letsencrypt: fix renewal with httpsonly enabledv1.39.9

Signed-off-by: nachoparker <nacho@ownyourbits.com>
author: nachoparker <nacho@ownyourbits.com> 2021-09-21 21:37:25 +0300
committer: nachoparker <nacho@ownyourbits.com> 2021-09-22 09:48:57 +0300
commit: a4851dcd310bd27e447e5ec61d074f164db26b54 (patch)
tree: 01175410f94c4e90b545b6cc1510cc94716df996
parent: 1046a2413be5d2e55a516b34f9067a7ededf1e6e (diff)
3 files changed, 36 insertions, 0 deletions
diff --git a/bin/ncp/CONFIG/nc-nextcloud.sh b/bin/ncp/CONFIG/nc-nextcloud.sh
index e56c701c..4b9cf9de 100644
--- a/bin/ncp/CONFIG/nc-nextcloud.sh
+++ b/bin/ncp/CONFIG/nc-nextcloud.sh
@@ -186,6 +186,7 @@ EOF
   DocumentRoot /var/www/nextcloud
   <IfModule mod_rewrite.c>
     RewriteEngine On
+    RewriteRule ^.well-known/acme-challenge/ - [L]
     RewriteCond %{HTTPS} !=on
     RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
   </IfModule>
diff --git a/changelog.md b/changelog.md
index 6682743c..1168180c 100644
--- a/changelog.md
+++ b/changelog.md
@@ -10,16 +10,29 @@
 =======
 <<<<<<< HEAD
 <<<<<<< HEAD
+<<<<<<< HEAD
 [v1.39.7](https://github.com/nextcloud/nextcloudpi/commit/ef88f48) (2021-09-22) dont update config if Redis is not yet ready
 
 [v1.39.6 ](https://github.com/nextcloud/nextcloudpi/commit/534b9b5) (2021-09-19) ncp-update-nc: pre-check that NC is currently working fine
 =======
 =======
 >>>>>>> 3c905ea (letsencrypt: fix active status check)
+=======
+>>>>>>> bac07b7 (letsencrypt: fix renewal with httpsonly enabled)
 [v1.39.7](https://github.com/nextcloud/nextcloudpi/commit/a6fd394) (2021-09-22) dont update config if Redis is not yet ready
 =======
 [v1.39.7](https://github.com/nextcloud/nextcloudpi/commit/c651cf8) (2021-09-21) letsencrypt: fix active status check
 >>>>>>> a07ddd2 (letsencrypt: fix active status check)
+=======
+[v1.39.7](https://github.com/nextcloud/nextcloudpi/commit/c651cf8) (2021-09-21) letsencrypt: fix active status check
+=======
+[v1.39.9](https://github.com/nextcloud/nextcloudpi/commit/836d66d) (2021-09-21) letsencrypt: fix renewal with httpsonly enabled
+
+[v1.39.8](https://github.com/nextcloud/nextcloudpi/commit/6fca91c) (2021-09-21) letsencrypt: take into account duplicate domains ending in -0001
+
+[v1.39.7 ](https://github.com/nextcloud/nextcloudpi/commit/a07ddd2) (2021-09-21) letsencrypt: fix active status check
+>>>>>>> afeb957 (letsencrypt: fix renewal with httpsonly enabled)
+>>>>>>> dd348b0 (letsencrypt: fix renewal with httpsonly enabled)
 
 [v1.39.6](https://github.com/nextcloud/nextcloudpi/commit/534b9b5) (2021-09-19) ncp-update-nc: pre-check that NC is currently working fine
 >>>>>>> f289443 (dont update config if Redis is not yet ready)
diff --git a/updates/1.40.0.sh b/updates/1.40.0.sh
index 118729cf..cf4775a3 100644
--- a/updates/1.40.0.sh
+++ b/updates/1.40.0.sh
@@ -8,8 +8,30 @@ source /usr/local/etc/library.sh # sets NCLATESTVER PHPVER RELEASE
 
 # all images
 
+# update ncp-restore
 install_app nc-restore
 
+# fix letsencrypt with httpsonly enabled
+  cat > /etc/apache2/sites-available/000-default.conf <<'EOF'
+<VirtualHost _default_:80>
+  DocumentRoot /var/www/nextcloud
+  <IfModule mod_rewrite.c>
+    RewriteEngine On
+    RewriteRule ^.well-known/acme-challenge/ - [L]
+    RewriteCond %{HTTPS} !=on
+    RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
+  </IfModule>
+  <Directory /var/www/nextcloud/>
+    Options +FollowSymlinks
+    AllowOverride All
+    <IfModule mod_dav.c>
+      Dav off
+    </IfModule>
+    LimitRequestBody 0
+  </Directory>
+</VirtualHost>
+EOF
+
 # docker images only
 [[ -f /.docker-image ]] && {
   :
author	nachoparker <nacho@ownyourbits.com>	2021-09-21 21:37:25 +0300
committer	nachoparker <nacho@ownyourbits.com>	2021-09-22 09:48:57 +0300
commit	a4851dcd310bd27e447e5ec61d074f164db26b54 (patch)
tree	01175410f94c4e90b545b6cc1510cc94716df996
parent	1046a2413be5d2e55a516b34f9067a7ededf1e6e (diff)