Installing Owncloud on OMV version 1

    • OMV 1.0
    • Resolved
    • Installing Owncloud on OMV version 1

      I spent way too much time on this and thought others could benefit from this also. I wanted to install OwnCloud 7 using MySQL. I am syncing my computer using BTSync and wanted to be able to share and browse files using Owncloud.

      During the process of figuring everything out, I feel like I kept fighting with OMV. In its attempt to lock everything down and control the config of the server makes this sort of thing far too clumsy and difficult. I really like the idea of OMV, and don't really want to learn about manually managing RAID, spin down of drivers, health checks, etc. That's why I'm sticking with OMV. Otherwise going straight Ubuntu and using something like Saltstack to configure everything would be the ticket. With a tool like Saltstack, the server configuration can be checked into source code repository (like Github). Configuration can be versioned and easily repeatable without a bunch of click configurations.

      I ended up installing MySQL and owncloud outside the OMV plugin system. I struggled a bit with NGINX configuration, so ended up using the configuration file from the owncloud plugin. Here are the instructions:


    • First thank you for sharing!
      Second, does installing Owncloud the way you described cause the installation of apache2 as well?
      If yes, doesn't this create problems to nginx?

      I also assume that to follow your guide, using mysql or sqlite does not make any difference (given that the steps involving mysql are disregarded... of course.

      Thanks for your answer.
    • Hi -

      does installing Owncloud the way you described cause the installation of apache2


      No - the owncloud debian package does not automatically install apache. If you want to use apache, then it will not create a problem for nginx as long as you configure apache to listen to a different IP or port than nginx is listening to.

      using mysql or sqlite does not make any difference


      Correct. By default, the owncloud package installs and configures sqllite. Once installed, the first time you access the owncloud server you have the option to keep the sqllite configuration, or change it to mysql/mariadb. I didn't try sqllite, but from what I have read it is much faster using mysql.

      Hope this helps!

    • Thanks johnson, I followed your guide but I run into some problems.

      After the installation, when I tried to access the owncloud, I got the dreaded 502 bad gateway.
      It turned out that the owncloud-omv that is downloaded at line 44 differs from the one you report in your post.

      I removed the line containing fastcgi_param PHP_VALUE "upload_tmp_dir ... clearly pointing to your hard disk ;) and corrected the following one to: fastcgi_pass unix:/var/run/php5-fpm.sock;

      Now I get the owncloud welcome.

      The post was edited 1 time, last by angeloD ().

    • I ended up installing MySQL and owncloud outside the OMV plugin system. I struggled a bit with NGINX configuration, so ended up using the configuration file from the owncloud plugin. Here are the instructions:

      I don't see the instructions mentioned in the first post?
      Can somebody post them?
    • How comes that the instructions disappeared?? :?:


      Source Code

      1. ​## NGINX Configuration file for owncloud 7 running on Open Media Vault version 1
      2. server {
      3. listen [::]:8443 default_server ipv6only=off ssl deferred;
      4. ssl_certificate /etc/ssl/certs/openmediavault-bcdd5585-47e8-4bc3-a069-b3e21bbcee7e.crt;
      5. ssl_certificate_key /etc/ssl/private/openmediavault-bcdd5585-47e8-4bc3-a069-b3e21bbcee7e.key;
      6. server_name owncloud;
      7. root /var/www/owncloud;
      8. index index.php;
      9. autoindex off;
      10. server_tokens off;
      11. sendfile on;
      12. large_client_header_buffers 4 32k;
      13. client_max_body_size 10G;
      14. error_log /var/log/nginx/owncloud_error.log error;
      15. access_log /var/log/nginx/owncloud_access.log combined;
      16. rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
      17. rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
      18. rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
      19. error_page 403 /core/templates/403.php;
      20. error_page 404 /core/templates/404.php;
      21. location = /robots.txt {
      22. return 200 "User-agent: *\nDisallow: /";
      23. #allow all;
      24. #log_not_found off;
      25. #access_log off;
      26. }
      27. location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
      28. deny all;
      29. }
      30. location / {
      31. # The following 2 rules are only needed with webfinger
      32. rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
      33. rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
      34. rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
      35. rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
      36. rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
      37. try_files $uri $uri/ index.php;
      38. }
      39. location ~ ^(.+?\.php)(/.*)?$ {
      40. try_files $1 = 404;
      41. include fastcgi_params;
      42. fastcgi_param SCRIPT_FILENAME $document_root$1;
      43. fastcgi_param PATH_INFO $2;
      44. fastcgi_param HTTPS on;
      45. fastcgi_param PHP_VALUE "upload_tmp_dir = <<<path>>>";
      46. fastcgi_pass unix:/var/run/php5-fpm.sock;
      47. fastcgi_buffers 64 4K;
      48. }
      49. location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
      50. expires 30d;
      51. access_log off;
      52. }
      53. # PFS (Perfect Forward Secrecy)
      54. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      55. ssl_prefer_server_ciphers on;
      56. ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;
      57. }
      Display All



