Description
We’ll be installing OwnCloud, a self-hosted Dropbox alternative for sharing documents, images and videos securely. You should also setup SSL for this connection for added security and privacy.
note: see OwnCloud’s installation instructions here: https://download.owncloud.org/download/repositories/stable/owncloud/
Prerequisites
- VPS or other server you have root access to
- Apache httpd installed and configured for your domain(s)
- MariaDB or MySQL installed and configured with a valid DBA account
Installation
- Open a terminal and give the following commands as root or using sudo.
- Get a Free SSL certificate for your desired subdomain. We’ll be using “storage” as our subdomain of example.com | storage.example.com
- After successful installation, open and edit the following file:
|
1 2 3 4 |
rpm --import https://download.owncloud.org/download/repositories/stable/CentOS_6/repodata/repomd.xml.key wget http://download.owncloud.org/download/repositories/stable/CentOS_6/ce:stable.repo -O /etc/yum.repos.d/ce:stable.repo yum clean all yum install owncloud |
/etc/httpd/conf.d/owncloud.conf
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 |
<VirtualHost *:80> ServerAdmin admin@example.com ServerName storage.example.com ErrorLog logs/storage.example.com-error_log CustomLog logs/storage.example.com-access_log combined Redirect Permanent / https://storage.example.com </VirtualHost> ## Please enable this manually, if needed. See also ## https://doc.owncloud.org/server/8.2/admin_manual/issues/index.html#apple-ios # Redirect 301 /.well-known/carddav /owncloud/remote.php/carddav # Redirect 301 /.well-known/caldav /owncloud/remote.php/caldav <VirtualHost *:443> ## General setup for the default SSL virtual host ## ServerAdmin warren@example.com DocumentRoot /var/www/html/owncloud ServerName storage.example.com ## Enable HSTS (if you have problems with this setting, remove `includeSubdomains;` below ## Header always set Strict-Transport-Security "max-age=63072000; preload" ## Log Files ## ## Uncomment for Awstats or other log analysers ## #CustomLog logs/storage.exmaple.com_custom_log combined ErrorLog logs/storage.exmaple.com_ssl_error_log TransferLog logs/storage.exmaple.com_ssl_access_log LogLevel warn ## Enable/Disable SSL ## SSLEngine On ## SSL Protocol support ## SSLProtocol all -SSLv2 -SSLv3 ## SSL Cipher Suite ## SSLHonorCipherOrder On SSLCipherSuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:kEDH+AESGCM:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:AES256:AES128:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4 ## Server Certificate ## SSLCertificateFile /etc/pki/tls/certs/storage.example.com.ssl.crt ## Server Private Key ## SSLCertificateKeyFile /etc/pki/tls/private/storage.example.com.nopass.key ## Certificate Authority (CA) ## SSLCACertificateFile /etc/pki/tls/certs/start-ssl-ca-sha2.pem ## Server Certificate Chain ## SSLCertificateChainFile /etc/pki/tls/certs/sub.class1.server.ca.pem <Files ~ "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> <Directory "/var/www/html/owncloud"> Options +FollowSymLinks AllowOverride All <IfModule mod_dav.c> Dav off </IfModule> SetEnv HOME /var/www/html/owncloud SetEnv HTTP_HOME /var/www/html/owncloud </Directory> <Directory "/var/www/html/owncloud/data/"> # just in case if .htaccess gets disabled Require all denied </Directory> <Directory "/var/www/cgi-bin"> SSLOptions +StdEnvVars </Directory> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 ## Per-Server Logging ## CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> |
Database setup
We need to create a database container, username and password for our OwnCloud installation, we’ll be using MariaDB but these same instructions will work with MySQL.
Login to the database server:
mysql -pcreate database own_cloud;grant all privileges on own_cloud.* TO 'oc_admin'@'localhost' IDENTIFIED BY 'strong_password' with grant option;
You’ll need to remember the following:
- Hostname
- localhost
- Database name
- own_cloud
- Database username
- oc_admin
- Database password
- strong_password
Testing & Troubleshooting
You should now be able to visit https://storage.example.com/ and begin the installation.
Last Modified: 22 Apr, 2020 at 16:43:20