freenas 11.2 and nextcloud plugin

[darkobas]

hi

i want to enable ssl for nextcloud but all guides i have found seem to be out of date for the current freenas and its nextcloud plugin.

i have just fresh installed the current freenas 11.2.

i have successfully installed letsencrypt on it. now i want to use the cert also for nextcloud. please any help would be appreciated.

 

[garm]

https://forums.freenas.org/index.ph...-of-nextcloud-14-in-iocage-jail.62485/page-20

 

[darkobas]

https://forums.freenas.org/index.ph...-of-nextcloud-14-in-iocage-jail.62485/page-20

yeah i have tried that. seems the script has a lot of issues on new freenas. from missing bash to missing or unvail packages to download.

 

[garm]

https://forums.freenas.org/index.php?threads/updated-forum-rules-4-11-17.45124/

 

[danb35]

seems the script has a lot of issues on new freenas.

...none of which you've bothered to share in the thread for that script...

 

[Lotik]

hi

i want to enable ssl for nextcloud but all guides i have found seem to be out of date for the current freenas and its nextcloud plugin.

i have just fresh installed the current freenas 11.2.

i have successfully installed letsencrypt on it. now i want to use the cert also for nextcloud. please any help would be appreciated.

Did you solve it? I am finding same solution. I have installed NextCloud plugin on Freenas 11.2 and I want use ssl Is it any solution for it?

 

[samuel-emrys]

want to enable ssl for nextcloud but all guides i have found seem to be out of date for the current freenas and its nextcloud plugin.

i have just fresh installed the current freenas 11.2.

i have successfully installed letsencrypt on it. now i want to use the cert also for nextcloud. please any help would be appreciated.

Did you solve it? I am finding same solution. I have installed NextCloud plugin on Freenas 11.2 and I want use ssl Is it any solution for it?

I wrote a detailed guide for the manual installation of NextCloud 14/15, including how to use certbot to acquire a certificate, configure apache to use the certificate/redirect HTTP to HTTPS, and other hardening measures. It doesn't use the plugin, but it should address a lot of both of your needs

 

[oneness]

I wrote a detailed guide for the manual installation of NextCloud 14/15, including how to use certbot to acquire a certificate, configure apache to use the certificate/redirect HTTP to HTTPS, and other hardening measures. It doesn't use the plugin, but it should address a lot of both of your needs

Thanks for the guide. The problem is mate, is that if you use the inbuilt plugin (installed via web GUI, and don't do it all manually), it uses nginx instead of apache so none of the available guides I can find anywhere are viable.

Ideally someone knowledgable should/could tweak the built-in installer to have working ssl support, or provide some kind of hook to open a guide to get it set up. I would if I could, but at the moment I'm just using it on my LAN only and relying on that.

 

[Zenman2010]

I have to agree with you about the Guides being out of date!!!

It's important for the security and performance of your instance that everything is configured correctly. To help you with that we are doing some automatic checks. Please see the linked documentation for more information.

There are some warnings regarding your setup.
PHP does not seem to be setup properly to query system environment variables. The test with getenv("PATH") only returns an empty response. Please check the installation documentation ↗ for PHP configuration notes and the PHP configuration of your server, especially when using php-fpm.

MySQL is used as database but does not support 4-byte characters. To be able to handle 4-byte characters (like emojis) without issues in filenames or comments for example it is recommended to enable the 4-byte support in MySQL. For further details read the documentation page about this.

Accessing site insecurely via HTTP. You are strongly adviced to set up your server to require HTTPS instead, as described in the security tips ↗.

Some columns in the database are missing a conversion to big int. Due to the fact that changing column types on big tables could take some time they were not changed automatically. By running 'occ db:convert-filecache-bigint' those pending changes could be applied manually. This operation needs to be made while the instance is offline. For further details read the documentation page about this.

Please double check the installation guides ↗, and check for any errors or warnings in the log.

Check the security of your Nextcloud over our security scan ↗.

The new plugin uses nginx and there is not a lot of info about setting up the php with it
Why is the php not correctly set up?
Why is the MySQL DB not setup properly??
Would be nice to have HTTPS set up some what but no big deal that can be figured out but would be nice to have.

 

[farissaati]

hi

i want to enable ssl for nextcloud but all guides i have found seem to be out of date for the current freenas and its nextcloud plugin.

i have just fresh installed the current freenas 11.2.

i have successfully installed letsencrypt on it. now i want to use the cert also for nextcloud. please any help would be appreciated.

It seems that we are in the same boat.
The problem is that Nextcloud when installed as plugin on FreeNAS, it comes pre-configured with Nginx.
The solution is to edit the Nginx config file as follows:


Step 1: I highly recommend installing nano editor because it's much easier to work with than Vi , and since the jail created for the plugin does not have the pkg repository enabled, we need to enable it manually. Type:
Vi /usr/local/etc/pkg/repos/FreeBSD.conf

Now we need to edit the file to say "enabled yes"
1- to delete the word "no", move the cursor to the letter "n", and press "d" on the keyboard
2- to start typing, press "i" on the keyboard, then write the word "yes", then Ctrl+c to exit typing mode.
3- enter the command ":wq!" (without quotes) on the keyboard to exit and save changes.

Step 2: install nano by typing pkg install nano

Step 3: Locate the config file named "nextcloud.conf" using the command find / -name nextcloud.conf
(mine was in /usr/local/etc/nginx/conf.d/nextcloud.conf)

Step 4: Stop Nginx service by typing service nginx stop

Step 5: Type nano /usr/local/etc/nginx/conf.d/nextcloud.conf
(change the path if yours from Step 3 is different)

Step 6: At the top of the file, do the following:
1- change listen value from "80" to "443 ssl"
2- In a new line under Server_name, insert these four lines:
ssl_certificate /etc/ssl/cert.pem;
ssl_certificate_key /etc/ssl/key.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;

Of course, you'll need to place your SSL certificate and key in the folder /etc/ssl, or simply edit the line to point to wherever yours are.

Step 7: Press Ctrl+o to save changes, then Ctrl+x to exit nano

Step 8: Start Nginx by typing service nginx start

And that's it, enjoy your new installation of nextcloud.
Props to creators.

P.S.
You may encounter an error page where nextcloud trusted domains need to be updated.
The following simple guide by LukasReschke was very helpful:

HowTo: Add a new trusted domain

Trusted domains are used by Nextcloud to prevent Host Header Poisoning. You need to specify every domain at which your Nextcloud can be accessed. This means if you have Nextcloud installed at “192.168.0.29” and also want it to be accessible at “cloud.example.com” you’d need to modify the...

help.nextcloud.com

Simply type nano /usr/local/www/nextcloud/config/config.php then follow the guide and you'll be fine. Took me 3 minutes.