T8aZ · April 16, 2024 08:06
diff --git a/NextcloudAIO_selfsigned.txt b/NextcloudAIO_selfsigned.txt
 Steps to install Nextcloud AIO with selfsigned (adapt if you have custom PKI):

 #generate certificate & unprotected key

 mkdir /opt/reverseproxy && cd /opt/reverseproxy
 openssl x509 -req -days 365 -in self-ssl.csr -signkey self-ssl.key.pem -out self-ssl.pem

 # Follow https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#apache for Apache conf (paste their vhost conf within /usr/local/apache2/conf/httpd.conf, put your SSL cert and key within the docker and adapt the corresponding line)

 SSLCertificateFile /usr/local/apache2/conf/self-ssl.pem
 SSLCertificateKeyFile /usr/local/apache2/conf/self-ssl.key.pem

 #Launch the RP docker that uses host network: 
 docker run -dit --name reverseproxy --network host -v "$PWD":/usr/local/apache2/conf/ httpd:2.4
 #It fill probaby fail as some Modules are not activated and some are but left unconfigured, execute "docker logs reverseproxy" to check what to comment or uncomment until it works and you see the binds with lsof -i4

 #Launch Nextcloud AIO:
 docker run --init --sig-proxy=false --name nextcloud-aio-mastercontainer --restart always --publish 8080:8080 --env APACHE_PORT=11000 --env APACHE_IP_BINDING=127.0.0.1 --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config --volume /var/run/docker.sock:/var/run/docker.sock:ro nextcloud/all-in-one:latest
 #Copy cert file out
 docker cp nextcloud-aio-mastercontainer:/etc/ssl/certs/ca-certificates.crt /opt/certs/
 cat /opt/reverseproxy/self-ssl.pem >> /opt/certs/ca-certificates.crt

 #Stop/remove/volume remove all Nextcloud containers

 #re-launch master container with a mapping to your cert file

 docker run \
 --init \
 --sig-proxy=false \
 --name nextcloud-aio-mastercontainer \
 --restart always \
 --publish 8080:8080 \
 --env APACHE_PORT=11000 \
 --env APACHE_IP_BINDING=127.0.0.1 \
 --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
 --volume /var/run/docker.sock:/var/run/docker.sock:ro --volume /opt/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt:ro \
 nextcloud/all-in-one:latest

 Sources: 
 https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
 https://github.com/nextcloud/all-in-one/discussions/2962#discussioncomment-7094589
 https://hub.docker.com/_/httpd
	Steps to install Nextcloud AIO with selfsigned (adapt if you have custom PKI):

	#generate certificate & unprotected key

	mkdir /opt/reverseproxy && cd /opt/reverseproxy
	openssl x509 -req -days 365 -in self-ssl.csr -signkey self-ssl.key.pem -out self-ssl.pem

	# Follow https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#apache for Apache conf (paste their vhost conf within /usr/local/apache2/conf/httpd.conf, put your SSL cert and key within the docker and adapt the corresponding line)

	SSLCertificateFile /usr/local/apache2/conf/self-ssl.pem
	SSLCertificateKeyFile /usr/local/apache2/conf/self-ssl.key.pem

	#Launch the RP docker that uses host network:
	docker run -dit --name reverseproxy --network host -v "$PWD":/usr/local/apache2/conf/ httpd:2.4
	#It fill probaby fail as some Modules are not activated and some are but left unconfigured, execute "docker logs reverseproxy" to check what to comment or uncomment until it works and you see the binds with lsof -i4

	#Launch Nextcloud AIO:
	docker run --init --sig-proxy=false --name nextcloud-aio-mastercontainer --restart always --publish 8080:8080 --env APACHE_PORT=11000 --env APACHE_IP_BINDING=127.0.0.1 --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config --volume /var/run/docker.sock:/var/run/docker.sock:ro nextcloud/all-in-one:latest
	#Copy cert file out
	docker cp nextcloud-aio-mastercontainer:/etc/ssl/certs/ca-certificates.crt /opt/certs/
	cat /opt/reverseproxy/self-ssl.pem >> /opt/certs/ca-certificates.crt

	#Stop/remove/volume remove all Nextcloud containers

	#re-launch master container with a mapping to your cert file

	docker run \
	--init \
	--sig-proxy=false \
	--name nextcloud-aio-mastercontainer \
	--restart always \
	--publish 8080:8080 \
	--env APACHE_PORT=11000 \
	--env APACHE_IP_BINDING=127.0.0.1 \
	--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
	--volume /var/run/docker.sock:/var/run/docker.sock:ro --volume /opt/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt:ro \
	nextcloud/all-in-one:latest

	Sources:
	https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
	https://github.com/nextcloud/all-in-one/discussions/2962#discussioncomment-7094589
	https://hub.docker.com/_/httpd
No results found