If you want to use your own ownCloud installation, you can find several documentation on the Internet on how to set up this server, e.g. the official ownCloud documentation, or installation guides such as this or here. But none of these pages alone provided enough information for installing a secure server completely from the beginning.
So here comes my step-by-step guide which surely won’t be complete, too. ;) However, hopefully it will help other people while searching for their way to install ownCloud. Additionally, I am showing how to upgrade an ownCloud server.
I am assuming that there is a fresh Ubuntu server installation in place (with a few other programs such as shown here), which has already static IP addresses and is accessible from the Internet. I am also assuming that there is a correct DNS name configured and that the SSL certificate for this DNS name is present.
(And note: Though I am trying to be really accurate about all commands, I am not showing every single key-stroke. If you have any problems on any step: 1) Google is your friend or 2) write a comment below this site.)
I am using the following components in this guide:
- Ubuntu Server 14.04.2 LTS
- ownCloud 8.0.4 (later updated to 8.1.0)
Basic Installation
The first step is to install all of the necessary components on the Ubuntu server. This can be done by adding the repository with the following steps. In my case, 64 packages were installed. (Note that I am additionally installing the php5-mysql package. I do not fully know why, but several other guides did so. ;)) During the process, the user must type in the SQL root password. Choose a strong one and keep it in mind!
1 2 3 4 5 |
sudo sh -c "echo 'deb http://download.opensuse.org/repositories/isv:/ownCloud:/community/xUbuntu_14.04/ /' >> /etc/apt/sources.list.d/owncloud.list" wget http://download.opensuse.org/repositories/isv:ownCloud:community/xUbuntu_14.04/Release.key sudo apt-key add - < Release.key sudo apt-get update sudo apt-get install owncloud php5-mysql |
The apache server throws the following error: “Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1. Set the ‘ServerName’ directive globally to suppress this message”. This can be corrected by editing the apache configuration:
1 |
sudo nano /etc/apache2/apache2.conf |
in which the server name must be added on a new line:
1 |
ServerName NAME-OF-THE-SERVER |
SQL
The SQL database must be configured in the following way. Choose an own password for the ownCloud database user:
1 2 3 4 5 6 |
mysql -u root -p CREATE USER 'ownclouduser'@'localhost' IDENTIFIED BY 'PASSWORD'; CREATE DATABASE ownclouddb; GRANT ALL ON ownclouddb.* TO 'ownclouduser'@'localhost'; FLUSH PRIVILEGES; exit |
Virtual Host and HTTPS
The following steps enable SSL and create the appropriate virtual hosts for ownCloud.
At first, enable SSL and the headers module (later on used for HSTS):
1 2 |
sudo a2enmod ssl sudo a2enmod headers |
Then, add the virtual host (such as shown here with a static redirect to https). Note that I assume that there is a trusted SSL certificate already in place inside the /etc/ssl/certs/… folders. So, create a new configuration file for apache:
1 |
sudo nano /etc/apache2/sites-available/owncloud.conf |
and add the following blocks in which “SUBDOMAIN.DOMAIN.TLD” must be set to your ownCloud DNS name:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
<VirtualHost *:80> ServerName SUBDOMAIN.DOMAIN.TLD Redirect permanent / https://SUBDOMAIN.DOMAIN.TLD/ </VirtualHost> <VirtualHost *:443> ServerName SUBDOMAIN.DOMAIN.TLD ServerAdmin webmaster@DOMAIN.TLD DocumentRoot "/var/www/owncloud" <Directory /var/www/owncloud> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny Allow from all # add any possibly required additional directives here # e.g. the Satisfy directive (see below for details): Satisfy Any </Directory> SSLEngine on SSLCertificateFile /etc/ssl/certs/cloud.crt SSLCertificateKeyFile /etc/ssl/private/cloud.key SSLCertificateChainFile /etc/ssl/certs/StartSSLconcatenated.crt Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" ErrorLog /var/log/apache2/SUBDOMAIN.DOMAIN.TLD-error_log CustomLog /var/log/apache2/SUBDOMAIN.DOMAIN.TLD-access_log common </VirtualHost> |
Finally, enable the new virtual host and reload the apache config:
1 2 |
sudo a2ensite owncloud.conf sudo service apache2 reload |
Additionally, change the SSL cipher suite to use only secure protocols (e.g., graded with an A or A+ by SSL Labs). Open the ssl.conf file:
1 |
sudo nano /etc/apache2/mods-available/ssl.conf |
and change the following two lines (according to here):
1 2 |
SSLCipherSuite HIGH:!kRSA:!kDHr:!kDHd:!kSRP:!aNULL:!3DES:!MD5 SSLProtocol all -SSLv3 |
and restart the server:
1 |
sudo service apache2 restart |
Final Steps
Now, point your browser to the ownCloud installation:
1 |
https://SUBDOMAIN.DOMAIN.TLD |
and finalize the installation. This means that at least the MySQL login (configured a few steps before) is needed in the appropriate fields:
1 2 3 4 |
ownclouduser PASSWORD ownclouddb localhost |
After these steps, the trusted domains must be set (if not set correctly already). Open the config.php:
1 |
sudo nano /var/www/owncloud/config/config.php |
and verify the “trusted_domains” section:
1 2 3 4 |
array ( 0 => 'IP-ADDRESS-OF-THE-SERVER', 1 => 'SUBDOMAIN.DOMAIN.TLD', ), |
And the cron job for ownCloud should be used (see here). Create a new crontab with the www-data user:
1 |
crontab -u www-data -e |
which has the following job:
1 |
*/15 * * * * php -f /var/www/owncloud/cron.php |
In the admin section of the GUI webpage, set the Cron button to “Cron” (instead of Webcron or AJAX).
