I’ve installed NexCloud via dietpi-software. Now I have everything up and running but I don’t have SSL enabled. How can I setup SSL so that i can access my RPI with Nexcloud via HTTPS?
There are some tutorials out there but I know that DietPi has the dietpi-letsencrypt + certbot built-in so if it offers an easier method to do this i prefer doing the “dietpi way”.
Note: Currently my setup is only for access within my home network but in the future i plan to implement access from the outside, so an SSL implementation that allows me later to easily implement external access would be better.
many thanks for your report. I already create a small how-to. I will copy it below. It contains an end-to-end description. Maybe some parts are not applicable for you.
create a clean DietPi installation and complete initial setup
first you would need to have a DynDNS service that allow you to connect from outside world to your home network by using a dynamic domain name. If you already have a DDNS service, you can go to point 5
Since my RPI IP is not publicly accessible due to the fact that i want local access only, i only need to start from step 10 right?
In the step 12. you said to “fill in your domain name (No-IP DDNS) in Let’sEncrypt information” but i don’t have any because i think i don’t need DDNS service for local access only. Can this be a problem?
Note: In another forum, other user told me to do this (only referring this with the hope that this might help someway):
“sudo certbot —apache” is the command to install a certificate, then confirm you have the site enabled (“a2ensite xxxxx-le-ssl.conf”) replace “x’s” with whatever comes before “le-ssl.conf” in “/etc/apache2/sites-available/”. On the Nextcloud side of things everything should work fine, but if you see any problems they will most likely be fixed by checking the virtual host file for issues.
SSL doesn’t make sense for local use without internet. Next to that you need to have internet connection on port 80 + 443 from WAN to your device, otherwise you will not be able to crate an official certificate using Let’sEncrypt. Because Let’sEncrypt will verify your domain before signing an official certificate for you.
Well the certificate was issued for a specific domain and you would need to access the side with exactly that domain. Looking to you picture shows you are using an IP address. For sure the certificate is not valid in this case.
For anyone setting up ownCloud on DietPi, you may like to know that the how-to on setting up HTTPS described above works just as well with an ownCloud installation as with Nextcloud - thanks Joulinar!
I’m new to Dietpi, and like so many others I’m impressed.
Of course, it’s not always quite as simple to get everything right first time as some people would like to think, but that’s why a forum like this is needed. The quality of the replies from the Dietpi team is terrific, and I’ve ended up finding in these pages the answers to many of the jams I’ve got into (sometimes after long struggles with various less than adequate online tutorials and videos).
thx for sharing. Usually the guide should be working for every app using a web server stack.
Just one think to mention: DDNS part is not up-to-date anymore. In meantime DietPi is supporting more DDNS services. There is no strickt need to use No-IP anymore.
Ah, thanks Joulinar. I used No-IP and got DDNS to work in my test set-up, but it would be good to use the new approach. Is there an up-to-date tutorial/how-to for this?
