Add SSL To Nextcloud
In this tutorial, we are going to use an Nginx reverse proxy to handle HTTPS requests and redirect to the nextcloud container we deployed with docker. We are also going to use docker-compose to manage the multiple containers (one for Nextcloud, and one for the reverse proxy). If you are already using a reverse proxy, you can skip this tutorial and just give it your SSL certificates and have it forward plain HTTP requests to your nextcloud server.
Generate your SSL certificates or generate some self-signed certificates. If you have two certifacate files, one for your CA, and one for your site, then you will have to combine them like so:
cat my-site.crt > ssl.crt echo "" >> ssl.crt cat ca.crt >> ssl.crt
Copy the certificates over to your server in a folder within
You can change the path if you wish, but you will have to change it accordingly in the future steps.
Make sure to name your files after your domain. E.g. my domain is nextcloud.programster.org so my files are:
Create an nginx-overrides.conf file to tell Nginx we want to support large file uploads for our Nextcloud server:
echo client_max_body_size 1000000m; > $HOME/nginx-overrides.conf
docker-compose.yml file like so, making sure to replace
nextcloud.programster.org with whatever your nextcloud server's name is.
version: '2' services: nginx-proxy: image: jwilder/nginx-proxy ports: - "443:443" environment: - MAX_UPLOAD_SIZE=200000000M volumes: - /var/run/docker.sock:/tmp/docker.sock:ro - $HOME/certs:/etc/nginx/certs - $HOME/nginx-overrides.conf:/etc/nginx/conf.d/nginx-overrides.conf:ro restart: always nextcloud.programster.org: depends_on: - nginx-proxy image: nextcloud:12 ports: - "80:80" environment: - VIRTUAL_HOST=nextcloud.programster.org - VIRTUAL_PROTO=http volumes: - $HOME/nextcloud:/var/www/html restart: always
Stop and remove any existing nextcloud containers you have if you have any running.
Run the following command to start your containers:
You should now be able to log into your nextcloud server using HTTPS.
When I first performed these steps, my nextcloud server would only show a blank page. It turned out that it could no longer find the database server and the DNS was no longer resolving correctly.
I fixed this by editing the config.php file at
$HOME/nextcloud/config/config.php, as root. I then found the line with
dbhost and changed it's value to the IP of my database server, rather than its hostname.
The order at which you stick your certificate files together to form a single certificate file really matters! If you find that it is not working, then try regenerating your certificate file. When you view it, you should see your domain certificate above the CA certificate like so: