeing it, but somehow that cert would have to be getting from one container to the other.
But yes, to answer your question, there is a web server running in the Nextcloud container (actually the only āprogramā being executed, Docker calls it an entrypoint). If you want to see some more about that, you can check out the official image documentation. They have quite a few versions of the Nextcloud image, but the default one uses Apache.