Introduction
ownCloud is an open source file syncing and sharing software, just like Dropbox. Just placing files in a local shared directory, those files will be immediately synchronized to the server and to other devices using the ownCloud Desktop Sync Client, Android app, or iOS app.
This tutorial explains how to install and configure the server side of ownCloud on openSUSE 42.2.
Getting started
First of all, install SuSEfirewall2. This is a script that generates iptables rules from configurations stored in
. Install it with zypper:
# zypper in SuSEfirewall2
There is also a YaST configuration module, but it doesn’t permit you to configure all firewall settings, so it’s necessary to manually edit the configuration file:
# $EDITOR /etc/sysconfig/SuSEfirewall2
In there, search for
line and change as follow:
FW_SERVICES_EXT_TCP="22 80 443"
These are: ssh, http, and https ports.
Save and exit.
Next, start it and enable it to start at boot time:
# systemctl start SuSEfirewall2 # systemctl enable SuSEfirewall2
Restart
:
# systemctl restart sshd
Install NGINX
NGINX is also available on openSUSE repositories, so:
# zypper in nginx
Start and enable it:
# systemct start nginx # systemctl enable nginx
Installing MariaDB
As for NGINX, MariaDB is also available as openSUSE package, so:
# zypper in mariadb mariadb-client
Next:
# systemctl start mysqld # systemctl enable mysqld
Configure its root account:
# mysql_secure_installation
Enter current password for root (enter for none): Set root password? [Y/n] New password: Re-enter new password: Remove anonymous users? [Y/n] Disallow root login remotely? [Y/n] Reload privilege tables now? [Y/n]
Now it’s possible to log in to the MariaDB shell and create a new database and user that will be used for ownCloud:
# mysql -u root -p
In the database system shell:
mysql> CREATE DATABASE myownclouddb; mysql> CREATE USER 'ocuser'@'localhost' IDENTIFIED BY 'user_strong_password'; mysql> GRANT ALL PRIVILEGES ON 'myownclouddb.*' TO 'ocuser'@'localhost' IDENTIFIED BY 'user_strong_password'; mysql> FLUSH PRIVILEGES; mysql> EXIT;
Now MariaDB is correctly configured for ownCloud.
Install PHP-FPM
ownCloud requires PHP 5.4+. Install PHP-FPM, which is a FastCGI alternative useful when handling sites with a lot of visitors. In this guide we’ll be using PHP7.
Through zypper:
# zypper in php7-fpm php7-gd php7-mysql php7-mcrypt php7-curl php7-pear php7-zip php7-json php7-ldap
Next, copy the default php-fpm configuration file, executing the following commands:
# cd /etc/php7/fpm # cp php-fpm.conf.default php-fpm.conf
Open that file with a text editor:
# $EDITOR php-fpm.conf
There, look for (and modify as follows) the following lines:
error_log = log/php-fpm.log user = nginx group = nginx listen = /var/run/php-fpm.sock listen.owner = nginx listen.group = nginx listen.mode = 0660
Save and exit.
Now, modify
:
# $EDITOR /etc/php7/cli/php.ini
Uncomment line 761 and change its value:
cgi.fix_pathinfo=0
Save, exit and copy this file to
:
# cp php.ini /etc/php7/conf.d/
The PHP7 session directory is
. Change its owner to nginx user:
# chown -R nginx:nginx /var/lib/php7/
Configure NGINX to work with PHP-FPM
Create a new NGINX configuration file, making a backup of the old one:
# cd /etc/nginx # cp nginx.conf nginx.conf.bk # $EDITOR nginx.conf
On line 65, add the following configuration:
location ~ \.php$ {
root /srv/www/htdocs;
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
Save, exit and test nginx:
# nginx -t
You should read the following lines:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
At the end:
# systemctl start php-fpm # systemctl enable php-fpm # systemctl restart nginx
Install ownCloud
Go to the web root directory, which is
, and there download ownCloud:
# wget https://download.owncloud.org/community/owncloud-9.1.4.tar.bz2
Extract the archive:
# tar xf owncloud-9.1.4.tar.bz2
In the
extracted folder, create a new data directory, and change its owner to nginx user:
# mkdir owncloud/data # chown -R nginx:nginx owncloud/
Configure a Virtual Host for ownCloud
Next step is to configure a Virtual Host in NGINX for ownCloud.
# mkdir /etc/nginx/vhosts.d && cd /etc/nginx/vhosts.d
There, create a new file:
# $EDITOR owncloud.conf
Paste the following content in that file:
upstream php-handler {
#server 127.0.0.1:9000;
server unix:/var/run/php-fpm.sock;
}
server {
listen 80; # If you have a SSL certificate (Recommended), change this line with "listen 443 ssl;" and add certificate lines;
server_name storage.mydomain.com;
# Path to the root of your installation
root /srv/www/owncloud/;
# set max upload size
client_max_body_size 10G;
fastcgi_buffers 64 4K;
# Disable gzip to avoid the removal of the ETag header
gzip off;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
deny all;
}
location / {
# The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ =404;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
}
# Adding the cache control header for js and css files
# Make sure it is BELOW the location ~ \.php(?:$|/) { block
location ~* \.(?:css|js)$ {
add_header Cache-Control "public, max-age=7200";
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
# Optional: Don't log access to assets
access_log off;
}
# Optional: Don't log access to other assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
access_log off;
}
}
Save, exit and restart services:
# systemctl restart nginx # systemctl restart php-fpm # systemctl restart mysql
Conclusions
The server side is now well configured. The last step is to go with a web browser to: http://storage.mydomain.com and finish a graphical configuration. At the end of this process your ownCloud Dashboard will be fully available!
