nextcloud.enable-https lets-encrypt DOSE NOT JUST WORK!
certbot aone can regsiter domain and I get sertifiacte to to standard location,
but could not figure out how to install it for nextcloud, tried to copy links
to certificates for nexcloud but it says those are empty.
Have I understood correctly that standard apt-get version works better ?
Nextcloud at my server is located non-standard port, could this be reason?
snap just dose not work!
Yep. Port configuration · nextcloud-snap/nextcloud-snap Wiki · GitHub
Note: Let’s Encrypt will expect that Nextcloud is exposed on ports 80 and 443. If you change ports and don’t put Nextcloud behind a proxy such that ports 80 and 443 are sent to Nextcloud for that domain name, Let’s Encrypt will be unable to verify ownership of your domain and will not grant certificates.
Yes but ports 80 and 443 are open, certbot can fetch certificate sto my other servers BUT NEXCLOUD SNAP CAN NOT !! That’s the point. There is bug. My solution is not to use snap anymore instead to do traditional install due then I know how itys installed and can easyly to be configured. snap nextcould is programming over programming that philosophy just dose not work out and totaly against .linux basics !
The snap package is primarily meant to be an all-in-one solution for users that aren’t Linux experts and don’t have complex environments with multiple web applications running. So, If you forward port 80 and 443 directly to the server where the sanp is installed, without an additional web server running on that server, the script for getting certs, provided by the Snap, does work just fine.
However, if you are running a separate web server you have to let that separate web server handle the certs, and then add a reverse proxy configuration for the snap package to it. This is because the web server that is handling the certificates must be running on port 80 in order for the HTTP challenge to work. And while the Snap package does provide its own web server, obviously only one web server can run on port 80, which means in your case, the external webserver has to handle the certificate requests for all the applications that are running on that server or behind the same public IP address.