A full guide for installing Nextcloud on TrueNAS Scale with Collabora integration and outside access through Nginx Proxy Manager

Resources
16

@Wacky-Mole I have added instructions below for creating Let’s Encrypt certificates with Dynu and Nginx Proxy Manager. I am assuming that you have already:

  • Added your domain to Dynu or claimed a (free) Dynu subdomain
  • Added DNS records to your domain/subdomain that point your domain/subdomain to your network
  • Forwarded port 443 on your network to the local IP of your Nginx Proxy Manager installation followed by the https port for Nginx Proxy Manager (normally port 30022)

01_Dynu_Control_Panel
01_Dynu_Control_Panel1192×403 149 KB

Select API Credentials from the Control Panel in your Dynu account.

02_Dynu_API_Credentials
02_Dynu_API_Credentials1178×637 118 KB

Select the View button (with the binoculars icon) from the API Key field. Copy the full API Key to your clipboard.

03_Nginx_Proxy_Manager_Menu_Main
03_Nginx_Proxy_Manager_Menu_Main714×108 9.36 KB

In Nginx Proxy Manager, go to the SSL Certificates menu.

04_Nginx_Proxy_Manager_Menu_SSL
04_Nginx_Proxy_Manager_Menu_SSL1230×127 10.9 KB

Select Add SSL Certificate and then Let’s Encrypt.

05_Nginx_Proxy_Manager_SSL_Settings
05_Nginx_Proxy_Manager_SSL_Settings483×867 48.5 KB

For the Domain Names, you can write star (*) followed by dot (.) followed by your Dynu domain/subdomain (e.g., *.mydomain.tld) to create a wildcard certificate that will be valid for any URL that ends in your domain (for example, this would work for both nextcloud.mydomain.tld as well as collabora.mydomain.tld). Otherwise, you will need to create a unique certificate for every subdomain that you want to encrypt.

Enter your email address for Let’s Encrypt.

Select Use a DNS Challenge.

Select Dynu as the DNS Provider.

Replace the default value for dns_dynu_auth_token with the Dynu API Key that you copied to your clipboard.

Select I Agree to the Let’s Encrypt Terms of Service.

Hit Save. It may take Nginx Proxy Manager a few minutes to generate your Let’s Encrypt certificate.

I am not positive whether these certificates will auto-renew, but I think they will. The responses on this Reddit thread seem to indicate that Nginx Proxy Manager will take care of certificate renewals automatically, but I have not had any of my certificates for long enough to verify that this is the case (officially, my Let’s Encrypt certificates are set to expire three months from their creation date).

However, it should be noted that it is very easy to manually renew your Let’s Encrypt certificates (should the need ever arise):

06_Nginx_Proxy_Manager_SSL_Renew
06_Nginx_Proxy_Manager_SSL_Renew1186×320 18.3 KB

Just select the Renew Now option from the drop-down menu for your certificate in Nginx Proxy Manager.