Nextcloud + nginx + certbot

root@webserver:/home/maintainer# certbot -d nextcloud-domain.ru certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Nginx Web Server plugin (nginx)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-3] then [enter] (press 'c' to cancel): 1
Plugins selected: Authenticator nginx, Installer None
Requesting a certificate for nextcloud-domain.ru
Performing the following challenges:
http-01 challenge for nextcloud-domain.ru
Waiting for verification...
Cleaning up challenges

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/nextcloud-domain.ru/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/nextcloud-domain.ru/privkey.pem
   Your certificate will expire on 2021-05-31. To obtain a new or
   tweaked version of this certificate in the future, simply run
   certbot again. To non-interactively renew *all* of your
   certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Alias /.well-known/ "/usr/share/apache2/.well-known/"

certbot -w /usr/share/apache2 ...