This is what I did to set up the Nextcloud plugin for my FreeNAS-11.3-U2 home server that I intend not to be accessing outside of my home network. It currently works and I am able to use the desktop and iOS apps with it. I hope it makes sense.
# The following is assuming you have already setup FreeNAS and created Pools.
# First I created a dataset named Nextcloudstorage within Pools (This will be outside the Jail.)
# For your situational awareness (FYSA) you can name it whatever you want this is just an example.
# I then installed the Nextcloud plugin which creates the Jail for nextcloud automatically
# Next I stopped the Jail then proceeded to mount the jail then started it again
# I used SHELL within Jails. Most folks I’ve read about have used SSH.
---------------------------------------------------------------------------------------------------
# Once logged in as root@nextcloud I did the following
pkg update -f
# Some folks then install the editor of their choice. I use vim but used ee here.
---------------------------------------------------------------------------------------------------
# Next I created an OpenSSL Cert/Key
# I then made the following directory for the soon to be created OpenSSL Cert/Key
mkdir -p /usr/local/etc/ssl/nginx
# Change Directory to nginx
cd /usr/local/etc/ssl/nginx
# Generate Self-Signed Certificate
# You can use the FQDN or you can name this whatever you like as this is a home server
# I’ll used the example of “nextcloud.localhost”
openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout
nextcloud.localhost.key -out nextcloud.localhost.crt
# Modify the permission
cd
chmod 400 /usr/local/etc/ssl/nginx/nextcloud.key
# I then did the following to make sure it happened
ls -l /usr/local/etc/ssl/nginx
---------------------------------------------------------------------------------------------------
# Next I went to edit nginx.conf to enforce HTTPS
# You can still able to access
https://0.0.0.0 if you do not have DNS at home
cd
ee /usr/local/etc/nginx/nginx.conf
# In the editor paste the following under:
# https {
#
#Basic settings#
# -------------
server {
listen
80 default_server;
listen [::]:80 default_server;
return
301 https://$host$request_uri;
}
# Save and exit your editor
# Next edit nextcloud.conf to enforce HTTPS
cd
ee /nginx/conf.d/nextcloud.conf
# Next I removed and replaced:
# server {
# listen 80;
# server_name _;
# with the following:
server {
listen 0.0.0.0:443 default_server ssl http2;
listen [::]:443 default_server ssl http2;
ssl_certificate “/usr/local/etc/ssl/nginx/nextcloud.localhost.crt";
ssl_certificate_key “/usr/local/etc/ssl/nginx/nextcloud.localhost.key";
ssl_session_timeout 120m;
ssl_session_cache shared:ssl:16m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
# I then saved and exited the editor
cd
su -m www -c 'php /usr/local/www/nextcloud/occ db:convert-filecache-bigint'
su -m www -c 'php /usr/local/www/nextcloud/occ occ db:add-missing-indices'
service nginx restart
# I did this using bits and pieces of instruction from what I have watched or read online especially from Tom Lawrence, Nhan Nguyen, and Samuel Dowling respectively.