Snap HTTPS + Security

Hello,

I’m hosting NextCloud on Debian 9 and i want to use HTTPS instead of HTTP.

I have completly read the installation guide but didn’t succeed.

In fact, I would like to completely secure the cloud, as well as intra and off-network exchanges.

Can you help me ?

Thanks.

You have to be more precise. If you are using Apache you may have a look at https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-debian-9

@peteman52 Thank you for your reply. I forgot to precise that i installed NC using snap and i’ve done nothing else.

nextcloud.enable-https -h ?

@Reiner_Nippes I’ve already done this, but after i make these commands, i can’t access to nextcloud anymore.

ok. which error did you get? where (browser/server)? and what is in the logs?

@Reiner_Nippes I don’t know how to access to the logs.

what’s the output of: ls $SNAP_DATA

@Reiner_Nippes

When i do that, it’s like i’m only doing “ls” and nothing else. But i triend to do “ls $” and $SNAP_DATA was not in the list and nothing like that appeared.

which user do you use?

$SNAP_DATA is a shell variable. but may be not set to all users. did you try as root?

to check if the variable is set: env

@Reiner_Nippes I’m logged in as root and what i’m supposed to read when i do the command “env” ?

env provides you with the list of all shell variables.

env | grep SNAP would only output those with SNAP in there name. if this is blank the variable is not set.

since i don’t have great experience with snap give me a second to find out where the log files are.

@Reiner_Nippes oh no, it’s blank :frowning:

what’s in sudo ls /var/snap/nextcloud/current/apache/logs/ ?

error_log php_errors.log
@Reiner_Nippes

tail /var/snap/nextcloud/current/apache/logs/error_log

tail /var/snap/nextcloud/current/apache/logs/error_log
[Sun Mar 10 16:23:21.676268 2019] [unixd:alert] [pid 7807:tid 140321933031296] AH02155: getpwuid: couldn’t determine user name from uid 4294967295, you probably need to modify the User directive
[Sun Mar 10 16:23:21.676301 2019] [unixd:alert] [pid 7806:tid 140321933031296] AH02155: getpwuid: couldn’t determine user name from uid 4294967295, you probably need to modify the User directive
[Sun Mar 10 16:23:48.701105 2019] [unixd:alert] [pid 9265:tid 140321933031296] AH02155: getpwuid: couldn’t determine user name from uid 4294967295, you probably need to modify the User directive
[Sun Mar 10 16:25:36.676883 2019] [mpm_event:notice] [pid 7804:tid 140321933031296] AH00491: caught SIGTERM, shutting down
AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1. Set the ‘ServerName’ directive globally to suppress this message
[Sun Mar 10 16:25:45.605974 2019] [mpm_event:notice] [pid 12080:tid 140397985822592] AH00489: Apache/2.4.38 (Unix) configured – resuming normal operations
[Sun Mar 10 16:25:45.606081 2019] [core:notice] [pid 12080:tid 140397985822592] AH00094: Command line: ‘httpd -d /snap/nextcloud/11891 -D FOREGROUND’
[Sun Mar 10 16:25:45.607014 2019] [unixd:alert] [pid 12082:tid 140397985822592] AH02155: getpwuid: couldn’t determine user name from uid 4294967295, you probably need to modify the User directive
[Sun Mar 10 16:25:45.607190 2019] [unixd:alert] [pid 12081:tid 140397985822592] AH02155: getpwuid: couldn’t determine user name from uid 4294967295, you probably need to modify the User directive
[Sun Mar 10 16:25:45.607609 2019] [unixd:alert] [pid 12083:tid 140397985822592] AH02155: getpwuid: couldn’t determine user name from uid 4294967295, you probably need to modify the User directive
@Reiner_Nippes

could you please perform a

grep -i ssl /var/snap/nextcloud/current/apache/logs/error_log

?

@Reiner_Nippes Blank, nothing

@Reiner_Nippes Don’t forget that i just want to secure nextcloud using https. Nothing else. I can go back when i want using my snapshot.