[SNAP] Nextcloud + SSL on other Port

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP)
, , ,
#1

Hello everybody!

Some time ago I installed Nextcloud as a snap on an Ubuntu server. I am currently running version 19.0.1 as a snap on an Ubuntu Server 20.04 LTS and can access the instance from the Internet via port 55055.

However, I also want to create a Let’s Encrypt certificate and that gives me a headache. Unfortunately, I cannot run the instance on the standard HTTPS port because another web application is already running that absolutely needs the port.

I already had two ideas:

  • Let’s Encrypt with DNS validation
  • Reverse proxy

With the variant with the reverse proxy, I have to edit the config.php which is not possible in the snap variant after everything I have read.

Unfortunately I couldn’t get either of the two options to work with the snap installation. Does anyone of you know another option or a tutorial with which I can do that. After a long research, I got no further.

#2

just thinking loud, since i don’t have a snap installtion at hand.

assuming you managed to configure snap-nextcloud to use custom certs. which is mentioned in the docs. " See nextcloud.enable-https -h for more information."

then you should look at

since you define the path to the cert files on the cli you should be able to create them for your snap installation.

e.g.:

acme.sh --install-cert -d example.com \
--cert-file      /path/to/certfile/in/apache/cert.pem  \
--key-file       /path/to/keyfile/in/apache/key.pem  \
--fullchain-file /path/to/fullchain/certfile/apache/fullchain.pem \
--reloadcmd     "service apache2 force-reload"

of course you have to use another reloadcmd.

acme.sh supports a long list of dns providers and wildcard certs.

#3

Yes you can use ACME.sh. I personally use a reverse proxy with the snap which allows use of the Let’s Encrypt integration. Here’s a wiki page that describes my setup: https://github.com/nextcloud/nextcloud-snap/wiki/Putting-the-snap-behind-a-reverse-proxy

Uh… yes of course it’s possible, not sure what you’ve been reading. Nextcloud isn’t very usable without an editable config.php.

#4

OK thank you for the quick answer!
I will rethink my way of resarch…

My Solution is:

Proxy Server running HAproxy (seperate VM) direkting to the VM with Ubuntu 20.04 running Nextcloud as a snap with enabled HTTPS with let’s encrypt (nextcloud.enable-https lets-encrypt)

Works fine!

Thank u so much!

1 Like