Let's encrypt doesn't work with MyFritz and Nextcloud

Hi,

I followed the guides here in the forum and by TechnoDadLife to set up Let's encrypt with Nextcloud, as DDNS-provider I'm using MyFritz. In the settings of my FritzBox it's possible to use certificates from let's encrypt automatically for my MyFritz address (something.myfritz.net), I've activated it and it does work if I'm accessing my FritzBox from outside via https://something.myfritz.net:1234.

I then created a port release for Nextcloud and linked it to MyFritz which worked as well, I can reach my Nextcloud now via myNAS.something.myfritz.net:444. However, the let's encrypt certificate I created before obviously doesn't include this subdomain thus I'm getting a warning message when accessing. Firefox says the certificate comes from linuxserver.io. Further on I set up the letsencrypt-docker, according to docker logs -f letsencrypt everything seems to work, no errors reported. I set the domain to something.myfritz.net and subdomain to myNAS and Let's encrypt seems to create a certificate for myNAS.something.myfritz.net indeed, but when accessing my Nextcloud nothing has changed, the certificate is still not trusted and comes from linuxserver.io. Does anyone have a clue how to get this work?

Further infos: My nextcloud and letsencrypt dockers are currently connected to two networks, bridge and my-network like in the video by TechnoDadLife . When I remove my-network from nextcloud, myNAS.something.myfritz.net does not get redirected automatically to myNAS.somethin.myfritz.net like before. Thus I'm getting 502 Bad Gateway when accessing it, but the certificate by Let's encrypt works here. So it looks like either this certificate doesn't include port 444 or it is somehow overwritten by this linuxserver certificate when accessing port 444.

Furthermore when I'm trying to access https://something.myfritz.net I'm getting a warning now, that its certificate (Let's encrypt) is only valid for myNAS.something.myfritz.net. Otherwise, when I'm trying to access my FritzBox settings via MyFritz (something.myfritz.net:port) the certificate is valid, it looks like this is the certificate I configured in the FritzBox settings directly. I find that a liitle bit weird

Ok, I found out what was wrong. Because the Nextcloud-adress I got from MyFritz is not like nextcloud.example.com, but nextcloud.something.example.com:444 I thought I had to add the port in the config.php of the Nextcloud docker as well. I removed it now from overwrite.cli.url and overwritehost (but kept it in trusted_domains so far, it seems to make no difference) and now I'm able to access my Nextcloud via myNAS.something.myfritz.net directly, without being redirected to port 444. If I'm calling myNAS.something.myfritz.net:444 now, I'm being redirected to myNAS.something.myfritz.net, where there's a valid certificate

I guess the downside of it may be, that I'm now only able to access a single service (i.e. Nextcloud) of my NAS publicly, because I'm getting essentially the same link by MyFritz for everything on my NAS distiguished only by the trailing ports for which the certificates don't work. For now this is not an issue for me though

Hi, sorry for the late reply. I just switched to Nextcloud AIO and set it up using the guide here in the forum via a reverse proxy.

Thread

OMV Quick Configuration Guide

OMV QUICK CONFIGURATION GUIDE


This is a quick guide to make a standard OMV setup with samba and several docker containers running.
Just follow the steps. This is for those users who want to get their server up and running quickly. There are no explanations, if you need to understand something about what you are doing consult the openmediavault documentation and omv-extras to find the information, everything is explained there.

If you want to get the server up and running but have no interest in…

chente

Aug 27th 2023

For the proxy I followed this guide:

Thread

NGINX Proxy Manager with fail2ban guide

OMV nginx-proxy-manager (referred to as NPM from here on) and fail2ban tutorial

This tutorial will assume that you know how to port forward in your router and that you have a DNS service configured to route incoming internet traffic to your internet connection based on your domain. It will also assume that you already have the OMV Compose plugin installed and are familiar with it's use. It is written as a simple and quick "how to", to get you started. Full documentation is available on the…

BernH

Sep 4th 2023

The issue I had then was, that I couldn't get an SSL-certificate from Let's encrypt, because the domain nextcloud.xyz.myfritz.net was not registered. I eventually found a trick how to do it without any external DNS service providers:

• Requirements for the following are, that you created a myfritz-account and got a personal URL xyz.myfritz.net for your Fritzbox and set up a port release for your server (e.g. ports 80 and 443). There are How-To's by AVM for doing this. This will register the URL myserver.xyz.myfritz.net
• Now go to Internet - Network (Internet - Netzwerk in german, not sure if my translation applies) and rename yourserver in nextcloud (or anything you want in your subdomain)
• Back to Internet - Releases (Internet - Freigaben) and edit the port release for myserver (pen symbol next to it). Scroll to the bottom, add new release: MyFRITZ!-Release - HTTPS-Server - activate release.
• This registers nextcloud.xyz.myfritz.net, the release can (and probably should) be removed again. You can repeat this for as many subdomains as you want (?).