Simple Way of Hosting Your OwnCloud

This is a simple guide of how to setup OwnCloud 7.0 on a Ubuntu 14.04 Digital Ocean server.

In the following I will give you a guide of how to install OwnCloud 7.0 Community Edition on a dedicated server. OwnCloud is a neat open source project, which allows you not only to store your data online easily, but also synchronize your calendar or your address book. There are multiple clients for sychronizing available, such as the original desktop and mobile (Android client, iOS client).

In this guide I will use a DigitalOcean Droplet which runs Ubuntu 14.04. But the following should work analogous for different Linux distributions or cloud instances. The price of the server is 5$/month, and you can cancel the plan monthly. In the guide, I will also show how to set up a TLD pointing to our OwnCoud service. If you do not have a TLD yet, you can get one cheaply at NameCheap.

OwnCloud

1. Get your Server up and Running

First, buy the smallest plan, it is sufficient for our needs. But keep in mind that (when I wrote this article) you only have 20GB of storage and 1TB transfer included. When you create the droplet make sure you use Ubuntu 14.04 as operating system. Next, point your domain nameservers on NameCheap or the domain seller you use to the DigitalOcean nameservers. This is a very good side tutorial if you are stuck in this step. Go to NameCheap or your domain provider (where you bought the domain) and set up the following custom DNS servers:

ns1.digitalocean.com
ns2.digitalocean.com
ns3.digitalocean.com

Afterwards, as in the side tutorial, log into your DigitalOcean administration interface go to the DNS section on the left, and use the Add Domain button and enter your domain. Next, click on the settings for the domain, and add a CNAME record, like owncloud. This is the record for the subdomain we want to use for one OwnCloud configuration. See the screenshot below.

DigitalOcean DNS

It might take 10 minutes until the DNS updates are realized. We dont have to wait, just use the IP address provided in the Droplet configuration interface to log in to your server with SSH as root. First thing to do, change the password, and do not forget it. And then lets upgrade the software of your droplet. You might as well do a apt-get dist-upgrade to upgrade core system utils or the kernel and reboot the system. Afterwards, install all the necessary Ubuntu packages.

apt-get update
apt-get upgrade
apt-get install nginx php5 php5-gd php5-json\
    php5-mysql php5-curl php5-intl php5-mcrypt\
    php5-imagick php5-fpm mysql-server

After installing these packages, a MySQL configuration tool pops up and asks you which root password you prefer. Enter a strong memorable MySQL root password. Now let us create a database and a user for Owncloud.

2. Setup your MySQL Database

We use the MySQL shell to create the OwnCloud MySQL database and to add an OwnCloud MySQL user which has all access grants to the OwnCloud database.

mysql -u root -p

CREATE DATABASE oc;
grant all privileges on oc.* to "oc"@localhost identified by "pw"

3. Setup of Nginx

In the next step, we are going to set up the webserver Nginx. You can use another webserver with OwnCloud, for instance Apache, but I like Nginx, so I stick with Nginx. All the configuration files of Nginx are located in /etc/nginx. Before we create any site configuration, we first create an SSL certificate for the site. If you need further help, here is a tutorial for the exact same scenario. Use these commands to create an SSL key and a certificate.

sudo mkdir /etc/nginx/ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/nginx/ssl/owncloud.yd.com.key -out /etc/nginx/ssl/owncloud.yd.com.crt

Next we are going to create the working folders for your site. The first folder is the folder where your OwnCloud server code is placed and the other is for logging access and errors.

mkdir /var/www/owncloud.yourdomain.com
mkdir /var/log/nginx/owncloud.yourdomain.com
chown www-data:www-data /var/www/owncloud.yourdomain.com

3. Site Configuration

Okay, lets create the Nginx configuration file for the OwnCloud site. Just use your favourite editor to configure the following new site configuration.

vim /etc/nginx/sites-available/owncloud.yourdomain.com

In the file, add the content like below. The important parts are: The upstream handler FPM. You can double check with the following official site on Nginx Configuration for OwnCloud 7. Here is the configuration, remember to adjust the server name, the name of the SSL key and SSL certificate and the path to the working directory as well as the logging folder.

