Please help me install nextcloud 12 in jail

[danb35]

...and if there's something that isn't covered there, specific questions are a lot more likely to get helpful answers than "please tell me how to do" something that's been extensively documented all over the web.

 

[dureal99d]

...and if there's something that isn't covered there, specific questions are a lot more likely to get helpful answers than "please tell me how to do" something that's been extensively documented all over the web.

i see.

 

[dureal99d]

...and if there's something that isn't covered there, specific questions are a lot more likely to get helpful answers than "please tell me how to do" something that's been extensively documented all over the web.

What I'm trying to achieve it's connecting to the server using https and getting the green lock symbol. The issue is I have no idea where to start and are what files I need to edit and put in those files. I have read where it states that you can force HTTP to https. I would like to achieve this to where I can access my nextcloud internally through the land using https as well as externally using my no IP given DNS. I am a novice when it comes to editing these configuration files but given the proper guidance I am willing to learn and understand what it is I'm doing so that I can advance on the newly giving skill set

Sent from my HUAWEI NXT-AL10 using Tapatalk

 

[dureal99d]

I've tried the cert Bot install you posted in the link however freenas does not support Sudo. I am certain it can probably be installed but I don't want to Tinker with forces I don't fully understand. With that said I simply worked around the pseudo part or rather excluded it. The install went okay. But now I still get a red X and I am unable to access the site via http or rather I'm unable to log on to the site using http I can log on using https but I get the Red X

Sent from my HUAWEI NXT-AL10 using Tapatalk

 

[dureal99d]

And I had to add some lines of code to the htaccess file

Sent from my HUAWEI NXT-AL10 using Tapatalk

 

[dureal99d]

So what is it that I need to do or rather what files do I need to look at in order to achieve full secure mode for lack of a better term

Sent from my HUAWEI NXT-AL10 using Tapatalk

 

[danb35]

Well, let's break that down a bit. There are a few basic steps you need to accomplish to get https with Let's Encrypt working:

• You need to have a public domain name
• (for most methods) That public domain name needs to have published DNS records that point to your server
• You need to run client software (certbot is the "official" client, but there are many others) to obtain the certificate
• You need to configure your web server configuration files to use the newly-obtained certificate
• (optionally) you need to set up cron to re-run the client, ideally every day or so, to renew the certificate (most clients will check the existing cert and only execute the renewal if it's about to expire)

 

[danb35]

And I had to add some lines of code to the htaccess file

That would be unusual. Can you complete a thought in a single post, rather than three or four?

If you're getting a red X when you're connecting via https, the system probably gave you some accompanying error message. If you'd share that message, it would help figure out what happened.

 

[dureal99d]

That would be unusual. Can you complete a thought in a single post, rather than three or four?

If you're getting a red X when you're connecting via https, the system probably gave you some accompanying error message. If you'd share that message, it would help figure out what happened.

Yes I can. LOL. I was simply attempting to be descriptive of what I was trying to achieve. Though I admit I probably got a little bit carried away. With that said I'll post the errors in just a second or minute.

Sent from my HUAWEI NXT-AL10 using Tapatalk

 

[danb35]

It would also be helpful if you'd post what you added to .htaccess, and what (if anything) you changed in your web server's config files. Two websites that will help figure out what's going on with certificate errors are https://www.whynopadlock.com/ and https://www.ssllabs.com/ssltest/

 

[dureal99d]

Ok

Sent from my HUAWEI NXT-AL10 using Tapatalk

 

[dureal99d]

It would also be helpful if you'd post what you added to .htaccess, and what (if anything) you changed in your web server's config files. Two websites that will help figure out what's going on with certificate errors are https://www.whynopadlock.com/ and https://www.ssllabs.com/ssltest/

Header set Strict-Transport-Security "max-age=15552000; includeSubDomains; prelo
# line below if for Apache 2.2
<ifModule !mod_authz_core.c>
deny from all

i found this on google

 

[dureal99d]

im running apache 2.4 but i guess it really didnt matter

 

[danb35]

Header set Strict-Transport-Security "max-age=15552000; includeSubDomains; prelo
# line below if for Apache 2.2
<ifModule !mod_authz_core.c>
deny from all

That was a bad idea to add before you had SSL running properly, as it will have exactly the result you describe: you won't be able to use HTTP on that hostname any more.

 

[danb35]

im running apache 2.4 but i guess it really didnt matter

It does matter in that it determines what changes need to be made to your web server's configuration files. Did you change anything there? If so, what?

 

[dureal99d]

It does matter in that it determines what changes need to be made to your web server's configuration files. Did you change anything there? If so, what?

Just added that nothing more

Sent from my HUAWEI NXT-AL10 using Tapatalk

 

[danb35]

Just added that nothing more

That's probably your problem. Did you get the certificate already? What's the output of certbot certificates? If you have the cert, you need to update your Apache config file(s) to point to that certificate and its corresponding private key.

 

[dureal99d]

That's probably your problem. Did you get the certificate already? What's the output of certbot certificates? If you have the cert, you need to update your Apache config file(s) to point to that certificate and its corresponding private key.

Ok I'm trying and will post the results

Sent from my HUAWEI NXT-AL10 using Tapatalk

 

[dureal99d]

result of commad is:

Traceback (most recent call last):
File "/usr/local/bin/certbot", line 6, in <module>
from pkg_resources import load_entry_point
File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3038, in <module>
@_call_aside
File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3022, in _call_aside
f(*args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3051, in _initialize_master_working_set
working_set = WorkingSet._build_master()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 659, in _build_master
return cls._build_from_requirements(__requires__)
File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 672, in _build_from_requirements
dists = ws.resolve(reqs, Environment())
File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 862, in resolve
raise VersionConflict(dist, req).with_context(dependent_req)
pkg_resources.ContextualVersionConflict: (cryptography 1.7.2 (/usr/local/lib/python2.7/site-packages), Requirement.parse('cryptography>=1.9'), set(['PyOpenSSL']))
root@nextcloud_1:~ #
root@nextcloud_1:~ #

 

[dureal99d]

Well I wanted to thank everyone for the help that they gave me it said it up nextcloud especially onryo. I've been trying to set up this letsencrypt using certbot but it doesn't seem to want to work for me and I'm not sure why what that said I will continue pecking away at this until I find a solution and once I do find the solution I will make sure to do a step by step tutorial of my own to hopefully give back to the freenas community

Sent from my HUAWEI NXT-AL10 using Tapatalk