Setting up the new ownCloud 5.0 with Nginx and MySQL

Setting up the new ownCloud 5.0 with Nginx and MySQL



A few months ago Daniel put up a great blog post about installing the free cloud file syncing platform called ownCloud. This platform is basically like Dropbox, except you control  both running the server and the client sides. I took up Daniel’s suggestion and installed ownCloud to give it a whirl.

When I first did the setup I installed it using Apache and it all worked great. However just recently ownCloud has released a new version 5.0 which brings a new UI design and a bunch of new improvements. A full change log can be seen at, https://owncloud.org/changelog/.

I decided to re-install and change the web server to Nginx and continue to use MySQL for the database.

So below are the steps I went through to get ownCloud 5.0 working with Nginx as the web server. I spent some time researching the required config for Nginx to work with ownCloud. I hope that the following will help you with your installation.

Please note all the instructions are particular to my server environment, so the steps may differ if you are using a different linux flavour.

I would also get familiar with the Admin documentation before proceeding, http://doc.owncloud.org/server/5.0/admin_manual/

Requirements

  • A Centos 6.3 x64 Server / Virtual Server 
  • I formatted my server with EXT4, but this is not an essential step.
  • Server should have a public internet facing IP
  • You should already have a subdomain or DNS ready to use. For example, owncloud.mydomain.com.

Setup Steps

Pre-Setup

The pre-setup stage is for getting your OS ready to install all the necessary software packages that you will need to configure. This includes OS updates.

  1. Install additional yum package repositories
    • To install EPEL Repository browse to http://fedora.mirror.uber.com.au/epel/6/i386/repoview/epel-release.html and locate the URL to download the latest RPM to install the repo.
      • Run “rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm” (this URL may change, see above URL for updated link)
    • To install REMI Repository browse to do the following.
  2. Install your favourite text editor (in my case nano – don’t judge!).
    • Run “yum install nano”
  3. Now we want to confirm that both the additional repo’s you installed are enabled.
    • Run “nano /etc/yum.repos.d/epel.repo” and confirm that the enabled=1
    • Run “nano /etc/yum.repos.d/remil.repo” and confirm that the enabled=1
  4. We can now perform an OS update!
    • Run “yum update -y”
  5. Configure NTP
    • Run “service ntpd start”
    • Run “chkconfig ntpd on”
    • Run “ntpd”
  6. Install some useful tools
    • Run “yum install htop wget”
      • wget allows you to download files via URL’s
      • htop is a more advanced version of “top”, it gives a great over view of the performance of the server. Run “htop” to check it out.

ownCloud Setup

Now we are ready to install and configure all the software to run owncloud.

  1. First we need to install PHP and some required modules (mysql php module for example). 
    • Run “yum install php-fpm php-gd php-ldap php-pear php-xml php-xmlrpc php-magickwand php-magpierss php-mbstring php-mcrypt php-shout php-snmp php-soap php-tidy php-mysql php-pgsql php-pecl-mongo php-sqlite php-pecl-memcache php-pecl-memcached php-pecl-apc php-cli php-pdo”\
      • Note: This is a long list, and not all the packages are used for this particular setup. However I was running a few other things, so covered my bases with some additional installs.
  2. Now to modify your PHP.ini file
    • Run “nano /etc/php.ini”
    • Search for the following items in the ini file and modify them (Note: To search in nano, hit CTRL+W, type search text and hit enter”
      • Set post_max_size = 64M (Line 736)
      • Set cgi.fix_pathinfo = 0 (Line 848)
      • Set upload_max_filesize = 100M (Line 885)
      • Set date.timezone = “Australia/Sydney” (Line 956)
        • Note: If you need to find the timezone of underlying server, run “cat /etc/sysconfig/clock”
    • Hit CTRL+X to save the changes.
  3. Now to configure PHP-FPM (FastCGI Progress Manager) ready for Nginx to connect to it
    • Run “nano /etc/php-fpm.d/www.conf”
    • We want to configure PHP-FPM to use a unix-socket instead of the TCP Stack.
      • Comment in the line that says “listen = 127.0.0.1:9000” (To comment in just put a semi-colon ; in front of the line).
      • Comment out the line that says “listen = /var/run/php-fpm/php-fpm.sock” (To comment out a line just remove the # or semicolon ;).
      • Save the changes!
    • Now to start PHP-FPM
      • Run “chkconfig php-fpm on”
      • Run “service php-fpm start”
  4. Now to install MySQL for the database back end of ownCloud
    • Run “yum install mysql mysql-server” which installs the mysql packages.
    • Run “chkconfig mysqld on” which configures the mysqld service to start on start up.
    • Run “service mysqld start” which starts the mysqld service.
    • Run “/usr/bin/mysql_secure_installation” to do an initial configuration of mysql.
      • This will prompt you with a few questions, answer as follows,
        • Change the root password? Enter Y and change password for the root user to mysql.
        • Remove anonymous users? Y
        • Disallow root login remotely? Y
        • Remove test database and access to it? Y
        • Reload privilege table now? Y
    • Run “mysql -p”
      • Enter the root mysql user password to login.
      • You are now in the cmd line of MYSQL.
        • Run, “CREATE DATABASE clouddb;”
        • Run “GRANT ALL PRIVILEGES ON clouddb.* TO ‘clouduser’@’localhost’ IDENTIFIED BY ‘<clouduserpassword>’;”
        • Run “FLUSH PRIVILEGES”
        • Exit out of the mysql command line by typing exit.
  5. Now to install Nginx Web Server
    • Run “yum install nginx” to install the nginx package.
    • Run “service nginx start” to start the nginx service.
    • Run “chkconfig nginx on” to configure the nginx to start on startup.
    • Run “service nginx stop” to stop nginx for additional config changes.
    • Run “nano /etc/nginx/conf.d/ownload.conf”.
      • This is a new file so it will be blank.
      • Copy the following nginx / owncloud configuration into this file
        # redirect http to https
        server {
        listen 80;
        server_name owncloud.mydomain.com;
        return https://$server_name$request_uri; # enforce https
        }
        