upstream php-handler {
  server unix:/var/run/php5-fpm.sock;
}

server {
  listen 80;
  server_name owncloud.yourdomain.com;
  # enforce https
  return 301 https://$server_name$request_uri;
  }

server {
  listen 443 ssl;
  server_name owncloud.yourdomain.com;

  ssl_certificate /etc/nginx/ssl/owncloud.yourdomain.com.crt;
  ssl_certificate_key /etc/nginx/ssl/owncloud.yourdomain.com.key;

  # Path to the root of your installation
  root /var/www/owncloud.yourdomain.com/;
  # set max upload size
  client_max_body_size 10G;
  fastcgi_buffers 64 4K;

  rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
  rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
  rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;

  index index.php;
  error_page 403 /core/templates/403.php;
  error_page 404 /core/templates/404.php;

  location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
    }

  location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
    deny all;
    }

  location / {
   # The following 2 rules are only needed with webfinger
   rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
   rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;

   rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
   rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;

   rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;

   try_files $uri $uri/ /index.php;
   }

   location ~ \.php(?:$|/) {
   fastcgi_split_path_info ^(.+\.php)(/.+)$;
   include fastcgi_params;
   fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
   fastcgi_param PATH_INFO $fastcgi_path_info;
   fastcgi_param HTTPS on;
   fastcgi_pass php-handler;
   }

   # Optional: set long EXPIRES header on static assets
   location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
       expires 30d;
       # Optional: Don't log access to assets
         access_log off;
   }

  }

Note: If you want to upload bigger files you have to additionally customize the configuration variables upload_max_size and post_max_size of your php-fpm configuration usually located at /etc/php5/fpm/php.ini. You need to restart the server, after changes.

If you are done with the changes you have to link the site configuration into the sites-enabled folder.

ln -s /etc/nginx/sites-enabled/owncloud.yourdomain.com /etc/nginx/sites-available/owncloud.yourdomain.com

4. Unpack the OwnCloud Distribution

Now, we are going to unpack the OwnCloud distribution. The following commands download the source and signatures and verify the the correctness of the content.

cd /root
wget 'https://download.owncloud.org/community/owncloud-7.0.2.tar.bz2'
wget 'https://download.owncloud.org/community/owncloud-7.0.2.tar.bz2.sha256'
wget 'https://owncloud.org/owncloud.asc'
wget 'https://download.owncloud.org/community/owncloud-7.0.2.tar.bz2.asc'
gpg --import owncloud.asc
gpg --verify owncloud-7.0.2.tar.bz2.asc

If the commands succeeded, extract the distribution archive and copy the files into the right directory.

bunzip2 owncloud-7.0.2.tar.bz2
tar -xf owncloud-7.0.2.tar

cp -rf * /var/www/owncloud.mapoftea.com/
chown www-data:www-data -R /var/www/owncloud.mapoftea.com

To harden the security the official OwnCloud 7 manual installation recommends to set the following rights on folders.

chown -R root:root /path/to/owncloud/
chown <http-user>:<http-user> /path/to/owncloud/config/config.php
chown -R <http-user>:<http-user> /path/to/owncloud/data/
chown root:root /path/to/owncloud/data/.htaccess
chown <http-user>:<http-user> /path/to/owncloud/apps/

Configure OwnCloud

Restart your Nginx server by executing service nginx restart. And then try to access the web interface via your subdomain, e.g. https://owncloud.yd.com. If everything works fine, you should see an installation guide which asks you for MySQL host, user, password and database. Just provide the information you set earlier in the tutorial and you are finished. If you encounter problems down the road, check the error log files in the specified folder.

Conclusion

Personally, I use OwnCloud for sharing files among friends, and in the shell WebDAV client cadaver is quite handy. OwnCloud is a great piece of software and I hope the contributors will continue to improve OwnCloud even more. Thanks for this awesome tool.


One or two mails a month about the latest technology I'm hacking on.