j8r
commented
7 years ago This is a legit suggestion, but I don't plan to implement it personnally for now.
HTTPS means to register a FQDN, and adding entries in your DNS provider. We also need to deal with an acme client, paired with a Cron. Or we can also generate a self-signed certificate.
By the way, a Caddy configuration entry is also present for those who have already installed it.
We can nevertheless implement the nginx configuration file described in the official docs for HTTP, with the HTTPS related lines commented.
This feature is not newbie friendly (what this project is aiming for) and will require time that I haven't actually - I'm actually busy on a new version of DPlatform - dpk (DPlatform Package Manager), in which we can pass arguments like the FQDN and have basic templating engine.
If you feel good to make this, I will gladly welcome your work :)
siliconninja
There should be a way to have HTTPS support in Nextcloud.
It could be passed as a parameter to whiptail or a separate file (which would require more maintenance for 2 separate Nextcloud installations).
The NGINX .conf file (/etc/nginx/sites-enabled/nextcloud in apps/Nextcloud.sh) needs to change for HTTPS and Let's Encrypt needs to be able to create a certificate and auto-renew - email address for server is required (tutorial: https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04). Sample Nginx HTTPS config for nextcloud: https://docs.nextcloud.com/server/12/admin_manual/installation/nginx.html
If the user doesn't want to use Let's Encrypt, later we could add a self-signed certificate or other trusted certificate option (maybe through copy/paste, decrypt the passphrase, etc.).