followed the guide on youtube:
How To Guide For HAProxy and Let’s Encrypt on pfSense: Detailed Steps for Setting Up Reverse Proxy
Im able to set this up for my domain and get working ssl. But only on the truenas, the nextcloud plugin still pulls the default ixsytems cert and wont give safe ssl.
The nextcloud apps for ios must have https and thats what got me into setting up this proxy.
Im able to do “dig” on the domain and it shows correct ip. Im able to ping the nexcloud subdomain.
The Nextcloud Security Scan site gives the nextcloud instance rating A.
But im not able to connect the instance web portal, just times out.
Any ideas how i could get a working ssl for our nextcloud instance?
All help would be appreciated.
TN scale version : TrueNAS-SCALE-22.12.4
Nextcloud plugin version : 27.1.1_1.6.49
pfsense version : 2.7.0-RELEASE
The best solution is not to run Nextcloud in TrueNAS Scale as they limit your options for setting this up. It’s been a while since I did it but I did get it working but I think I had to do some command line editing to get it going properly which is why I don’t recommend it to people until they make it easier.
I have Nextcloud in TrueNAS setup to use dozer.studio.lawrencesystem.com which internally resolves to my HAproxy IP
https://dozer.studio.lawrencesystem.com is my TrueNAS
https://dozer.studio.lawrencesystem.com:9001 is NextCloud
When setting up Nextcloud in TrueNAS Scale under “Nexcloud Configuration” then “Nextcloud Host” I specified the dozer.studio.lawrencesystem.com. I do recall that if you change that AFTER you set it up it will not work and you will have to delete Nextcloud and set it up again.
It has improved over time but the TrueNAS Scale version still feels unfinished.
You have to add trusted_proxies to your config.
In Core from a shell inside the jail its @ /usr/local/www/nextcloud/config/config.php
0 => ‘localhost’,
1 => ‘nextcloud.my-domain.com’,
2 => ‘192.168.20.206’,
0 => ‘192.168.20.1’,