Secure NEXTCLOUD with HTTPS - Domain name, DNS, and certificate

Channel:
United States The Linux Experiment
Subscribers:
390,000
Published on ● Video Link: https://www.youtube.com/watch?v=g0mS1z8Hmhw


Duration: 4:50
56,850 views
654

A while ago, I showed the easiest way to get set up with a nextcloud instance, through snaps. Now it's time to make sure that instance is properly secured through HTTPS, so we'll see how to add that layer of security for the Nextcloud snap.

Set up your own Linux server with LINODE : http://www.linode.com/linuxexperiment
(USE OFFER CODE LINUXEXP19)

Support the channel on Patreon: https://www.patreon.com/thelinuxexperiment
Follow me on Twitter : http://twitter.com/thelinuxEXP

What I use to make my videos:
Microphone: https://amzn.to/2PsNWXl
GPU: https://amzn.to/2LHZ5o5
Motherboard: https://amzn.to/2KZt63t
CPU: https://amzn.to/2IFjKrw


To get an SSL certificate, you'll need to grab a domain name. It's possible to add an https certificate to a bare IP address, but not all browsers will consider your website as secure, and might show warnings.

To book a domain name, just check on Gandi.net or any other registrar, and book whatever you want. I'll grab thelinuxexp.fr, but you could try and get one for your company's name, or your family name, if your nextcloud instance is to be your own personal cloud.

Once you bought your domain name, you have to register it with a DNS service. Think of DNS as the internet's phone book, where a domain name is linked to its associated IP address.

Most domain name registrars provide a DNS service and automatically register the domain name for you, however, they don't know your server's IP address, so we'll need to enter that ourselves.
To get your ip address, just type ifconfig in your server's console, or grab the IP address from your hosting service's dashboard. We could also change the other various records, that are linked to email services or subdomains, but I won't go into that level of detail here.

Either go to your registrar's dashboard to enter the IP address associated with the domain name, or use your hosting service interface to do the same. Here, I'll do it with Linode in the domains tab, since it already has all the information needed. I'll just type the domain name, the email address associated with it, and tell it to use the records from my Nextcloud server so that it can transfer all the needed information to the DNS service.

Now, our server is associated to our domain name. It will take a few hours to make sure everything is correctly propagated to other DNS services. After we wait a little bit, if we type thelinuxexp.fr in our browser, we should arrive to our Nextcloud instance.

Enabling HTTPS for the nextcloud SNAP
Now, we'll log onto our server. i'll still use my Nextcloud box I set up in the last video.

By default Nextcloud only responds to requests made by the localhost hostname, so we'll have to set it up to make sure it can respond to requests made from the domain name or the IP address, so we'll type:

sudo nextcloud.occ config:system:set trusted_domains 1 --value=YOURDOMAIN

The nextcloud SNAP does not just ship Nextcloud: it ships the whole stack with the server, and a nextcloud instance running on top of it.
Thankfully, Nextcloud allows to generate a free certificate from let's encrypt.

First, we'll open the ports needed by let's encrypt to validate that you really own the domain name:

sudo ufw allow 80,443/tcp

Then, we'll ask let's encrypt to create a certificate for our domain name:

sudo nextcloud.enable-https lets-encrypt

You'll have to accept the conditions, and then provide an email address for recovery operations.
Finally, you'll have to type the domain name for which you want to create a certificate.
If all goes well, your domain name is now electronically signed by let's encrypt. We can check that by going to our domain name, and look at the site's infos in our browser to check that everything is set up properly.


And now you're all set ! Your nextcloud instance is properly configured, and secured. in the next videos, we'll see how to configure Nextcloud, and add applications to it !



Other Videos By The Linux Experiment


2019-12-03Linux, Open Source, and Privacy News - 16th to 30th November
2019-11-28Using Linux at Work: reactions, and moving in France - VLOG #1
2019-11-237 Features and Applications all Linux Distros SHOULD SHIP WITH
2019-11-18Linux, Open Source, and Privacy News - 1st to 15th November
2019-11-13Linux at Work - First Week on the Huawei Matebook 13
2019-11-10What's New in elementary OS in October ?
2019-11-05Add multitouch trackpad gestures on Linux
2019-11-02HUAWEI MATEBOOK 13 First Impressions on Linux (elementary OS)
2019-10-0640 hours review of Borderlands 3 - All done on Linux !
2019-10-02News recap for Linux, Open Source, and Privacy - September 2019
2019-09-29Secure NEXTCLOUD with HTTPS - Domain name, DNS, and certificate
2019-09-23Nvidia Jetson Nano - the 99$ Tegra Computer running Linux
2019-09-16How to play BORDERLANDS 3 ON LINUX
2019-09-12GNOME 3.34 Review - More performance, and quality of life improvements
2019-09-02Linux and Open Source News for August 2019 - XFCE 4.14, VM Gaming, and VR Desktops !
2019-08-268 Areas where Linux is BETTER than Windows 10
2019-08-16What's new in Linux Mint 19.2 Tina
2019-08-06elementary OS Juno's New Welcome Screen: getting even user friendlier
2019-08-02Linux and Open Source news you might have missed - July 2019
2019-07-25Switch from Google to Nextcloud in 4 command lines
2019-07-11Ubuntu LTS adds support for the latest nvidia driver out of the box !


Tags:
linux
elementary os
open source
distribution
linux distro
linux help
linux tutorial 2019
Linux 2019
nextcloud setup
nextcloud https setup
nextcloud https certificate
nextcloud trusted domain config.php
nextcloud domain name
get a domain name
dns registration
register dns
register domain name
register domain with google
linode https
ssl certificate tutorial
ssl certificates explained
snap nextcloud config
snap nextcloud ubuntu 18.04