ownCloud-Installation

Anleitung für die Installation von ownCloud auf einem Mac oder Linux.

Links:

• Offizielle Installations-Anleitung
• Anleitung: ownCloud auf Linux mit nginx und MariaDB installieren
• Anleitung: MySQL, nginx und PHP auf Mac installieren
• Anleitung MariaDB auf Mac installieren
• Anleitung nginx mit PHP7-fpm auf Mac installieren
• Anleitung self-signed Zertifikat für nginx erstellen

Anleitung für ownCloud mit MariaDB auf Linux

Komplette Installation Stand: 2017-04-30, Getestet unter Ubuntu 17.04
Upgrade Stand: 2018-05-19, Getestet unter Ubuntu 18.04

Datenbank installieren

MariaDB installieren:

sudo apt-get install mariadb-server

Wichtige Pfade und Befehle für MariaDB:

• Konfiguration: /etc/mysql/my.cnf (Symlink auf /etc/mysql/mariadb.cnf)
• Daten-Verzeichnis: /var/lib/mysql/
• Status anzeigen: systemctl status mariadb
• MariaDB starten: sudo systemctl start mariadb
• MariaDB stoppen: sudo systemctl stop mariadb
• MariaDB neu starten: sudo systemctl restart mariadb
• DB exportieren: mysqldump -u username -p database_name > data-dump.sql
• DB importieren: sudo mysql -uroot new_database < data-dump.sql (evtl. vorher CREATE DATABASE new_database;)

Prüfen, wo MariaDB die Konfiguration sucht:

mysql --help | head

Konfiguration öffnen:

sudo nano /etc/mysql/my.cnf

Sicherstellen, dass folgender Eintrag in my.cnf steht:

[mysqld]
binlog_format = MIXED

MariaDb neu starten:

systemctl restart mariadb

MariaDB-Konsole öffnen:

sudo mysql -uroot

In MariaDB-Konsole Konfiguration prüfen:

SHOW VARIABLES LIKE 'binlog%';

Datenbank anlegen

MySQL-Konsole öffnen (Passwort ist leer):

sudo mysql -uroot

Datenbank anlegen:

create database owncloud;
create user owncloud@localhost identified by 'MeInPasSw0rT';
grant all privileges on owncloud.* to owncloud@localhost;
flush privileges;
exit;

PHP7 installieren

Wir verwenden PHP 7. ownCloud würde auch auf PHP 5 laufen.

PHP 7 mit den von owncloud benötigten Modulen installieren.

Pakete für Ubuntu 17.04 (PHP 7.0):

sudo apt-get install php7.0-fpm php7.0-gd php7.0-mysql php7.0-curl php7.0-xml php7.0-zip php7.0-intl php7.0-mcrypt php7.0-mbstring php7.0-bz2 php-apcu

Pakete für Ubuntu 18.04 (PHP 7.2):

sudo apt-get install php-fpm php-gd php-mysql php-curl php-xml php-zip php-intl php-mbstring php-bz2 php-apcu

Wichtige Pfade und Befehle für PHP FastCGI:

• Konfiguration: /etc/php/7.2/fpm/php-fpm.conf
• Error-Log: /var/log/php7.2-fpm.log
• Status anzeigen: systemctl status php7.2-fpm
• PHP FastCGI starten: sudo systemctl start php7.2-fpm
• PHP FastCGI stoppen: sudo systemctl stop php7.2-fpm

Test, ob PHP-Version stimmt:

php -v
php-fpm7.2 -v

Webserver installieren

nginx installieren:

sudo apt-get install nginx

Wichtige Pfade und Befehle für nginx:

• nginx-Konfiguration:
  • Hauptkonfig: /etc/nginx/nginx.conf
  • Verfügbare Seiten: /etc/nginx/sites-available/*
  • Aktive Seiten: /etc/nginx/sites-enabled/* (Symlinks auf verfügbare Seiten)
• Default-Document-Root: /var/www/html
• Document-Root nach dieser Anleitung: /var/www
• Error-Log: /var/log/nginx/error.log
• Access-Log: /var/log/nginx/access.log
• Status anzeigen: systemctl status nginx
• nginx starten: sudo systemctl start nginx
• nginx stoppen: sudo systemctl stop nginx
• nginx-Konfiguration neu lesen: sudo systemctl reload nginx

