There is this Q&A at https://docs.nextcloudpi.com/en/faq/faq/ about setup Let’s Encrypt with blocked ports.
" How do I set up Let’s Encrypt with blocked ports?
- If you only have port 443 available, you can use the following workaround: copy that code and after that try again from the web interface or
sudo wget https://raw.githubusercontent.com/nextcloud/nextcloudpi/beb9bc1ee2909a1ab6bfde7398ddf19a50d02478/etc/nextcloudpi-config.d/letsencrypt.sh -O /usr/local/etc/nextcloudpi-config.d/letsencrypt.sh
Is it correct to put letsencrypt.sh to /usr/local/etc/nextcloudpi-config.d ?
How does the WebUI know that there is a work around script n nextcloudpi-config.d?
You’re right, it does not seem to be the logical or correct place to put it…
/usr/local/bin/ncp/NETWORKING/ is where the original letsencrypt.sh is
Afaik any script in there will automatically show up in the menu, options and discriptions are kept in .cfg files in /usr/local/etc/ncp-config.d/
If someone can confirm this, I will edit the faq.
I did not find letsencrypt.sh in /usr/local/bin/ncp/SECURITY but found it under /usr/local/bin/NETWORKING. After I put the file there and clicked letsencrypt on the dashboard. I got:
[ letsencrypt ] (Tue Jul 14 09:36:04 PDT 2020)
/usr/local/bin/ncp/NETWORKING/letsencrypt.sh: line 48: /etc/letsencrypt/letsencrypt-auto: No such file or directory
Just had a look at that code, it just installs the packages, it does not actually get a certificate, so its location /usr/local/etc/nextcloudpi-config.d/letsencrypt.sh is probably correct.
Because my installation doesn’t have nextcloudpi-config.d, I put letsencrypt.sh in /usr/local/etc/ncp-config.d . When I clicked “letsencrypt” on the Web UI, it still used the http-01 challenge. There is no difference if I ran /usr/local/etc/ncp-config.d/letsencrypt before I invoked letsencrypt from the dashboard.