How can i enable SSL/HTTPS on my NexCloud setup on DietPi? Topic is solved

Have some feedback, questions, suggestions, or just fancy a chat? Pop it in here.
Post Reply
mk33
Posts: 21
Joined: Thu Jun 11, 2020 10:13 pm

How can i enable SSL/HTTPS on my NexCloud setup on DietPi?

Post by mk33 »

I've installed NexCloud via `dietpi-software`. Now I have everything up and running but I don't have SSL enabled. How can I setup SSL so that i can access my RPI with Nexcloud via HTTPS?


There are some tutorials out there but I know that DietPi has the `dietpi-letsencrypt` + `certbot` built-in so if it offers an easier method to do this i prefer doing the *"dietpi way".*


**Note:** Currently my setup is **only for access within my home network but in the future i plan to implement access from the outside**, so an SSL implementation that allows me later to easily implement external access would be better.
User avatar
Joulinar
Posts: 2077
Joined: Sat Nov 16, 2019 12:49 am

Re: How can i enable SSL/HTTPS on my NexCloud setup on DietPi?

Post by Joulinar »

Hi,

many thanks for your report. I already create a small how-to. I will copy it below. It contains an end-to-end description. Maybe some parts are not applicable for you.
  1. create a clean DietPi installation and complete initial setup
  2. first you would need to have a DynDNS service that allow you to connect from outside world to your home network by using a dynamic domain name. If you already have a DDNS service, you can go to point 5
  3. to get a DDNS domain, you would need to register at https://www.noip.com/ first
  4. if you finished registration process, we can go to install No-IP software on your DietPi device
    • run dietpi-config
    • go to option 8 : Network Options: Misc
    • select No-IP
    • confirm installation
    • once installation of No-IP software is done, select No-IP again
    • enter your login credentials for No-IP
  5. if DDNS is working, continue with next step
  6. ensure Port 80 and 443 are forwarded (from your internet router) correctly to your DietPi device
  7. once ready, run dietpi-software, search and install NextCloud
  8. once installation completed and your system was rebooted, try to connect to your Webserver on http (port 80)
  9. pls try to connect from your LAN as well as from Internet, you should receive the Webserver Default Page
    • once you're able to connect to your Webserver from Internet on http (80), got to point 10. (https - port 443 will not work at this stage)
    • if you are not able to connect on http (80) from internet, you would need to check why and what's wrong with your port forwarding
  10. let's do the SSL certificate now, run dietpi-letsencrypt
  11. install CertBot
  12. once done you will be ask for your Let'sEncrypt information
    • fill in your domain name (No-IP DDNS)
    • fill in your email address
    • set Redirect to ON
    • Apply the setting
  13. once finished (and all services started) you should be able to reach your website on http (80) as well as https (443)
  14. if you are opening the website on http (80) you should be automatically redirected to https (443)
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
mk33
Posts: 21
Joined: Thu Jun 11, 2020 10:13 pm

Re: How can i enable SSL/HTTPS on my NexCloud setup on DietPi?

Post by mk33 »

Since my RPI IP is not publicly accessible due to the fact that i want local access only, i only need to start from step 10 right?


In the step 12. you said to "fill in your domain name (No-IP DDNS) in Let'sEncrypt information" but i don't have any because i think i don't need DDNS service for local access only. Can this be a problem?

Note: In another forum, other user told me to do this (only referring this with the hope that this might help someway):

"sudo certbot —apache" is the command to install a certificate, then confirm you have the site enabled ("a2ensite xxxxx-le-ssl.conf") replace "x’s" with whatever comes before "le-ssl.conf" in "/etc/apache2/sites-available/". On the Nextcloud side of things everything should work fine, but if you see any problems they will most likely be fixed by checking the virtual host file for issues.
User avatar
Joulinar
Posts: 2077
Joined: Sat Nov 16, 2019 12:49 am

Re: How can i enable SSL/HTTPS on my NexCloud setup on DietPi?

Post by Joulinar »

SSL doesn't make sense for local use without internet. Next to that you need to have internet connection on port 80 + 443 from WAN to your device, otherwise you will not be able to crate an official certificate using Let'sEncrypt. Because Let'sEncrypt will verify your domain before signing an official certificate for you.
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
alkebab
Posts: 3
Joined: Tue Aug 25, 2020 2:20 pm

Re: How can i enable SSL/HTTPS on my NexCloud setup on DietPi?

Post by alkebab »

Thanks @Joulinar

After several days of trying to get SSL working, your solution worked first time! Thank you so much
sambaroudi
Posts: 1
Joined: Fri Aug 28, 2020 9:12 am

Re: How can i enable SSL/HTTPS on my NexCloud setup on DietPi?

Post by sambaroudi »

The solution works.
Post Reply