OwnCloud: Difference between revisions
(Deprecate) |
No edit summary |
||
| Line 1: | Line 1: | ||
{{Obsolete|OwnCloud is deprecated in favor of [[Nextcloud|Nextcloud]]}} | {{Obsolete|OwnCloud is deprecated in favor of [[Nextcloud|Nextcloud]]}} | ||
[http://owncloud.org/ ownCloud] is WedDAV-based solution for storing and | [http://owncloud.org/ ownCloud] is WedDAV-based solution for storing and on-line sharing of your data, files, images, video, music, calendars and contacts. With Alpine, you can have your ownCloud instance up and running in 5 minutes! | ||
= Installation = | = Installation = | ||
{{pkg|ownCloud}} is available from Alpine | {{pkg|ownCloud}} is available from Alpine v2.5 and later. | ||
Before you start installing anything, make sure you have latest packages available. Make sure you are using | Before you start installing anything, make sure you have the latest packages available. Make sure you are using an 'http' repository in your {{path|/etc/apk/repositories}}, then run: | ||
{{cmd|apk update}} | {{cmd|apk update}} | ||
{{tip|Detailed information | {{tip|Detailed information can be found in [[Include:Upgrading_to_latest_release|this]] doc.}} | ||
== Database == | == Database == | ||
First you have to decide which database to use. Follow one of the | First you have to decide which database to use. Follow one of the database alternatives shown below: | ||
=== sqlite === | === sqlite === | ||
All you need to do is to install the package | All you need to do is to install the package | ||
| Line 20: | Line 20: | ||
{{cmd|apk add owncloud-pgsql}} | {{cmd|apk add owncloud-pgsql}} | ||
Configure and start the database | |||
{{cmd|/etc/init.d/postgresql setup | {{cmd|/etc/init.d/postgresql setup | ||
/etc/init.d/postgresql start}} | /etc/init.d/postgresql start}} | ||
Create a user and temporary grant CREATEDB privilege. | |||
{{cmd|psql -U postgres | {{cmd|psql -U postgres | ||
CREATE USER mycloud WITH PASSWORD 'test123'; | CREATE USER mycloud WITH PASSWORD 'test123'; | ||
ALTER ROLE mycloud CREATEDB; | ALTER ROLE mycloud CREATEDB; | ||
\q}} | \q}} | ||
{{Note|Replace the above username 'mycloud' and password 'test123' | {{Note|Replace the above username 'mycloud' and password 'test123' with something secure. Remember these settings. You'll need them later.}} | ||
=== mysql === | === mysql === | ||
| Line 35: | Line 35: | ||
{{cmd|apk add owncloud-mysql mysql-client}} | {{cmd|apk add owncloud-mysql mysql-client}} | ||
Configure and start {{pkg|mysql}} | |||
{{cmd|/etc/init.d/mysql setup | {{cmd|/etc/init.d/mysql setup | ||
/etc/init.d/mysql start | /etc/init.d/mysql start | ||
/usr/bin/mysql_secure_installation}} | /usr/bin/mysql_secure_installation}} | ||
Follow the wizard to | Follow the wizard to set up passwords etc. | ||
{{Note|Remember the usernames/passwords that you set | {{Note|Remember the usernames/passwords that you set with the wizard. You'll need them later.}} | ||
Create a user, database and set permissions. | |||
{{cmd|mysql -u root -p | {{cmd|mysql -u root -p | ||
CREATE DATABASE owncloud; | CREATE DATABASE owncloud; | ||
| Line 49: | Line 49: | ||
FLUSH PRIVILEGES; | FLUSH PRIVILEGES; | ||
EXIT}} | EXIT}} | ||
{{Note|Replace the above username 'mycloud' and password 'test123' | {{Note|Replace the above username 'mycloud' and password 'test123' with something secure. Remember these settings> You'll need them later.}} | ||
{{pkg|mysql-client}} is | {{pkg|mysql-client}} is no longer needed. To uninstall it, run: | ||
{{cmd|apk del mysql-client}} | {{cmd|apk del mysql-client}} | ||
== Webserver == | == Webserver == | ||
