I was trying to access my nextcloud server through the internet, and the LE cert has expried. I had auto-renowal enabled, but is has not worked. When I tried to fix the issue today, I could not get either the HTTP01 or DNS01 option to work.
This server is installed with Turnkey Truenas-VM image on my Truenas Scale
I would prefer to get it working through the API-option. There is working network access to the server and I can access the server though the internet, but due to the cerfication expiration, I cannot use it.
Got this resolved via passing through the PORT80 on my router and got it working again after running OS security update script from the host OS console. (confconsole)
And there is no such command on the CLI interface as Certbot
But I already got the actual deployment back up and running over my reverse proxy/port forwarding setup I am running.
with security in mind its a bad thing to have ssh remote root acces enabled. its better practice to have a user in the sudo-er group and sudo the comands
Looks like the Turnkey devs have not implemented it properly then. But I got it working though their configuration console over the SSH-connection.
And the SSH is not available to accessed over the public networks, just my LAN due to my port forward implementation. I should know that much, even though that user at least has a strong password
Thanks for the tip, I have that practise implemented on the hypervisor and other suchs platforms. I sadly have not had the time to sanitize that specific VM console. So far I have had strong enough password on that user that I have not seen it worth it to take the time to secury implement the levels of access. And that VM’s root user gets used only when I have to do maintenance to that VM
And I am also at the point where I will have to make major changes to my current LAB/production stack due to some hardware changes. But I will try to work on implementing non-root maintenance-users