Secure nextcloud https self certificat

R

RMAZOUZI

Explorer
Joined
Jan 15, 2023
Messages
54
We are just come to deploy the nextcloud pluging on truenas core so for externat access we want to enforce the sécurity using self certificat sign is there a reliable and tested solution which could work for along time
 
JohnDigital

JohnDigital

Guru
Joined
Jan 7, 2015
Messages
1,155
I use letsencrypt. I would say its tested and reliable, however the cert has to be renewed frequently (I think its 90 days). More specifically currently the package py39-certbot works well.
 
R

RMAZOUZI

Explorer
Joined
Jan 15, 2023
Messages
54
Thanks for ur replying
It is renewing each 90 days by default or we need to configure it
 
danb35

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,504
If you'd used my script to create the jail, the certificate would be taken care of for you:
github.com

GitHub - danb35/freenas-iocage-nextcloud: Script to create an iocage jail on FreeNAS for the latest Nextcloud 28 release, including Caddy, MariaDB or PostgreSQL, and Let's Encrypt

Script to create an iocage jail on FreeNAS for the latest Nextcloud 28 release, including Caddy, MariaDB or PostgreSQL, and Let's Encrypt - danb35/freenas-iocage-nextcloud
github.com github.com
Do not, under any circumstances, use plugins:

iXsystems, when are you going to stop pretending that CORE has (usable) plugins?

Plugins are broken. We all know it, and you have no intention of fixing them. Most notably, @Kris Moore has said not to use them, and that they're "more or less deprecated": using plugins on CORE is a path to sadness. The plugin system is more or less deprecated and as you can tell, somewhat...
www.truenas.com www.truenas.com
 
JohnDigital

JohnDigital

Guru
Joined
Jan 7, 2015
Messages
1,155
Yep @danb35 has the actual ticket for this and many other things. And like he points out the plugins are dead. Now with that said a simple script to check every 30 days or so if the certs are expiring is how i handle it. There are mountains of posts on this forum and youtube videos around to gelp you get this going. Good luck!
 
danb35

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,504
John Digital said:
Now with that said a simple script to check every 30 days or so if the certs are expiring is how i handle it.
Click to expand...
The way to handle it with any sensible ACME client (e.g., certbot or acme.sh) is with a daily-ish task to renew the certs (e.g., certbot renew). Any reasonable client when run this way will check the cert(s) and only attempt to renew it if it's within 30 days of expiring. Most such clients install such a cron task when they're installed.
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "Secure nextcloud https self certificat"

Similar threads

Laida
Secure my nextcloud server with https
Replies
19
Views
8K
deneb
D
asw2012
Nextcloud + TrueNAS https/ssl setup
Replies
3
Views
14K
JohnDigital
JohnDigital
cygnus
Nextcloud and iOS App - CSRF Check failed
Replies
0
Views
4K
cygnus
cygnus
B
TrueNAS & Nextcloud-Plugin: problem mounting folder through webDAV (and with self-signed certificate)
Replies
2
Views
2K
vidx
V
fahadshery
NextCloud Freenas 11.3
Replies
6
Views
2K
danb35
danb35
Top