Choose, install and configure a webserver. In this example we will install {{pkg|nginx}} or {{pkg|lighttpd}}. ''Nginx'' is preferred over ''Lighttpd'' since the latter will consume a lot of memory when working with large files (see [http://redmine.lighttpd.net/issues/1283 lighty bug #1283]). You are free to install any other webserver of your choice as long as it supports PHP and FastCGI. We won't be covering how to generate an SSL certificate for your webserver. | |||
=== Nginx === | === Nginx === | ||
Install the | Install the required packages | ||
{{cmd|apk add nginx php-fpm}} | {{cmd|apk add nginx php-fpm}} | ||
| Line 76: | Line 76: | ||
}} | }} | ||
Create a directory for your | Create a directory for your website | ||
{{cmd|mkdir /etc/nginx/sites-available}} | {{cmd|mkdir /etc/nginx/sites-available}} | ||
| Line 113: | Line 113: | ||
} | } | ||
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 | # pass the PHP scripts to the FastCGI server listening on 127.0.0.1:9000 | ||
location ~ [^/]\.php(/|$) { | location ~ [^/]\.php(/|$) { | ||
fastcgi_split_path_info ^(.+?\.php)(/.*)$; | fastcgi_split_path_info ^(.+?\.php)(/.*)$; | ||
| Line 127: | Line 127: | ||
</pre> | </pre> | ||
If you are running | If you are running from RAM, and you're dealing with large files you might need to move the FastCGI temp file from /tmp to /var/tmp or to a directory that is mounted on a hard disk. | ||
<pre> | <pre> | ||
fastcgi_temp_path /var/tmp/nginx/fastcgi 1 2; | fastcgi_temp_path /var/tmp/nginx/fastcgi 1 2; | ||
</pre> | </pre> | ||
Large | Large file upload takes some time to be processed by php-fpm. So you need to bump the Nginx default read timeout: | ||
<pre> | <pre> | ||
| Line 146: | Line 146: | ||
</pre> | </pre> | ||
{{Note|If you are serving | {{Note|If you are serving multiple users, make sure to tune the *''children'' settings in /etc/php/php-fpm.conf}} | ||
Make nginx user member of www-data group | Make nginx user a member of the www-data group | ||
{{cmd|addgroup nginx www-data}} | {{cmd|addgroup nginx www-data}} | ||
| Line 167: | Line 167: | ||
...}} | ...}} | ||
Start | Start the webserver | ||
{{cmd|/etc/init.d/lighttpd start}} | {{cmd|/etc/init.d/lighttpd start}} | ||
| Line 185: | Line 185: | ||
=== Additional packages === | === Additional packages === | ||
Some large apps, such as | Some large apps, such as text editors, documents and video viewer are in separate packages: | ||
{{cmd|apk add owncloud-texteditor owncloud-documents owncloud-videoviewer}} | {{cmd|apk add owncloud-texteditor owncloud-documents owncloud-videoviewer}} | ||
Revision as of 17:23, 28 July 2021
 |
ownCloud is WedDAV-based solution for storing and on-line sharing of your data, files, images, video, music, calendars and contacts. With Alpine, you can have your ownCloud instance up and running in 5 minutes!
Installation
ownCloud is available from Alpine v2.5 and later.
Before you start installing anything, make sure you have the latest packages available. Make sure you are using an 'http' repository in your /etc/apk/repositories, then run:
apk update
Database
First you have to decide which database to use. Follow one of the database alternatives shown below:
sqlite
All you need to do is to install the package
apk add owncloud-sqlite
postgresql
Install the package
apk add owncloud-pgsql
Configure and start the database
/etc/init.d/postgresql setup /etc/init.d/postgresql start
Create a user and temporary grant CREATEDB privilege.
psql -U postgres CREATE USER mycloud WITH PASSWORD 'test123'; ALTER ROLE mycloud CREATEDB; \q
mysql
Install the package
apk add owncloud-mysql mysql-client
Configure and start mysql
/etc/init.d/mysql setup /etc/init.d/mysql start /usr/bin/mysql_secure_installation
Follow the wizard to set up passwords etc.