        # owncloud (ssl/tls)
        server {
        listen 443 ssl;
        server_name owncloud.mydomain.com;
        ssl_certificate /etc/nginx/certs/server.crt;
        ssl_certificate_key /etc/nginx/certs/server.key;
        # Path to the root of your installation
        root /var/www/owncloud;
        client_max_body_size 10G; # set max upload size
        fastcgi_buffers 64 4K;
        rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
        rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
        rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
        index index.php;
        error_page 403 = /core/templates/403.php;
        error_page 404 = /core/templates/404.php;
        location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
        deny all;
        }
        location / {
        # The following 2 rules are only needed with webfinger
        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
        try_files $uri $uri/ index.php;
        }
        location ~ ^(.+?\.php)(/.*)?$ {
        try_files $1 = 404;
        include fastcgi_params;
        fastcgi_param PATH_INFO $2;
        fastcgi_param HTTPS on;
        #fastcgi_pass 127.0.0.1:9000;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
        }
        # Optional: set long EXPIRES header on static assets
        location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
        expires 30d;
        # Optional: Don't log access to assets
        access_log off;
        }
        }
    • Now to generate a self-signed SSL Certificate for your owncloud install (you can also purchase a legitimate certificate).
        • Run “mkdir -p “/etc/nginx/certs/”
        • Run “cd /etc/nginx/certs/”
        • Run “openssl genrsa -des3 -out server.key 2048”
        • Run “openssl req -new -key server.key -out server.csr”
          • You will be prompted for a few pieces of information including the ssl password, note down the password as you will need it in a few steps.
        • Run “cp server.key server.key.orig”
        • Run “openssl rsa -in server.key.orig -out server.key”
          • You will be prompted for the password you set earlier on.
        • Run “openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt”.
          • This will generate a self-signed certificate for 365 days.
    • We can now restart nginx with the new certificate.
      • Run “service nginx stop”
      • Run “service nginx start”
  6. Now to install ownCloud
    • Run “cd /tmp” to goto tmp direct under /
    • Run “wget http://download.owncloud.org/community/owncloud-5.0.3.tar.bz2” (You can get the latest link by going to https://owncloud.org/install/)
    • Run “tar xjf owncloud-5.0.3.tar.bz2”
    • Run “mv owncloud /var/www/
    • Run “mkdir /var/www/owncloud/data”
      • This is the folder where any synced data will be held.
    • Run “chmod 770 /var/www/owncloud/data”
      • The owncloud install will not proceed until this permission is set.
    • Run “chown -R root:apache /var/www/owncloud”
      • Why set the apache group? PHP-FPM is run by default as the user apache”.
        If you are running a firewall such as CSF or IPTABLES allow port 443 through.
  7. If you are running a firewall such as CSF or IPTABLES allow port 443 through.
    1. IPTABLES
      1. iptables -I INPUT 4 -p tcp -d 192.168.1.100 –dport 443 -j ACCEPT
      2. service iptables save
      3. service iptables restart
  8. You should now be able to access your owncloud website via https://owncloud.mydomain.com (this URL will change depending on the domain / DNS you have setup)
    • On first load of the ownCloud site you will be asked to set an admin user account.
    • There is an “advanced” tab where you can choose the database type and enter in details.
      • Choose MySQL
      • Enter localhost for host
      • Enter the username you created for DB user
      • Enter the DB name we created earlier for the Database.
  9. Finished!
    • You have now successfully installed the server part of ownCloud. You are now free to install the desktop sync client and start syncing some files.
    • I would also suggest you get familiar with the admin interface of owncloud and create a few users. User Documentation can be found here, http://doc.owncloud.org/server/5.0/user_manual/
    • Try to avoid using the admin account you just created as the primary sync account.

I hope that has helped some of you to install ownCloud and get your files synced to your own cloud storage!