Nextcloud AIO with Caddy and LetsEncrypt

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP, AIO)
, , , ,
1
Support intro

Sorry to hear you’re facing problems. :slightly_frowning_face:

The community help forum (help.nextcloud.com) is for home and non-enterprise users. Support is provided by other community members on a best effort / “as available” basis. All of those responding are volunteering their time to help you.

If you’re using Nextcloud in a business/critical setting, paid and SLA-based support services can be accessed via portal.nextcloud.com where Nextcloud engineers can help ensure your business keeps running smoothly.

Getting help

In order to help you as efficiently (and quickly!) as possible, please fill in as much of the below requested information as you can.

Before clicking submit: Please check if your query is already addressed via the following resources:

(Utilizing these existing resources is typically faster. It also helps reduce the load on our generous volunteers while elevating the signal to noise ratio of the forums otherwise arising from the same queries being posted repeatedly).

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can. :heart:

The Basics

  • Nextcloud Server version (e.g., 29.x.x):
  • Operating system and version (e.g., Ubuntu 24.04):
    • Ubuntu 24.04 LTS
  • Web server and version (e.g, Apache 2.4.25):
    • Apache 2.4.58
  • Reverse proxy and version _(e.g. nginx 1.27.2)
    • Caddy 2.10.0
  • PHP version (e.g, 8.3):
    • 8.3.6
  • Is this the first time you’ve seen this error? (Yes / No):
    • Yes
  • When did this problem seem to first start?
    • When trying to switch between internal TLS to LetsEncrypt
  • Installation method (e.g. AlO, NCP, Bare Metal/Archive, etc.)
    • AIO
  • Are you using CloudfIare, mod_security, or similar? (Yes / No)
    • No, Caddy and port forwarding

Summary of the issue you are facing:

I followed a tutorial online to create a Nextcloud instance at my datacentre which appeared to work but it had me set my docker compose file with “TLS Internal” in the Caddyfile section. This gives a workable instance of Nextcloud BUT with self-signed certs which are no use when I want to use LetsEncrypt certs to properly sign the traffic.

I was suggested to use Cloudflare, but I don’t want to use this for other reasons. I just want Caddy to do its (apparently default) thing of giving me properly signed certs.

I’ve looked extensively and can’t seem to find any definitive answer to what syntax do I need to replace “internal” with in order to get a proper certificate? Do i need to sign up separately with LetsEncrypt (or does that happen automagically)? I’ve forwarded ports 443 and 80 to the AIO instance in preparation.

Steps to replicate it (hint: details matter!):

  1. Follow this video: https://www.youtube.com/watch?v=ewarxugZH3Q