Neuen Document-Root anlegen ({myuser} durch Nutzernamen ersetzen):

sudo mkdir /var/www
sudo chown {myuser} /var/www

mkdir /var/www/http
mkdir /var/www/https
mkdir /var/www/ssl

SSL-Zertifikat erstellen (TODO unter Linux testen):

echo "Creating private key (use simple password - will be removed later)"
openssl genrsa -des3 -out cert_pw.key 2048

echo "Creating certificate signing request"
openssl req -new -key cert_pw.key -out cert.csr

echo "Removing password from key (for nginx)"
openssl rsa -in cert_pw.key -out cert.key
rm cert_pw.key

echo "Creating certificate"
openssl x509 -req -days 1000 -in cert.csr -signkey cert.key -out cert.crt
rm cert.csr

echo "Moving cerificate"
mv cert.key cert.crt /var/www/ssl/
chmod 400 /var/www/ssl/cert.*
sudo chown _www:_www /var/www/ssl/cert.*

Konfiguration für http anlegen:

sudo nano /etc/nginx/sites-available/http

Konfiguration für http eingeben (Auf Port 80 hören, Document-Root /var/www/http, PHP aktivieren):

server {
    listen       80 default_server;
    listen       [::]:80 default_server;
    server_name  _;
    root         /var/www/http;

    location / {
        #root   html;
        index  index.html index.htm;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ \.php$ {
        fastcgi_pass   unix:/var/run/php/php7.2-fpm.sock;
        fastcgi_index  index.php;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param  PATH_INFO $fastcgi_path_info;
        include        fastcgi_params;
    }
}

Konfiguration für https anlegen:

sudo nano /etc/nginx/sites-available/https

Konfiguration für http eingeben (Auf Port 443 hören, SSL aktivieren, Document-Root /var/www/https, PHP aktivieren, Regeln für owncloud):

server {
    listen       443 ssl default_server;
    listen       [::]:443 ssl default_server;
    server_name  _;
    root         /var/www/https;

    ssl_certificate      /var/www/ssl/cert.crt;
    ssl_certificate_key  /var/www/ssl/cert.key;

    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;

    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;

    location ^~ /owncloud {

        # set max upload size
        client_max_body_size 1G;
        fastcgi_buffers 64 4K;

        # Disable gzip to avoid the removal of the ETag header
        gzip off;

        # Uncomment if your server is build with the ngx_pagespeed module
        # This module is currently not supported.
        #pagespeed off;

        error_page 403 /owncloud/core/templates/403.php;
        error_page 404 /owncloud/core/templates/404.php;

        location /owncloud {
            rewrite ^ /owncloud/index.php$uri;
        }

        location ~ ^/owncloud/(?:build|tests|config|lib|3rdparty|templates|data)/ {
            deny all;
        }

        location ~ ^/owncloud/(?:\.|autotest|occ|issue|indie|db_|console) {
            deny all;
        }

        location ~ ^/owncloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
            include fastcgi_params;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param PATH_INFO $fastcgi_path_info;

            # Important: disable HTTPS, otherwise no log in will be possible!
            #fastcgi_param HTTPS on;

            fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
            fastcgi_param front_controller_active true;
            fastcgi_pass   unix:/var/run/php/php7.2-fpm.sock;
            fastcgi_intercept_errors on;

            # Raise timeout values.
            # This is especially important when the ownCloud setup runs into timeouts (504 gateway errors)
            fastcgi_read_timeout 300;
            fastcgi_send_timeout 300;
            fastcgi_connect_timeout 300;

            # Pass PHP variables directly to PHP.
            # This is usually done in the php.ini. For more flexibility, these variables are configured in the nginx config.
            # All the PHP parameters have to be set in one fastcgi_param. When using more 'fastcgi_param PHP_VALUE' directives, the last one will override all the others.
            fastcgi_param PHP_VALUE "open_basedir=/var/www/:/var/tmp/:/dev/urandom
            upload_max_filesize = 1G
            post_max_size = 1G
            max_execution_time = 3600";

            # Make sure that the real IP of the remote host is passed to PHP.
            fastcgi_param REMOTE_ADDR $http_x_real_ip;
        }

        location ~ ^/owncloud/(?:updater|ocs-provider)(?:$|/) {
            try_files $uri/ =404;
            index index.php;
        }

