Prerequisites:
- A domain name for the installation of Nextcloud will be hosted.
- An A Record created for the domain pointing to the external IP of the Server/Storinator.
- Port Forwarding set up for ports 80 and 443.
- Install Nextcloud via FreeNAS Plugins with a static IP.
- Shutdown Jail and add a Mount Point (It’s always a good idea to place your Nextcloud data outside of the webroot)
Source = “/mnt/FreeNAS/Nextcloud”
Destination =”/mnt/FreeNAS/iocage/jails/nextcloud/root/mnt”
Check permissions of dataset to make sure the owner is www if you can.
- Start up your jail and navigate to your Nextcloud installation. Update the data field to “/mnt”
- Back in shell run “ee /usr/local/etc/pkg/repos/FreeBSD.conf”
change “FreeBSD: { enabled: no }” -> “FreeBSD: { enabled: yes }”
- Run “pkg install py36-certbot” or “pkg install py37-certbot” depending on the version of FreeNAS.
- Run “certbot certonly – -webroot” Follow prompts
webroot is “/usr/local/www/nextcloud”
- Take note of:
ssl_certificate “/usr/local/etc/letsencrypt/live/x.domain.com/fullchain.pem”;
ssl_certificate_key “/usr/local/etc/letsencrypt/live/x.domain.com/privkey.pem”;
- run “ee /usr/local/etc/nginx/conf.d/nextcloud.conf” and update
“server {
listen 80;
server_name x.domain.com;
# enforce https
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name x.domain.com;
ssl_certificate “/usr/local/etc/letsencrypt/live/x.domain.com/fullchain.pem”;
ssl_certificate_key “/usr/local/etc/letsencrypt/live/x.domain.com/privkey.pem”;
add_header Strict-Transport-Security “max-age=15768000; includeSubDomains; preload;”;
- Run “ee /usr/local/www/nextcloud/config/config.php”
add your trusted domain as per entry 0.
- Restart Nginx
service nginx restart
- Creat Cron Job (Task in FreeNAS)
iocage exec nextcloud certbot renew –quiet –renew-hook “service nginx reload”