KB450217 – Install Nextcloud with SSL Certificate from Let’s Encrypt on FreeNAS

Last modified: July 2, 2020
You are here:
  • KB Home
  • FreeNAS
  • KB450217 – Install Nextcloud with SSL Certificate from Let’s Encrypt on FreeNAS
Estimated reading time: 1 min

Prerequisites:

  • A domain name for the installation of Nextcloud will be hosted.
  • An A Record created for the domain pointing to the external IP of the Server/Storinator.
  • Port Forwarding set up for ports 80 and 443.
  1. Install Nextcloud via FreeNAS Plugins with a static IP.
  1. Shutdown Jail and add a Mount Point (It’s always a good idea to place your Nextcloud data outside of the webroot)
    Source = “/mnt/FreeNAS/Nextcloud”
    Destination =”/mnt/FreeNAS/iocage/jails/nextcloud/root/mnt”
    Check permissions of dataset to make sure the owner is www if you can.
  1. Start up your jail and navigate to your Nextcloud installation. Update the data field to “/mnt”
  1. Back in shell run “ee /usr/local/etc/pkg/repos/FreeBSD.conf”
    change “FreeBSD: { enabled: no }” -> “FreeBSD: { enabled: yes }”
  1. Run “pkg install py36-certbot” or “pkg install py37-certbot” depending on the version of FreeNAS.
  1. Run “certbot certonly – -webroot” Follow prompts
    webroot is “/usr/local/www/nextcloud”
  1. Take note of:
    ssl_certificate “/usr/local/etc/letsencrypt/live/x.domain.com/fullchain.pem”;
    ssl_certificate_key “/usr/local/etc/letsencrypt/live/x.domain.com/privkey.pem”;
  1. run “ee /usr/local/etc/nginx/conf.d/nextcloud.conf” and update
    “server {
    listen 80;
    server_name x.domain.com;
    # enforce https
    return 301 https://$server_name$request_uri;
    }
    server {
    listen 443 ssl http2;
    server_name x.domain.com;
    ssl_certificate “/usr/local/etc/letsencrypt/live/x.domain.com/fullchain.pem”;
    ssl_certificate_key “/usr/local/etc/letsencrypt/live/x.domain.com/privkey.pem”;
    add_header Strict-Transport-Security “max-age=15768000; includeSubDomains; preload;”;
  1. Run “ee /usr/local/www/nextcloud/config/config.php”
    add your trusted domain as per entry 0.
  1. Restart Nginx
    service nginx restart
  1. Creat Cron Job  (Task in FreeNAS)
    iocage exec nextcloud certbot renew –quiet –renew-hook “service nginx reload”
Was this article helpful?
Dislike 1
Views: 892
Unboxing Racking Storage Drives Cable Setup Power UPS Sizing Remote Access