Nextcloud, I can't access it externally

I can’t access it externally or activate HTTPS.
I need to make it accessible and with onlyoffice working externally, in my local network onlyoffice works normally.

I installed following this tutorial: https://websiteforstudents.com/install-nextcloud-server-using-composer-on-ubuntu-16-04-18-04-with-apache2-mariadb-and-php-7-2-support/

Nextcloud 18.04
Operating system and version: ubuntu server 20.04 LTS
Apache2: Apache 2.4.41
PHP: 7.3.18

/etc/apache2/sites-available/nextcloud.conf
<VirtualHost *:80>
ServerAdmin admin@example.com
DocumentRoot /var/www/html/nextcloud/
ServerName example.com
ServerAlias www.example.com

 Alias /nextcloud "/var/www/html/nextcloud/"

 <Directory /var/www/html/nextcloud/>
    Options +FollowSymlinks
    AllowOverride All
    Require all granted
      <IfModule mod_dav.c>
        Dav off
      </IfModule>
    SetEnv HOME /var/www/html/nextcloud
    SetEnv HTTP_HOME /var/www/html/nextcloud
 </Directory>

 ErrorLog ${APACHE_LOG_DIR}/error.log
 CustomLog ${APACHE_LOG_DIR}/access.log combined

systemctl status apache2
apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor prese>
Active: active (running) since Fri 2020-05-22 14:22:18 UTC; 2h 33min ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 1218 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SU>
Main PID: 1241 (apache2)
Tasks: 11 (limit: 5803)
Memory: 349.6M
CGroup: /system.slice/apache2.service
├─1241 /usr/sbin/apache2 -k start
├─1242 /usr/sbin/apache2 -k start
├─1243 /usr/sbin/apache2 -k start
├─1245 /usr/sbin/apache2 -k start
├─1246 /usr/sbin/apache2 -k start
├─1290 /usr/sbin/apache2 -k start
├─1295 /usr/sbin/apache2 -k start
├─1296 /usr/sbin/apache2 -k start
├─1297 /usr/sbin/apache2 -k start
├─1445 /usr/sbin/apache2 -k start
└─1517 /usr/sbin/apache2 -k start

May 22 14:22:18 ubnc systemd[1]: Starting The Apache HTTP Server…
May 22 14:22:18 ubnc apachectl[1239]: AH00558: apache2: Could not reliably dete>
May 22 14:22:18 ubnc systemd[1]: Started The Apache HTTP Server.

journalctl -xe
May 22 16:34:49 ubnc systemd[1863]: Startup finished in 102ms.
– Subject: User manager start-up is now complete
– Defined-By: systemd
– Support: http://www.ubuntu.com/support

– The user manager instance for user 1000 has been started. All services queued
– for starting have been started. Note that other services might still be starting
– up or be started at any later time.

– Startup of the manager took 102051 microseconds.
May 22 16:34:53 ubnc sudo[1969]: pam_unix(sudo:auth): Couldn’t open /etc/securetty: No such file or directory
May 22 16:34:55 ubnc sudo[1969]: pam_unix(sudo:auth): Couldn’t open /etc/securetty: No such file or directory
May 22 16:34:55 ubnc sudo[1969]: r : TTY=pts/0 ; PWD=/home/r ; USER=root ; COMMAND=/usr/bin/su
May 22 16:34:55 ubnc sudo[1969]: pam_unix(sudo:session): session opened for user root by r(uid=0)
May 22 16:34:55 ubnc su[1970]: (to root) r on pts/0
May 22 16:34:55 ubnc su[1970]: pam_unix(su:session): session opened for user root by r(uid=0)
May 22 16:39:01 ubnc CRON[1996]: pam_unix(cron:session): session opened for user root by (uid=0)
May 22 16:39:01 ubnc CRON[1997]: (root) CMD ( [ -x /usr/lib/php/sessionclean ] && if [ ! -d /run/systemd/system ]; then /usr/lib/php/sessionclean; fi)
May 22 16:39:01 ubnc CRON[1996]: pam_unix(cron:session): session closed for user root
May 22 16:39:32 ubnc systemd[1]: Starting Clean php session files…
– Subject: A start job for unit phpsessionclean.service has begun execution
– Defined-By: systemd
– Support: http://www.ubuntu.com/support

– A start job for unit phpsessionclean.service has begun execution.

– The job identifier is 1008.
May 22 16:39:32 ubnc systemd[1]: phpsessionclean.service: Succeeded.
– Subject: Unit succeeded
– Defined-By: systemd
– Support: http://www.ubuntu.com/support

– The unit phpsessionclean.service has successfully entered the ‘dead’ state.
May 22 16:39:32 ubnc systemd[1]: Finished Clean php session files.
– Subject: A start job for unit phpsessionclean.service has finished successfully
– Defined-By: systemd
– Support: http://www.ubuntu.com/support

– A start job for unit phpsessionclean.service has finished successfully.

– The job identifier is 1008.

I will be grateful for the help!

You’ve posted a hell of a lot there! But you weren’t too clear on the issue. By “externally”, I assume you mean outside your LAN, but you haven’t explained your setup. Do you have a domain? Or are you accessing via IP address? Have you forwarded port 80 in your router to your server?

That guide you’re using isn’t very good. You should probably use the packages available for your distro instead of cloning from Github. Nextcloud has it’s own updater or you can use the packages provided by the distro. Repeatedly cloning from Github is asking for trouble.

That guide also provides no information regarding HTTPS, which is a massive oversight from something written in 2018. I’ve been using Let’s Encrypt since 2016, and self-signed certificates before that. HTTPS was completely free for years before that guide was written, yet it says nothing about it. I’d NEVER put anything personal on a site not secured by HTTPS.

Is this really your config? If so, I’m surprised you can access it all. You can’t blindly copy the config from that guide without putting in your our domain. “Example.com” is just a placeholder. Are you accessing it via IP?

I would never configure my server the way that guide describes. This is how I’ve configured my Apache vhosts:

<VirtualHost *:80>
    ServerName cloud.darksteve.tk
    Redirect permanent / https://cloud.darksteve.tk/
</VirtualHost>

<VirtualHost *:443>
    DocumentRoot /usr/local/www/nextcloud
    ServerName cloud.darksteve.tk
    SSLEngine on
    SSLCertificateFile /path/to/cetificate.pem
    SSLCertificateKeyFile /path/to/privatekey.pem
</VirtualHost>

I’ve hidden the location of my certificate and key, otherwise that’s my config. My locations are different to yours, since I’m on FreeBSD. Port 80 is the default HTTP port, while 443 is the default HTTPS port.

You can get your HTTPS certificates from a free Certificate Authority like Let’s Encrypt, or you can pay for them elsewhere, or you can create your own (self-signed). Keep in mind that self-signed certificates will throw warnings in browsers, and most phone apps will refuse to work with them. I recommend using Let’s Encrypt. HTTPS isn’t something you just “activate”, and that guide has done you a disservice by ignoring it.

Good luck with this, I’m not sure how much more I can tell you!

Read this installation guide

If you used example.com verbatim in your config, that’s one problem. I also don’t see a HTTPS virtual host.

If you’re interested in trying it with Docker, here’s a guide I wrote myself. Or you can use the non-Docker parts for reference.

Although I don’t typically recommend the snap package due to its limitations, it’s arguably the easiest method to set up. With Ubuntu you can even select it during OS installation. Something to consider.