How to create a letsencrypt certificate for nextcloud on my dynamic ip system, like it was possbile with TrueNAS Core?

Hi,
I use trueNAS for two purposes, as NAS in my local network and for hosting a Nextcloud instance accessible from my multiple devices (including my phone).
A few days ago I had to switch from TrueNAS Core to Scale, because I had broken my Nextcloud instance trying to upgrade it. On the old system I used letsencrypt and certbot for obtaining and renewing a certificate for the nextcloud instance. I have a dynamic IP but my router (avm fritzbox) provides a service which gives me a domain name like this: gibberish(dot)myfritz(dot)net
I used this domain for registering the letsencrypt certificate and also configured my router to only forward the two ports needed by nextcloud, every other port was blocked, especcially the TrueNAS ui!

I wanted to recreate the same configuration on trueNAS scale, but I am totally overwhelmed by the different tutorials and posts I found. Nothing seemed to fit my use case.

  1. I do not want to use virtualization, but the normal nextcloud plugin provided by trueNAS
  2. I have no DNS provider, just my wsfsagsgf(dot)myfritz(dot)net address pointing to my router with dynamic ip.

Is there any recent tutorial I can read which really helps me? Ideally something that uses certbot to renew the certificate and a howto which describes what to change in the nextcloud docker container.

Ok, I found a solution, for anyone whom it might help, or anyone who want to pointing to errors, I will give a short description of what i did.

  1. forwadred every necessary ports to a proxy running on truenas (SSL is just used for that connection), from the proxy to the nextcloud instance just normal http.
  2. I installed the nextcloud app and the nginx proxy manager app (NPM) from the truenas scale gui.
  3. on my router I forwared port 80 to 30021 and 443 to 30022 (default ports for NPM)
  4. in npm i created a proxy host
  • domain names: nextcloud.myfritzdomain.net
  • scheme: http (not https)
  • forward hostname / IP: local nextcloud ip
  • forward port: 9001 (default nextcloud port)
  • SSL settings: i forced SSL and created a letsencrypt certificate (right in the dropdown)!
  1. in the nextcloud config (or during the installer) I basically just chose nextcloud.myfritzdomain.net as host and did not changed anything else (no overrides, no environment variables)
  2. in the following a had problems with trusted domains, and as i was not able to change those via environment variables in the nextcloud config, I directly edited the config.php in the nextcloud pod. So i made sure that the local ip and the domain name are both listed in the trusted domain section
1 Like

Please describe in more detail how you did this?

Access the shell via the button in the workloads section of the nextcloud page. Then I had to install an edtior (I use joe but you can use others like vim, or nano):

apt-get update
apt-get install joe

then just edit the config:
joe config/config.php

at the bottom should be an array already containing some trusted domains, just add the domains/ips you need there