Filesize
Optional, change the maximum file size on your installation. “In order for the maximum upload size to be configurable, the .htaccess in the ownCloud folder needs to be made writable by the server”, read here. So, change the ownership of the htaccess file:
1 |
sudo chown www-data:www-data /var/www/owncloud/.htaccess |
and set the “maximum upload size” in the admin GUI, e.g., to 512M or greater (16G or whatever). Even though that should fit, open the htaccess file and verify that the following three lines are present (I added the third line manually):
1 2 3 4 |
sudo nano /var/www/owncloud/.htaccess php_value upload_max_filesize 4G php_value post_max_size 4G php_value memory_limit 4G |
(I am not quite sure if a restart of apache is necessary here. However, I did it:)
1 |
sudo service apache2 restart |
Update
I am always a bit afraid when updating web services via scripts or the like. But it is a must. So here we go. I updated my ownCloud installation from version 8.0.4 to 8.1.0. This is the documentation from ownCloud for that case. In theory, it is really simple:
1 2 3 4 5 |
sudo apt-get update sudo apt-get dist-upgrade cd /var/www/owncloud sudo -u www-data php occ upgrade sudo -u www-data php occ maintenance:mode --off |
Indeed, in my case (almost) everything succeeded. One thing I noticed was that the “contacts” app was disabled. And I was not able to update it through the GUI. Hm. However, after enabling it, the ownCloud server went into maintenance mode, but I was able to click the “Start Update” button in the GUI, which successfully updated the contacts app. Uff.
Furthermore (possibly due to the 8.1.0 update and not in general!), inside the admin section, the following warning appeared: “No memory cache has been configured.” In order to get a recent php5-apcu package (since the shipped package with Ubuntu 14.04 is outdated), the following steps are required:
1 2 |
wget http://mirrors.kernel.org/ubuntu/pool/universe/p/php-apcu/php5-apcu_4.0.6-1_amd64.deb sudo dpkg -i php5-apcu_4.0.6-1_amd64.deb |
To enable this module, the ownCloud config.php file must be edited:
1 |
sudo nano /var/www/owncloud/config/config.php |
with the following new line inside the “CONFIG array”:
1 |
'memcache.local' => '\OC\Memcache\APCu', |
But that was not enough. Another fatal error appeared: “Missing memcache class \OC\Memcache\APCu for local cache”. This could be solved with this two Google findings: Open the php.ini file inside the cli section:
1 |
sudo nano /etc/php5/cli/php.ini |
and add the following line:
1 |
apc.enable_cli=1 |
Now it’s working. This was one more good example on how Google can save your life. ;)
DONE!!!
[UPDATE] Since ownCloud 9.0.x (?) I have the problem that after every update I get an Internal Server Error. There are several reports on GitHub as well, such as this. I am always solving this error by: sudo nano /var/www/owncloud/.htaccess and to edit the following line from:
1 |
RewriteBase /owncloud |
1 |
RewriteBase / |
For any more hints or corrections, please write a comment.
Featured image “Oberbayerische Landschaft im Landkreis Mühldorf” by Andreas is licensed under CC BY-NC 2.0.
Great guide, thanks.
I’ve been struggling with a few of the finer points to get this working. Followed this and BINGO – perfect! Exactly how I want it to run.
Very good and tidy instructions, keep up the good work!
Great article. OwnCloud needs to put this on their support page ;)
I appreciate the effort to put all of this together to create this guide.
it was very helpful for me (a newbie in linux)
I am having an issue installing apcu
there is a dependency called phpapi-2013….. I can not find anywhere :(
any help you can provide?
at this time I am using apcu version 4.0.10
thanks
Hi Ale,
I am little bit confused about those apcu stuff anyway. Currently, I am not using it anymore, and ownCloud does not indicate a problem.
I cannot help you with this casy, sorry. But maybe you don’t need it at all. ;)
Thank you for the step by step instruction..
just enable universe pool in sources.list or use this links for php5-apcu
http://mirrors.kernel.org/ubuntu/pool/universe/p/php-apcu/php5-apcu_4.0.7-1build1~ubuntu14.04.1_i386.deb
http://mirrors.kernel.org/ubuntu/pool/universe/p/php-apcu/php5-apcu_4.0.7-1build1~ubuntu14.04.1_amd64.deb
also you can use this to enable apcu
echo ‘apc.enable_cli = 1’ | sudo tee /etc/php5/cli/conf.d/enable-apc-cli.ini
also i’d like to disable indexes
Helpful post, thanks…
Some stuff I found,
Owncloud 9x, Raspberry PI 2, using Raspbian Lite Jessey…
————
all the above commands/instructions work on PI
max file upload size is 2GB because it’s a 32Bit OS
use mysql server works the best, note: ignore any first install errors like “Database creation failed: ”
how to set server name;
#1 sudo echo “ServerName localhost” | sudo tee /etc/apache2/conf-available/servername.conf
#2 sudo a2enconf servername
#3 sudo service apache2 reload
————-
Thanks for the great article. It helps me understand how to installtion Owncloud.
As for the cron job setting, webcron like easycron.com is easy to use .