Letsencrypt and Nextcloud

MarcS · 29. Juli 2020

Does anyone know how to install Letsencrypt on a Docker container with non-standard port (port 444)?

Morlan · 29. Juli 2020

Zitat von monsen
Thank you for bringing this up. That exactly solved my problem of changing the nextcloud port to a custom port.
Maybe i should mention here a bit more precisely how to do it:

1. Add this to your config.php of nextcloud:
Code
'overwritehost' => 'yourDynHost:444',
Where 444 is the port of your letsencrypt docker for https. In the original howto this port is where you forward your traffic from external access on 443 to
(443 -> 444).

2. Add a rule in your router config to forward 444 external (WAN) to 444 internal (LAN).
Of course you do not need the 443 to 444 rule anymore afterwards.

This is how i got it running here now.
Alles anzeigen

Nextcloud with Letsencrypt using OMV and docker-compose - Q&A

MarcS · 29. Juli 2020

thanks. I will try this.

I also have trouble generating my letsencrypt certificate. I always get error message:

waiting for verification...

Challenge failed for domain mydomain.xyz

Cleaning up challenges

Challenges failed for all domains

Have you seen this? Any ideas ?

macom · 29. Juli 2020

Check your port forwarding for port 80. Letsencrypt need port 80.

MarcS · 29. Juli 2020

thanks - port 80 is open

macom · 29. Juli 2020

so forwarded in the router from WAN to LAN. Also in docker from LAN to container?

MarcS · 29. Juli 2020

Forwarded from WAN to LAN (OMV server): yes

i am generating certificate with letsencrypt for OMV server first (not even considering Docker for now).

This throws the error message.

macom · 29. Juli 2020

Ah, OMV4 with letsencrypt plugin - I am out, sorry.

But I think there is a long letsencrypt plugin thread in the forum.

MarcS · 29. Juli 2020

ok will check - thanks

olduser · 30. Juli 2020

According to the OMV 4.x docks (which respectively appear identical to 5.x):

Zitat

LetsEncrypt

Lets Encrypt certificates can be imported directly, just locate your /etc/letsencrypt/live/<mydomain.com>/<em>fullchain,privkey</em>.pem files and copy their contents in their respective field. No need to convert.

Couldn't you just create the certs with docker (or the shell preferably) and put them in the above? I'm brand new to docker and the linuxserver/letsencrypt container is awesome, but you don't have to use it. This will explain how to generate a cert on your OMV box independently without docker: https://certbot.eff.org/instructions. However, I'm not sure about letting it autoconfig your nginx or whatever OMV runs, but still you can generate the keys without doing that, it's pretty basic *AND* if even I can do it on a desktop... :-).

BTW, I completely understand why you're doing this and will be doing this _VERY_ soon. I'm learning to use Docker Swarm and to my beginner eyes, it seems easier this way with multiple remote OMV boxes from the remote maintenance side of things. In fact, I'm having a hard time seeing why you'd want the Docker container to have the certs while leaving OMV without them, but again I'm new.

But otherwise, wouldn't this simply be monson's quote up there with -p 443:444 or without that directive just -p 444:443? Maybe the reasoning you need to change ports would help suggestions.

MarcS · 30. Juli 2020

I have managed to create the certificate in OMV via the plugin. It all hinges on providing the right webroot directory (which is nowhere explained). Letsencrypt will not work if that directory points to the incorrect folder. So I have the certificate working in OMV (but Apple devices still dont like the certificate).

Anyway, now I will try to get the docker container to work with the certificate. The comtainer runs Nextcloud and my port redirection to 444 is necessary to be able to access OMV (via 443) and Docker-Nextcloud (via 444) since they both sit on the same server.

Morlan · 30. Juli 2020

Why do you want to install letsencrypt docker when you generate the certificates elsewhere and also don’t seem to intend to use the inbuilt reverse proxy?

MarcS · 30. Juli 2020

you are exactly right. Thats why I do not want to install Letsencrypt docker. I have created a Letsencrypt certificate using the Plugin and I want to import this certificate into the Docker container that runs Nextcloud. This Nextcloud container is already up and running. Any Idea how to import this and utilise it inside?

davidh2k · 30. Juli 2020

Unless its a wildcard cert, or explicity for your nextcloud subdomain that won't work.

PS: Wildcard certs only work via DNS Challenge.

Greetings

David

MarcS · 31. Juli 2020

nextcloud runs on the same domain as OMV. They are both just separated via the port number.

Would that certificate work if I import it into Docker-Nexcloud?

davidh2k · 31. Juli 2020

If its the same domain name it could work just fine.

Greetings

David

MarcS · 6. August 2020

ok thank you for your tips

Letsencrypt and Nextcloud

davidh2k 29. Juli 2020

LetsEncrypt

Jetzt mitmachen!

Ähnliche Themen

Portainer: Facing Gitea (GIT) over the Internet

NextCloud with letsencrpt

Nextcloud online with lets encrypt & SSL

OMV5 external access

[SOLVED] nginx in docker