Working solution:
Step 1:
Generate keys:
Log into freenas gui
Under System select CAs
Add and fill out information for your CA (used a generic one that was self signed)
Under Certificates
Add and fill out information for your certs (used a generic on that was self signed)
Click on 3 dots in right side of new certs and select view
This view displays the cert and key that was just created. Copy somewhere you will use them in a moment.
This step can be done before cert creation but make sure you installed nextcloud via the plugins in freenas.
You need to know the Pool name of disk you installed nextcloud with. This can be checked in the Storage / Disks in GUI
Open Shell from freenas GUI
Code:
cd /mnt/<Pool-Name>/iocage/jails/nextcloud/root/
Now to use the key and cert
Step 2:
Save keys to nextcloud can use them
Quick vi tips
starts insert mode you will need to do this in order to paste
writes or saves file
exits
Create and open cert.crt
Then paste
Code:
-----BEGIN CERTIFICATE-----
*************************************
-----END CERTIFICATE-----
Then paste
Code:
-----BEGIN PRIVATE KEY-----
*************************************
-----END PRIVATE KEY-----
Step 3:
Edit config to enable ssl
Code:
vi usr/local/etc/nginx/conf.d/nextcloud.conf
Update the top of the file to look like the following
Code:
server {
listen 80;
listen 443 ssl;
ssl_certificate /etc/ssl/cert.crt;
ssl_certificate_key /etc/ssl/cert.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
server_name _;
Step 4:
Restart nextcloud via the plugin manager 3 dots
Then watch the logs on nginx as you try to access nextcloud gui
Code:
tail -f var/log/nginx/access.log /var/log/nginx/error.log
If everything went smoothly you should be up and running with both a http and https nextcloud
Don't forget to port forward 443 to your nextcloud instance.
Happy hacking!
PS If you want to add a trusted domain
Add your domain
Code:
vi usr/local/www/nextcloud/config/config.php
Code:
'trusted_domains' =>
array (
0 => 'local-ip-address',
1 => 'newdomain.com'
),