        # Adding the cache control header for js and css files
        # Make sure it is BELOW the PHP block
        location ~* \.(?:css|js)$ {
            try_files $uri /owncloud/index.php$uri$is_args$args;
            proxy_set_header Cache-Control "public, max-age=7200";
            # Add headers to serve security related headers
            # Again use 'proxy_set_header' (not 'add_header') as the headers have to be passed through a proxy.
            proxy_set_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
            proxy_set_header X-Content-Type-Options nosniff;
            proxy_set_header X-Frame-Options "SAMEORIGIN";
            proxy_set_header X-XSS-Protection "1; mode=block";
            proxy_set_header X-Robots-Tag none;
            proxy_set_header X-Download-Options noopen;
            proxy_set_header X-Permitted-Cross-Domain-Policies none;
            # Optional: Don't log access to assets
            access_log off;
        }

        location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
            try_files $uri /owncloud/index.php$uri$is_args$args;
            # Optional: Don't log access to other assets
            access_log off;
        }
    }

    location / {
        #root   html;
        index  index.html index.htm;
    }

    location ~ (\.php$|^/owncloud/[^/]+\.php/) {
        fastcgi_pass   unix:/var/run/php/php7.0-fpm.sock;
        fastcgi_index  index.php;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param  PATH_INFO $fastcgi_path_info;
        include        fastcgi_params;
    }
}

Richtige Konfiguration aktivieren:

sudo rm /etc/nginx/sites-enabled/default
sudo ln -s /etc/nginx/sites-available/http /etc/nginx/sites-enabled/http
sudo ln -s /etc/nginx/sites-available/https /etc/nginx/sites-enabled/https

Webserver-Konfiguration neu laden:

sudo systemctl reload nginx

Test, ob Server läuft (sollte etwas mit Server: nginx/1.10.0 ausgeben):

curl --head http://localhost

Test, ob PHP geht:

echo "<?php phpInfo();" > /var/www/http/phpInfo.php

In Browser aufrufen: http://localhost/phpInfo.php

ownCloud installieren

ownCloud-Server hier herunterladen:

• Adresse von "Download Zip"-Button kopieren

• Zip herunterladen:

  wget https://download.owncloud.org/community/owncloud-10.0.8.zip

Wenn Erstinstallation:

• ownCloud auspacken:

  unzip owncloud-10.0.8.zip
  sudo chown -R www-data:www-data owncloud
  sudo mv owncloud /var/www/https/owncloud

• Daten-Verzeichnis anlegen:

  mkdir /var/www/owncloud_data
  sudo chown www-data:www-data /var/www/owncloud_data

• ownCloud-Setup starten: https://localhost/owncloud
  Dabei richtiges Datenverzeichnis und Datenbank setzen.

Wenn Upgrade:

• Details siehe Upgrade-Anleitung.

• Ins Home-Verzeichnis wechseln:

  cd ~

• Webserver stoppen:

  sudo systemctl stop nginx

• Datenbank-Backup anlegen:

  sudo mysqldump owncloud | gzip > owncloud_backup-2018-05-19.sql.gz

• Alte Installation verschieben:

  sudo mv /var/www/https/owncloud owncloud_backup-2018-05-19_www

• Neues Verzeichnis anlegen und Verzeichnisse data und config aus dem Backup kopieren:

  mkdir owncloud
  sudo cp -r owncloud_backup-2018-05-19_www/data owncloud_backup-2018-05-19_www/config owncloud

• Neue ownCloud-Version darüber auspacken (wir packen nach . aus, weil Verzeichnis im Zip owncloud heißt):

  sudo unzip -q owncloud-10.0.8.zip -d .
  sudo chown -R www-data:www-data owncloud

• ownCloud-Verzeichnis nach /var/www/ verschieben:

  sudo mv owncloud /var/www/https/owncloud

• Webserver starten:

  sudo systemctl start nginx

• Upgrade durchführen:

  cd /var/www/https/owncloud
  sudo -u www-data php occ app:disable activity
  sudo -u www-data php occ app:disable files_pdfviewer
  sudo -u www-data php occ app:disable files_texteditor
  sudo -u www-data php occ app:disable gallery
  sudo -u www-data php occ upgrade

• ownCloud im Browser öffnen und testen: https://localhost/owncloud

Anleitung für ownCloud mit MariaDB auf Mac

Stand: 2016-12-12

Homebrew installieren

Homebrew installieren. Siehe Homebrew Webseite

Wenn schon installiert, dann Homebrew aktualisieren:

brew update

Datenbank installieren

MariaDB installieren:

brew install mariadb

Wichtige Pfade für MariaDB:

• Konfiguration: /usr/local/etc/my.cnf
• Daten-Verzeichnis: /usr/local/var/mysql/

Prüfen, wo MariaDB die Konfiguration sucht:

mysql --help | head

Konfiguration öffnen:

nano /usr/local/etc/my.cnf

Sicherstellen, dass folgender Eintrag in my.cnf steht:

