From 5c1c03ea63b344cce62229cf1eee276080c908fa Mon Sep 17 00:00:00 2001 From: Markus Katharina Brechtel Date: Thu, 23 Jul 2020 06:52:31 +0200 Subject: [PATCH 1/2] acme well-known dir for nginx --- templates/nginx-vhost.conf.j2 | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/templates/nginx-vhost.conf.j2 b/templates/nginx-vhost.conf.j2 index c9adc95..4e88853 100644 --- a/templates/nginx-vhost.conf.j2 +++ b/templates/nginx-vhost.conf.j2 @@ -8,6 +8,11 @@ server { listen 80; listen [::]:80; server_name {{nextcloud_server_names|join(' ')}}; + + location /.well-known/acme-challenge { + default_type "text/plain"; + root /var/www/default; + } # enforce https return 301 https://$server_name:443$request_uri; @@ -18,9 +23,6 @@ server { listen [::]:443 ssl http2; server_name {{nextcloud_server_names|join(' ')}}; - # Use Mozilla's guidelines for SSL/TLS settings - # https://mozilla.github.io/server-side-tls/ssl-config-generator/ - # NOTE: some settings below might be redundant ssl_certificate /etc/ssl/certs/{{nextcloud_server_names|first}}.fullchain.pem; ssl_certificate_key /etc/ssl/private/{{nextcloud_server_names|first}}.key.pem; From 3bf6c6b4cfcc0a9a3044ea1535f3244809c6747b Mon Sep 17 00:00:00 2001 From: Markus Katharina Brechtel Date: Thu, 23 Jul 2020 06:52:40 +0200 Subject: [PATCH 2/2] apache2 works better --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index edd3411..a967832 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -36,4 +36,4 @@ nextcloud_php_version: 7.3 nextcloud_reset_lib_directory: true -nextcloud_webserver: nginx +nextcloud_webserver: apache2