I saw on one of your recent videos a mention of doing a NextCloud video.
That would be fantastic. I would suggest the following about it. Since your video on using wild card certs was very good and I finally have it working properly, I suggest you frame the video from the perspective that someone would want to have a stand-alone NextCloud server/vm running internally and connecting to another internal server for Collabora/OpenOffice using the wild-card certs running on PFSense per your video. I currently have NextCloud installed in an LXC container using self-signed certs and can successfully use SSL offloading with my PFSense HAProxy config per your video. That all works perfect.
I howver cannot as yet get integration with Collabora working either internally of through HAProxy properly. I think it gets back to the designed need for the Collabora server to have its own LetsEnrypt cert. Not sure and still working through some permutations trying to get it to work.
However, I really detest when a company “knows better” and forces one into an architecture they do not want. Such as forcing you to use SSL certs on their app and not allowing for self-signed certs. Just a pet peeve of mine. That said, my suggestions is pretty simply, stand-alone NextCloud and Collabora servers running with no SSL or self signed certs and accessed through the wild-card cert implementation from your prior video. That should allow one to securely connect to both servers internally and open access to wan if desired.
I would love to see this video or hear your thoughts on the matter.
Thanks again for all the great videos.