Help with setting up Nextcloud, SSL and forward to Domain

[corebyxx]

I want to use Nextcloud with my domain. So if i type in my domain example nas.myfakedomain.org nextcloud should appear.

I dont wanna use cloudflare as my provider. I have my own host and my own Wildcard SSL Certificate.
By searching there was no option to put in my Wildcard SSL Certificate.
What is the best, safest and easiest way to do this ?

 

[mgoulet65]

I want to use Nextcloud with my domain. So if i type in my domain example nas.myfakedomain.org nextcloud should appear.

I dont wanna use cloudflare as my provider. I have my own host and my own Wildcard SSL Certificate.
By searching there was no option to put in my Wildcard SSL Certificate.
What is the best, safest and easiest way to do this ?

I do this via Traefik, using my purchased wildcard cert. Import the wildcard cert into scale, then it is available for traefik to use for ingress.

 

[corebyxx]

I already installed Traefik and configured it.I tried to import my wildcard cert to Scale under credentials -- certificates. But everytime i try to put it in i get an error.. Or where i have to put my wildcard cert ?

 

[corebyxx]

I already installed Traefik and configured it.I tried to import my wildcard cert to Scale under credentials -- certificates. But everytime i try to put it in i get an error.. Or where i have to put my wildcard cert ?

Thats my error ..


Error: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/middlewared/main.py", line 176, in call_method result = await self.middleware._call(message['method'], serviceobj, methodobj, params, app=self) File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1293, in _call return await methodobj(*prepared_call.args) File "/usr/lib/python3/dist-packages/middlewared/service.py", line 920, in create rv = await self.middleware._call( File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1293, in _call return await methodobj(*prepared_call.args) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1133, in nf res = await f(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1265, in nf return await func(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/plugins/crypto_/certificate_authorities.py", line 284, in do_create raise verrors middlewared.service_exception.ValidationErrors: [EINVAL] certificate_authority_create.privatekey: A valid private key is required, with a passphrase if one has been set.

 

[mgoulet65]

I already installed Traefik and configured it.I tried to import my wildcard cert to Scale under credentials -- certificates. But everytime i try to put it in i get an error.. Or where i have to put my wildcard cert ?

Credentials / Certificates is right. I also had to add my CA.

 

[corebyxx]

Now it worked with my cert. Thank you. Certificate and Certificate Authoritys is enough ? No need for Signing Requests and DNS Authenticator ?



When setting up Traefik .. i enabled ingress with my SSL Cert .. now I get this error .. where is my fault ?

Error: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/middlewared/job.py", line 411, in run await self.future File "/usr/lib/python3/dist-packages/middlewared/job.py", line 446, in __run_body rv = await self.method(*([self] + args)) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1133, in nf res = await f(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1265, in nf return await func(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/plugins/chart_releases_linux/chart_release.py", line 467, in do_create await self.middleware.call( File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1344, in call return await self._call( File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1304, in _call return await self.run_in_executor(prepared_call.executor, methodobj, *prepared_call.args) File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1205, in run_in_executor return await loop.run_in_executor(pool, functools.partial(method, *args, **kwargs)) File "/usr/lib/python3.9/concurrent/futures/thread.py", line 52, in run result = self.fn(*self.args, **self.kwargs) File "/usr/lib/python3/dist-packages/middlewared/plugins/chart_releases_linux/helm.py", line 44, in helm_action raise CallError(f'Failed to {tn_action} chart release: {stderr.decode()}') middlewared.service_exception.CallError: [EFAULT] Failed to install chart release: Error: INSTALLATION FAILED: Ingress.extensions "traefik" is invalid: spec: Invalid value: []networking.IngressRule(nil): either `defaultBackend` or `rules` must be specified

 

[mgoulet65]

Did you follow this guide? https://www.youtube.com/watch?v=0Rmav5gyAwI

 

[corebyxx]

Yes I followed this guide ..

Why its still showing me on my TrueNas IP that my Cert is unguilty and it shows still unsafe ?
Even if i install Nextcloud with the SSL Cert it shows unsafe website--

 

[indivision]

I think you do need some additional steps with the signing requests.

There was another guide that went into more detail about this when TrueCharts first launched. But, I'm not sure if that same guide is still online. I couldn't find it.

 

[indivision]

I think this is it. But, the images are broken for me: https://old.truecharts.org/manual/SCALE Apps/Quick-Start Guides/07-adding-letsencrypt/

You might be able to get the steps you need from the text alone though.

 

[mgoulet65]

Yes I followed this guide ..

Why its still showing me on my TrueNas IP that my Cert is unguilty and it shows still unsafe ?
Even if i install Nextcloud with the SSL Cert it shows unsafe website--

Who issues your wildcard cert? All i needed was CA and Cert.