Create a user, database and set permissions.
mysql -u root -p CREATE DATABASE owncloud; GRANT ALL ON owncloud.* TO 'mycloud'@'localhost' IDENTIFIED BY 'test123'; GRANT ALL ON owncloud.* TO 'mycloud'@'localhost.localdomain' IDENTIFIED BY 'test123'; FLUSH PRIVILEGES; EXIT
mysql-client is no longer needed. To uninstall it, run:
apk del mysql-client
Webserver
Choose, install and configure a webserver. In this example we will install nginx or lighttpd. Nginx is preferred over Lighttpd since the latter will consume a lot of memory when working with large files (see lighty bug #1283). You are free to install any other webserver of your choice as long as it supports PHP and FastCGI. We won't be covering how to generate an SSL certificate for your webserver.
Nginx
Install the required packages
apk add nginx php-fpm
Remove/comment any section like this in
Contents of /etc/nginx/nginx.conf
Include the following directive in
Contents of /etc/nginx/nginx.conf
Create a directory for your website
mkdir /etc/nginx/sites-available
Create a configuration file for your site in /etc/nginx/sites-available/mysite.mydomain.com
server {
#listen [::]:80; #uncomment for IPv6 support
listen 80;
return 301 https://$host$request_uri;
server_name mysite.mydomain.com;
}
server {
#listen [::]:443 ssl; #uncomment for IPv6 support
listen 443 ssl;
server_name mysite.mydomain.com;
root /var/www/vhosts/mysite.mydomain.com/www;
index index.php index.html index.htm;
disable_symlinks off;
ssl_certificate /etc/ssl/cert.pem;
ssl_certificate_key /etc/ssl/key.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
#Enable Perfect Forward Secrecy and ciphers without known vulnerabilities
#Beware! It breaks compatibility with older OS and browsers (e.g. Windows XP, Android 2.x, etc.)
#ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA;
#ssl_prefer_server_ciphers on;
location / {
try_files $uri $uri/ /index.html;
}
# pass the PHP scripts to the FastCGI server listening on 127.0.0.1:9000
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass 127.0.0.1:9000;
#fastcgi_pass unix:/var/run/php-fpm/socket;
fastcgi_index index.php;
include fastcgi.conf;
}
}
If you are running from RAM, and you're dealing with large files you might need to move the FastCGI temp file from /tmp to /var/tmp or to a directory that is mounted on a hard disk.
fastcgi_temp_path /var/tmp/nginx/fastcgi 1 2;
Large file upload takes some time to be processed by php-fpm. So you need to bump the Nginx default read timeout:
fastcgi_read_timeout 300s;
Set user and group for php-fpm in /etc/php/php-fpm.conf
... user = nginx group = www-data ...
Make nginx user a member of the www-data group
addgroup nginx www-data
Enable your website
ln -s ../sites-available/mysite.mydomain.com /etc/nginx/sites-enabled/mysite.mydomain.com
Start services
rc-service php-fpm start rc-service nginx start
Lighttpd
Install the package
apk add lighttpd php-cgi
Make sure you have FastCGI enabled in lighttpd:
Contents of /etc/lighttpd/lighttpd.conf
Start the webserver
/etc/init.d/lighttpd start
Link owncloud installation to web server directory:
ln -s /usr/share/webapps/owncloud /var/www/localhost/htdocs
Other settings
Hardening
Consider updating the variable url.access-deny in /etc/lighttpd/lighttpd.conf for additional security. Add "config.php" to the variable (that's where the database is stored) so it looks something like this:
Contents of /etc/lighttpd/lighttpd.conf
Restart lighttpd to activate the changes
/etc/init.d/lighttpd restart
Additional packages
Some large apps, such as text editors, documents and video viewer are in separate packages:
apk add owncloud-texteditor owncloud-documents owncloud-videoviewer
Configure and use ownCloud
Configure
Point your browser at https://mysite.mydomain.com and follow the on-screen instructions to complete the installation, supplying the database user and password created before.
Hardening postgresql
If you have chosen PGSQL backend, revoke CREATEDB privilege from 'mycloud' user:
psql -U postgres ALTER ROLE mycloud NOCREATEDB; \q
Increase upload size
Default configuration for php is limited to 2Mb file size. You might want to increase that size by editing the /etc/php/php.ini and change the following values to something that suits you:
upload_max_filesize = 2M post_max_size = 8M
Clients
There are clients available for many platforms, Android included:
- http://owncloud.org/sync-clients/ (ownCloud Sync clients)
- http://owncloud.org/support/android/ (Android client)