Yet another ownCloud Installation Guide

owncloud

If you want to use you own ownCloud installation, you can find several documentation on the Internet on how to set up this server, e.g. the official ownCloud documentation, or installation guides such as this or that or here. But none of these page alone provided enough information for installing a secure server completely from the beginning.

So here comes my step-by-step guide which surely won’t be complete, too. ? However, hopefully it will help other people while searching for their way to install ownCloud. Additionally I am showing how to upgrade an ownCloud server.

I am assuming that there is a fresh Ubuntu server installation in place (with a few other programs such as shown here), which has already static IP addresses and is accessible form the Internet. I am also assuming that there is a correct DNS name configured and that the SSL certificate for this DNS name is present.

(And note: Though I am trying to be really accurate about all commands, I am not showing every single key-stroke. If you have any problems on any step: 1) Google is your friend or 2) write a comment below this site.)

I am using the following components in this guide:

  • Ubuntu Server 14.04.2 LTS
  • ownCloud 8.0.4 (later updated to 8.1.0)

Basic Installation

The first step is to install all of the necessary components on the Ubuntu server. This can be done by adding the repository with the following steps. In my case, 64 packages were installed. (Note that I am additionally installing the php5-mysql package. I do not fully know why, but several other guides did so. ;)) During the process, the user must type in theSQL root password. Choose a strong one and keep it in mind!

 

sudo sh -c "echo 'deb http://download.opensuse.org/repositories/isv:/ownCloud:/community/xUbuntu_14.04/ /' >> /etc/apt/sources.list.d/owncloud.list"
wget http://download.opensuse.org/repositories/isv:ownCloud:community/xUbuntu_14.04/Release.key
sudo apt-key add - < Release.key  
sudo apt-get update
sudo apt-get install owncloud php5-mysql

The apache server throws the following error: “Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1. Set the ‘ServerName’ directive globally to suppress this message”. This can be corrected by editing the apache configuration:

sudo nano /etc/apache2/apache2.conf

in which the server name must be added on a new line:

ServerName NAME-OF-THE-SERVER

SQL

The SQL database must be configured in the following way. Choose an own password for the ownCloud database user:

mysql -u root -p
CREATE USER 'ownclouduser'@'localhost' IDENTIFIED BY 'PASSWORD';
CREATE DATABASE ownclouddb;
GRANT ALL ON ownclouddb.* TO 'ownclouduser'@'localhost';
FLUSH PRIVILEGES;
exit

Virtual Host and HTTPS

The following steps enable SSL and create the appropriate virtual hosts for ownCloud.

At first, enable SSL and the headers module (later on used for HSTS):

sudo a2enmod ssl
sudo a2enmod headers

Then, add the virtual host (such as shown here with a static redirect to https). Note that I assume that there is a trusted SSL certificate already in place inside the /etc/ssl/certs/… folders. So, create a new configuration file for apache:

sudo nano /etc/apache2/sites-available/owncloud.conf

and add the following blocks in which “SUBDOMAIN.DOMAIN.TLD” must be set to your ownCloud DNS name:

<VirtualHost *:80>
    ServerName SUBDOMAIN.DOMAIN.TLD
    Redirect permanent / https://SUBDOMAIN.DOMAIN.TLD/
</VirtualHost>
 
<VirtualHost *:443>
    ServerName SUBDOMAIN.DOMAIN.TLD
    ServerAdmin webmaster@DOMAIN.TLD
    DocumentRoot "/var/www/owncloud"
    <Directory /var/www/owncloud>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        Allow from all
        # add any possibly required additional directives here
        # e.g. the Satisfy directive (see below for details):
        Satisfy Any
    </Directory>
    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/cloud.crt
    SSLCertificateKeyFile /etc/ssl/private/cloud.key
    SSLCertificateChainFile /etc/ssl/certs/StartSSLconcatenated.crt
  Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
    ErrorLog /var/log/apache2/SUBDOMAIN.DOMAIN.TLD-error_log
    CustomLog /var/log/apache2/SUBDOMAIN.DOMAIN.TLD-access_log common
</VirtualHost>

Finally, enable the new virtual host and reload the apache config:

sudo a2ensite owncloud.conf
sudo service apache2 reload

Additional, change the SSL cipher suite in order to use only secure protocols (e.g., graded with an A or A+ by SSL Labs). Open the ssl.conf file:

sudo nano /etc/apache2/mods-available/ssl.conf

and change the following two lines:

SSLCipherSuite HIGH:!kRSA:!kDHr:!kDHd:!kSRP:!aNULL:!3DES:!MD5
SSLProtocol all -SSLv3

and restart the server:

sudo service apache2 restart

 

Final Steps

Now, point your browser to the ownCloud installation:

https://SUBDOMAIN.DOMAIN.TLD

and finalize the installation. This means that at least the MySQL login (configured a few steps before) is needed in the appropriate fields:

ownclouduser
PASSWORD
ownclouddb
localhost

After these steps, the trusted domains must be set (if not set correctly already). Open the config.php:

sudo nano /var/www/owncloud/config/config.php

and verify the “trusted_domains” section:

Вашият коментар

Вашият имейл адрес няма да бъде публикуван. Задължителните полета са отбелязани с *

Този сайт използва Akismet за намаляване на спама. Научете как се обработват данните ви за коментари.