@Reiner_Nippes Donāt forget that i just want to secure nextcloud using https. Nothing else. I can go back when i want using my snapshot.
you should have some lines like
[Sun Mar 10 18:26:04.397753 2019] [mpm_event:notice] [pid 4105:tid 140110011385728] AH00489: Apache/2.4.38 (Unix) OpenSSL/1.0.2g configured -- resuming normal operations
do you have certificates in the certsfolder?
ls /var/snap/nextcloud/current/certs/
there should be a live
or self-signed
folder as well. if they donāt existed something went wrong with sudo nextcloud.enable-https ....
also you can check the log/letsencrypt.log for warnings/errors.
just to be sure. may you rerun sudo nextcloud.enable-https letsencrypt
and look if the folder live
appears in /var/snap/nextcloud/current/certs/
Iāve this :
root@debian:/home/p-e# snap set nextcloud.enable-https letsencrypt
error: invalid configuration: āletsencryptā (want key=value)
root@debian:/home/p-e# snap set nextcloud.enable-https
error: the required argument <conf value> (at least 1 argument)
was not provided
sorry.
i forgot the - after lets.
ec2-user@:~$ sudo nextcloud.enable-https -h
Usage:
nextcloud.enable-https -h
Display this help message.
nextcloud.enable-https <subcommand> [OPTIONS]
Run the provided subcommand.
Available subcommands:
lets-encrypt [OPTIONS]
Obtain a certificate from Let's Encrypt and automatically keep it
up-to-date.
self-signed
Generate and use a self-signed certificate. This is easier to
setup than Let's Encrypt certificates, but will cause warnings in
browsers.
custom [OPTIONS]
Use certificates generated by other means.
root@debian:/home/p-e# snap set nextcloud.enable-https lets-encrypt
error: invalid configuration: ālets-encryptā (want key=value)
root@debian:/home/p-e# snap set nextcloud.enable-https -lets-encrypt
error: unknown flag `lā
and when i type -help, I donāt have the same as you.
root@debian:/home/p-e# snap set nextcloud.enable-https -help
Usage:
snap set [set-OPTIONS] ā¦
The set command changes the provided configuration options as requested.
$ snap set snap-name username=frank password=$PASSWORD
All configuration changes are persisted at once, and only after the
snapās configuration hook returns successfully.
Nested values may be modified via a dotted path:
$ snap set author.name=frank
[set command options]
āno-wait Do not wait for the operation to finish but just print
the change id.
[set command arguments]
: The snap to configure (e.g. hello-world)
: Configuration value (key=value)
why that?
just
Because
root@debian:/home/p-e# nextcloud.enable-https lets-encrypt
bash: nextcloud.enable-https: command not found
@Reiner_Nippes
if there is no /snap/bin/nextcloud.enable-https
there is something wrong with your machine.
or /snap/bin is missing in $PATH (checked with echo $PATH
)
root@ip-172-31-52-96:~# which nextcloud.enable-https
/snap/bin/nextcloud.enable-https
root@ip-172-31-52-96:~# nextcloud.enable-https lets-encrypt
In order for Let's Encrypt to verify that you actually own the
domain(s) for which you're requesting a certificate, there are a
number of requirements of which you need to be aware:
1. In order to register with the Let's Encrypt ACME server, you must
agree to the currently-in-effect Subscriber Agreement located
here:
https://letsencrypt.org/repository/
By continuing to use this tool you agree to these terms. Please
cancel now if otherwise.
2. You must have the domain name(s) for which you want certificates
pointing at the external IP address of this machine.
3. Both ports 80 and 443 on the external IP address of this machine
must point to this machine (e.g. port forwarding might need to be
setup on your router).
Have you met these requirements? (y/n) nextcloud.enable-https
YOS ! Thank you !!!
But there is still something that I donāt understand. Why is the PATH missing ?
Now for the HTTPS, itās good, but in my server, what about the encryption ? How can i protect my files server sided and how can i access to them if they are encrypted ?
Thanks
that question goes to the snap programmers.
itās added normally here:
/etc/profile.d/apps-bin-path.sh:# Expand $PATH to include the directory where snappy applications go.
/etc/profile.d/apps-bin-path.sh:if [ -n "${PATH##*${snap_bin_path}}" -a -n "${PATH##*${snap_bin_path}:*}" ]; then
/etc/profile.d/apps-bin-path.sh: export PATH=$PATH:${snap_bin_path}
you can add it by putting export PATH=$PATH:/snap/bin
at the end of /etc/environment
ā Encryption configuration ā Nextcloud 15 Administration Manual 15 documentation
@Reiner_Nippes
/etc/environment is completly blank. Is this normal ?
Do you think itās necessary to encrypt my files ?
who installed that server? that should not be normal.
thatās discussed here: Server encryption even worth it? - #6 by Krischan
Iāve installed the server using a clean debian image.
Thanks for the link.
on debian itās empty. so thatās ok.
Ok, i think thatās the end of the topic, thank you a lot for your help ! Have a good day/night.