Artifact file(s) for Nextcloud iocage plugin
One major change of the latest update is the switch to HTTPS. This means that all communications with Nextcloud will now be completely secure. But for TrueNAS setups that uses NAT, admins will have to manually add a new port binding before upgrading Nextcloud.
Those steps can also be run after the upgrade, but you will need to run two commands so Nginx can take the change into account. Log into the Nextcloud plugin from the "Shell": iocage console <nextcloud_plugin_name>.
sync_configuration
service nginx restartNextcloud comme preloaded with the default Hub and Groupware bundles containing the following applications:
This appliance is developed and maintained by Nextcloud GmbH and meant for private, or small business use. This is why the appliance is limited to 100 users. With more users comes a more critical role in organizations, for which we recommend Nextcloud Enterprise. The appliance can be upgraded to Nextcloud Enterprise. Contact Nextcloud for more information.
The installation process generate self-signed TLS certificates. If you do not want your users to see a warning in their browser, you either need to install the root CA in all your users devices, or you need to generate some valid certificates with Letsencrypt or other certificates provider.
Certificate validity time:
To generate valid certificates with Letsencrypt, first, make sure that TrueNAS is configured to proxy requests using your domain name to Nextcloud and that the Nextcloud jail is accessible through ports 80 and 443. You can then run the following commands to install valid certificates:
generate_letsencrypt_certificates <domain_name> <admin_email>Then add your domain to Nextcloud known hosts in: /usr/local/www/nextcloud/config/config.php.
run_db_migrations command to run them.When you update the Nextcloud plugin, you should be careful to not skip any major version and to alway update to the last minor version before that.
generate_self_signed_certificates:This script will generate self-signed TLS certificates for you. It will place them here: /usr/local/etc/letsencrypt/live/truenas. It uses the letsencrypt directory so you do not have to touch the nginx configuration when switching to letsencrypt certificates. You can install the root.cer file into your devices and browsers to avoid the warning page when you access Nextcloud. If you run the command again, it will reuse the previous root.cer so you do not have to reinstall it.
generate_letsencrypt_certificates <domain_name> <admin_email>:This script will generate valid TLS certificates with Let's encrypt. See the "TLS certificates" section above for more information.
load_env:Load and export environment variables from /etc/iocage-env. You can add it at the begging of your script to easily access those variables.
This will also load the content of /root/jail_options.env.
Example of /root/jail_options.env:
# Allow insecure access to Nextcloud through HTTP. Useful when TrueNAS is behind an external proxy.
export ALLOW_INSECURE_ACCESS=<boolean> # default: falseocc [<occ command>]:This is alias to ease the use of the Nextcloud CLI in a csh shell.
renew_certificates:Script called by cron to renew either self-signed or letsencrypt-issued certificates.
run_db_migrations:Nextcloud sometime need to run some long migrations after an update. This script will help you to run them. Please run it when your server is in a low-usage time.
sync_configuration:Will generate configuration from templates or move other configuration to their final location.