      Source Code

      1. * Owncloud
      2. - Install mysql manually:
      3. - apt-get install mysql
      4. - create root password during installation
      5. - Create owncloud database and user:
      6. - mysql -u root -p
      7. - create database owncloud;
      8. - create user 'owncloud@localhost' identified by 'use your own password';
      9. - GRANT ALL PRIVILEGES ON owncloud.* TO 'owncloud'@'localhost' IDENTIFIED BY 'password';
      10. - exit;
      11. - Install the repository:
      12. - References:
      13. - follow instructions from: http://software.opensuse.org/download.html?project=isv:ownCloud:community&package=owncloud
      14. - add the key for the repo in the same link
      15. - Add key:
      16. wget http://download.opensuse.org/repositories/isv:ownCloud:community/Debian_7.0/Release.key
      17. apt-key add - < Release.key
      18. - Add repository:
      19. echo 'deb http://download.opensuse.org/repositories/isv:/ownCloud:/community/Debian_7.0/ /' >> /etc/apt/sources.list.d/owncloud.list
      20. - Override OMV source settings
      21. - nano /etc/apt/preferences.d/openmediavault.pref
      22. - Append the following:
      23. Package: owncloud
      24. Pin: origin download.opensuse.org
      25. Pin-Priority: 996
      26. - Install owncloud and all dependencies
      27. apt-get update
      28. apt-get upgrade -y
      29. apt-get install owncloud -y
      30. - Create a certificate using OVM interface
      31. - be sure to set the common name to the name used to access your site externally
      32. - make a note of the full path/name of the .crt file: /etc/ssl/certs/*.crt -> used in configuration below
      33. - make a note of the full path/name of the .key file: /etc/ssl/private/*.key -> used below
      34. - Configure nginx
      35. cd /etc/nginx/sites-enabled
      36. create a file owncloud-omv (content below)
      37. - Edit this file and replace the ssl certificate & key generated above
      38. - nano owncloud-omv
      39. service nginx restart
      40. - navigate to your new webpage
      41. - https://localhost:8443
      42. - create a new admin user/passowrd -> can be anything you choose
      43. - Choose mysql and enter the credentials you created above
      44. - use a shared folder created in OMV
      Display All


      File owncloud-omv:

      Source Code

      1. #don't send the nginx version number in error pages and Server header
      2. server_tokens off;
      3. # config to don't allow the browser to render the page inside an frame or iframe
      4. # and avoid clickjacking http://en.wikipedia.org/wiki/Clickjacking
      5. # if you need to allow [i]frames, you can use SAMEORIGIN or even set an uri with ALLOW-FROM uri
      6. # https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options
      7. add_header X-Frame-Options SAMEORIGIN;
      8. # when serving user-supplied content, include a X-Content-Type-Options: nosniff header along with the Content-Type: header,
      9. # to disable content-type sniffing on some browsers.
      10. # https://www.owasp.org/index.php/List_of_useful_HTTP_headers
      11. # currently suppoorted in IE > 8 http://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx
      12. # http://msdn.microsoft.com/en-us/library/ie/gg622941(v=vs.85).aspx
      13. # 'soon' on Firefox https://bugzilla.mozilla.org/show_bug.cgi?id=471020
      14. add_header X-Content-Type-Options nosniff;
      15. # This header enables the Cross-site scripting (XSS) filter built into most recent web browsers.
      16. # It's usually enabled by default anyway, so the role of this header is to re-enable the filter for
      17. # this particular website if it was disabled by the user.
      18. # https://www.owasp.org/index.php/List_of_useful_HTTP_headers
      19. add_header X-XSS-Protection "1; mode=block";
      20. server {
      21. server {
      22. listen [::]:1443 default_server ipv6only=off ssl deferred;
      23. ssl_certificate /etc/ssl/certs/openmediavault-*****************************.crt;
      24. ssl_certificate_key /etc/ssl/private/openmediavault-****************************.key;
      25. server_name owncloud;
      26. root /var/www/owncloud;
      27. index index.php;
      28. autoindex off;
      29. server_tokens off;
      30. sendfile on;
      31. large_client_header_buffers 4 32k;
      32. client_max_body_size 10G;
      33. error_log /var/log/nginx/owncloud_error.log error;
      34. #access_log /var/log/nginx/owncloud_access.log combined;
      35. access_log off;
      36. rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
      37. rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
      38. rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
      39. error_page 403 /core/templates/403.php;
      40. error_page 404 /core/templates/404.php;
      41. location = /robots.txt {
      42. allow all;
      43. log_not_found off;
      44. access_log off;
      45. }
      46. location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
      47. deny all;
      48. }
      49. location / {
      50. # The following 2 rules are only needed with webfinger
      51. rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
      52. rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
      53. rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
      54. rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
      55. rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
      56. try_files $uri $uri/ index.php;
      57. }
      58. location ~ ^(.+?\.php)(/.*)?$ {
      59. try_files $1 = 404;
      60. include fastcgi_params;
      61. fastcgi_param SCRIPT_FILENAME $document_root$1;
      62. fastcgi_param PATH_INFO $2;
      63. fastcgi_param HTTPS on;
      64. fastcgi_param PHP_VALUE "upload_tmp_dir = /media/*********************************/";
      65. #fastcgi_pass unix:/var/run/php5-fpm.sock;
      66. fastcgi_pass unix:/var/run/php5-fpm-owncloud-omv.sock;
      67. }
      68. location ~ ^(.+?\.php)(/.*)?$ {
      69. try_files $1 = 404;
      70. include fastcgi_params;
      71. fastcgi_param SCRIPT_FILENAME $document_root$1;
      72. fastcgi_param PATH_INFO $2;
      73. fastcgi_param HTTPS on;
      74. fastcgi_param PHP_VALUE "upload_tmp_dir = /media/******************************";
      75. #fastcgi_pass unix:/var/run/php5-fpm.sock;
      76. fastcgi_pass unix:/var/run/php5-fpm-owncloud-omv.sock;
      77. fastcgi_buffers 64 4K;
      78. fastcgi_read_timeout 60s;
      79. }
      80. location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
      81. expires 30d;
      82. access_log off;
      83. }
      84. # PFS (Perfect Forward Secrecy)
      85. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      86. ssl_prefer_server_ciphers on;
      87. ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;
      88. # HSTS (HTTP Strict Transport Security)
      89. # https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security
      90. # https://en.wikipedia.org/wiki/SSL_stripping#SSL_stripping
      91. add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
      92. add_header X-Frame-Options "DENY";
      93. }
      Display All