I hesitate to start a topic which wounds like it should just be a documentation page, but I am stumped after days trying to install NextCloud on a standard Ubuntu 18.04 server.
The server has one fixed IP address and already has multiple DNS names. Apache2 uses IP name based routing to serve the right thing for different hostnames. The name cloud.example.org correctly points to my IP address, as do several other domain names. The IP address, 22.214.171.124, below, is fictitious.
Below is what I am trying, and the failed result. I have success getting the login page for a simple http (non-https) site after the first step, but need to get the https working.
sudo snap install nextcloud sudo nextcloud.manual-install myadmin mypasswerd sudo nextcloud.occ config:system:set trusted_domains 1 --value=cloud.example.org sudo nextcloud.occ config:system:get trusted_domains # Create a virtual host for apache2's http site, # ie a file in /etc/apache2/sites-enabled for cloud.example.org. # That file starts with # <VirtualHost 126.96.36.199:80> # ServerName cloud.example.org # # What else should be in that file?! Or do I need to use a different port, # and redirect this domain there?? sudo letsencrypt cloud.example.org # Copy the certificate files somewhere where nextcloud can read them sudo cp -a /etc/letsencrypt/live/cloud.example.org/*.pem /var/snap/nextcloud/current/ # Apply this certificate to the nextcloud server cd /var/snap/nextcloud/current sudo nextcloud.enable-https custom ./cert.pem ./privkey.pem ./chain.pem # (Can now delete the copied pem files above) # Now everything should work. But it does not. # Browsing to http://cloud.mydomain.com or # https://cloud.mydomain.com gives (for https case): Service Unavailable The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later. Apache/2.4.29 (Ubuntu) Server at cloud.example.org Port 443
$ sudo snap get nextcloud ports Key Value ports.http 80 ports.https 443 $ sudo snap info nextcloud name: nextcloud summary: Nextcloud Server - A safe home for all your data publisher: Nextcloud✓ store-url: https://snapcraft.io/nextcloud contact: https://github.com/nextcloud/nextcloud-snap license: unset description: | Where are your photos and documents? With Nextcloud you pick a server of your choice, at home, in a data center or at a provider. And that is where your files will be. Nextcloud runs on that server, protecting your data and giving you access from your desktop or mobile devices. Through Nextcloud you also access, sync and share your existing data on that FTP drive at school, a Dropbox or a NAS you have at home. commands: - nextcloud.disable-https - nextcloud.enable-https - nextcloud.export - nextcloud.import - nextcloud.manual-install - nextcloud.mysql-client - nextcloud.mysqldump - nextcloud.occ services: nextcloud.apache: simple, enabled, inactive nextcloud.mdns-publisher: simple, enabled, active nextcloud.mysql: simple, enabled, active nextcloud.nextcloud-cron: simple, enabled, active nextcloud.nextcloud-fixer: simple, enabled, active nextcloud.php-fpm: simple, enabled, active nextcloud.redis-server: simple, enabled, active nextcloud.renew-certs: simple, enabled, active ...
One more note. The following simple sequence works perfectly for bringing up Nextcloud service at https://cloud.example.org:9003:
sudo snap remove nextcloud sudo snap install nextcloud sudo nextcloud.manual-install myadmin mpasswerd sudo snap set nextcloud ports.http=9002 sudo snap set nextcloud ports.https=9003 sudo nextcloud.occ config:system:set trusted_domains 1 --value=cloud.example.org sudo cp /etc/letsencrypt/live/cloud.example.org/cert.pem /etc/letsencrypt/live/cloud.example.org/privkey.pem /etc/letsencrypt/live/cloud.example.org/chain.pem /var/snap/nextcloud/current/ cd /var/snap/nextcloud/current/ sudo nextcloud.enable-https custom cert.pem privkey.pem chain.pem
However, I don’t want to have to include a port number when sharing the server URL.
So the task remains to get Apache to forward requests on ports 80 and 443 to either localhost:9003 or cloud.example.org:9003 while making everyone happy with certificates and rewrite engines or whatever.