Nextcloud Snap on a different port, signing/subdomain question

Hey people, I managed to install/run Snap version of Nextcloud, but I am running it on a custom port:

sudo snap set nextcloud ports.http=185
sudo snap set nextcloud ports.https=186

I have moved Nextcloud to these ports because I have another apache web server running on ports 80/443.

I can access my domain/website just fine at (and https works just fine):

Now I am running nextcloud and it, of course, has the same ip as it is on the same network, and I managed to make it accessible like this: (as I have changed the port, right?)

The problem is, I can’t sign it with lets encrypt or even self-signed now.

Two questions i have:

  1. How do I sing it in this configuration (snap, running on a different http/https port)

  2. What do I need to change if I want it to be accessible like this:

Thanks! Love Nextcloud and can’t wait to use it for my team as soon as it is setup.

In your other Apache server on the host, you would set up a reverse proxy vhost that relays the connection back to the other port. Then you would run certbot at the proxy instead of the snap.

I wrote a guide for a Docker setup with reverse proxy. I don’t use snap, but the reverse proxy part will be very similar if you want to see a working example.

Yep, that is the problem. I can’t find good info about this. Docker and tons of config is to much. I have everything running, I just need that help with maybe linking/point my nextcloud snap instance to my existing domain as it already is certified.

Well you can’t quite do it that way because when you use a proxy, the proxy is the endpoint of your encryption. The proxy must have the certificate whether the backend server does or not.

You can actually pass plain HTTP from the proxy back to the real service since there isn’t exactly a risk of it being intercepted in the box.