letsencrypt: fix renewal with httpsonly enabled

Signed-off-by: nachoparker <nacho@ownyourbits.com>
2026-01-10 15:12:01 -03:30 · 2021-09-21 12:37:25 -06:00 · 2021-09-21 12:37:25 -06:00 · a4851dcd31
commit a4851dcd31
parent 1046a2413b
3 changed files with 36 additions and 0 deletions
--- a/bin/ncp/CONFIG/nc-nextcloud.sh
+++ b/bin/ncp/CONFIG/nc-nextcloud.sh
@ -186,6 +186,7 @@ EOF
  DocumentRoot /var/www/nextcloud
  <IfModule mod_rewrite.c>
    RewriteEngine On
+    RewriteRule ^.well-known/acme-challenge/ - [L]
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
  </IfModule>
--- a/changelog.md
+++ b/changelog.md
@ -10,16 +10,29 @@
 =======
 <<<<<<< HEAD
 <<<<<<< HEAD
+<<<<<<< HEAD
 [v1.39.7](https://github.com/nextcloud/nextcloudpi/commit/ef88f48) (2021-09-22) dont update config if Redis is not yet ready

 [v1.39.6 ](https://github.com/nextcloud/nextcloudpi/commit/534b9b5) (2021-09-19) ncp-update-nc: pre-check that NC is currently working fine
 =======
 =======
 >>>>>>> 3c905ea (letsencrypt: fix active status check)
+=======
+>>>>>>> bac07b7 (letsencrypt: fix renewal with httpsonly enabled)
 [v1.39.7](https://github.com/nextcloud/nextcloudpi/commit/a6fd394) (2021-09-22) dont update config if Redis is not yet ready
 =======
 [v1.39.7](https://github.com/nextcloud/nextcloudpi/commit/c651cf8) (2021-09-21) letsencrypt: fix active status check
 >>>>>>> a07ddd2 (letsencrypt: fix active status check)
+=======
+[v1.39.7](https://github.com/nextcloud/nextcloudpi/commit/c651cf8) (2021-09-21) letsencrypt: fix active status check
+=======
+[v1.39.9](https://github.com/nextcloud/nextcloudpi/commit/836d66d) (2021-09-21) letsencrypt: fix renewal with httpsonly enabled
+
+[v1.39.8](https://github.com/nextcloud/nextcloudpi/commit/6fca91c) (2021-09-21) letsencrypt: take into account duplicate domains ending in -0001
+
+[v1.39.7 ](https://github.com/nextcloud/nextcloudpi/commit/a07ddd2) (2021-09-21) letsencrypt: fix active status check
+>>>>>>> afeb957 (letsencrypt: fix renewal with httpsonly enabled)
+>>>>>>> dd348b0 (letsencrypt: fix renewal with httpsonly enabled)

 [v1.39.6](https://github.com/nextcloud/nextcloudpi/commit/534b9b5) (2021-09-19) ncp-update-nc: pre-check that NC is currently working fine
 >>>>>>> f289443 (dont update config if Redis is not yet ready)
--- a/updates/1.40.0.sh
+++ b/updates/1.40.0.sh
@ -8,8 +8,30 @@ source /usr/local/etc/library.sh # sets NCLATESTVER PHPVER RELEASE

 # all images

+# update ncp-restore
 install_app nc-restore

+# fix letsencrypt with httpsonly enabled
+  cat > /etc/apache2/sites-available/000-default.conf <<'EOF'
+<VirtualHost _default_:80>
+  DocumentRoot /var/www/nextcloud
+  <IfModule mod_rewrite.c>
+    RewriteEngine On
+    RewriteRule ^.well-known/acme-challenge/ - [L]
+    RewriteCond %{HTTPS} !=on
+    RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
+  </IfModule>
+  <Directory /var/www/nextcloud/>
+    Options +FollowSymlinks
+    AllowOverride All
+    <IfModule mod_dav.c>
+      Dav off
+    </IfModule>
+    LimitRequestBody 0
+  </Directory>
+</VirtualHost>
+EOF
+
 # docker images only
 [[ -f /.docker-image ]] && {
  :