OS: Ubuntu 20
snap install nextcloud
Ports: 80 and 443 are open and accessible. I checked this for creating dummy web servers (
python3 -m http.server $PORT ). I can reach these with my ufw rules (en)|(dis)abled.
DNS: I’m using Google Domains. I can curl my domain and get the login page on port 80. My browsers insist on https and refuse to connect.
Previous Usage: I was using this solely on my home network, using a .local domain (I think its called avahi / mdns / zeroconf / bonjour). This still works.
Possible confounding factors:
- Pihole using ports 53 (dns), 81 (website)
- After I created this question, I successfuly generated a self signed certificate. While I could add an exception to my devices I’d rather not. So now I need to figure out how to get ride of this. I’m able to reach my domain and they complain about the cert.
sudo nextcloud.enable-https lets-encrypt
Log: Should I include
/var/snap/nextcloud/current/certs/certbot/logs/letsencrypt.log? They seem to contain sensitive information.
Saving debug log to /var/snap/nextcloud/current/certs/certbot/logs/letsencrypt.log Plugins selected: Authenticator webroot, Installer None Obtaining a new certificate Performing the following challenges: http-01 challenge for cloud.hybras.dev Using the webroot path /var/snap/nextcloud/current/certs/certbot for all unmatched domains. Waiting for verification... Challenge failed for domain cloud.hybras.dev http-01 challenge for cloud.hybras.dev Cleaning up challenges Some challenges have failed. IMPORTANT NOTES: - The following errors were reported by the server: Domain: cloud.hybras.dev Type: connection Detail: Fetching http://cloud.hybras.dev/.well-known/acme-challenge/FRphGHVH6gIUx1Z-MD0-pVCasnCtCkAxJbjKvyS0iNY: Timeout during connect (likely firewall problem) To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.