[mysqld]
binlog_format = MIXED

MariaDb starten:

brew services start mariadb

PHP7 installieren

Aktuelle PHP-Version ermitteln:

brew search php

Aktuelle PHP-Version installieren:

brew install --without-apache --with-fpm --with-mysql homebrew/php/php70

Wichtige Pfade für PHP:

• PHP-Konfiguration: /usr/local/etc/php/7.0/php.ini

Dem Homebrew-PHP Vorrang vor dem Mac-OS-PHP geben:

export PATH="/usr/local/sbin:$PATH"  
echo 'export PATH="/usr/local/sbin:$PATH"' >> ~/.bash_profile

Test, ob PHP-Version stimmt:

php -v
php-fpm -v

PHP starten:

sudo brew services start php70

TODO Soll angeblich zeigen, ob es läuft. Gibt bei mir aber nichts aus:

lsof -Pni4 | grep LISTEN | grep php

Webserver installieren

nginx installieren:

brew install nginx

Wichtige Pfade für nginx:

• nginx-Konfiguration: /usr/local/etc/nginx/nginx.conf
• Default-Document-Root: /usr/local/Cellar/nginx/1.2.3/html (1.2.3 ist die nginx-Version)
• Document-Root nach dieser Anleitung: /var/www
• Error-Log: /usr/local/var/log/nginx/error.log
• Access-Log: /usr/local/var/log/nginx/access.log

Neuen Document-Root anlegen ({myuser} durch Nutzernamen ersetzen):

sudo mkdir /var/www
sudo chown {myuser} /var/www

mkdir /var/www/http
mkdir /var/www/https
mkdir /var/www/ssl

SSL-Zertifikat erstellen:

echo "Creating private key (use simple password - will be removed later)"
openssl genrsa -des3 -out cert_pw.key 2048

echo "Creating certificate signing request"
openssl req -new -key cert_pw.key -out cert.csr

echo "Removing password from key (for nginx)"
openssl rsa -in cert_pw.key -out cert.key
rm cert_pw.key

echo "Creating certificate"
openssl x509 -req -days 1000 -in cert.csr -signkey cert.key -out cert.crt
rm cert.csr

echo "Moving cerificate"
mv cert.key cert.crt /var/www/ssl/
chmod 400 /var/www/ssl/cert.*
sudo chown _www:_www /var/www/ssl/cert.*

Konfiguration öffnen:

nano /usr/local/etc/nginx/nginx.conf

Konfiguration anpassen (Auf Port 80 hören, einfacher Document-Root /var/www, PHP aktivieren, SSL aktivieren, Regeln für owncloud):

    server {
        listen       80;
        server_name  localhost;
        root         /var/www/http;

        ...
        location / {
            #root   html;
            ...
        }

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        location ~ \.php$ {
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param  PATH_INFO $fastcgi_path_info;
            include        fastcgi_params;
        }
    }

    server {
        listen       443 ssl;
        server_name  localhost;
        root         /var/www/https;

        ssl_certificate      /var/www/ssl/cert.crt;
        ssl_certificate_key  /var/www/ssl/cert.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location ^~ /owncloud {

            # set max upload size
            client_max_body_size 1G;
            fastcgi_buffers 64 4K;

            # Disable gzip to avoid the removal of the ETag header
            gzip off;

            # Uncomment if your server is build with the ngx_pagespeed module
            # This module is currently not supported.
            #pagespeed off;

            error_page 403 /owncloud/core/templates/403.php;
            error_page 404 /owncloud/core/templates/404.php;

            location /owncloud {
                rewrite ^ /owncloud/index.php$uri;
            }

            location ~ ^/owncloud/(?:build|tests|config|lib|3rdparty|templates|data)/ {
                deny all;
            }

            location ~ ^/owncloud/(?:\.|autotest|occ|issue|indie|db_|console) {
                deny all;
            }

            location ~ ^/owncloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
                include fastcgi_params;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param PATH_INFO $fastcgi_path_info;

                # Important: disable HTTPS, otherwise no log in will be possible!
                #fastcgi_param HTTPS on;

                fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
                fastcgi_param front_controller_active true;
                fastcgi_pass   127.0.0.1:9000;
                fastcgi_intercept_errors on;

                # Raise timeout values.
                # This is especially important when the ownCloud setup runs into timeouts (504 gateway errors)
                fastcgi_read_timeout 300;
                fastcgi_send_timeout 300;
                fastcgi_connect_timeout 300;

                # Pass PHP variables directly to PHP.
                # This is usually done in the php.ini. For more flexibility, these variables are configured in the nginx config.
                # All the PHP parameters have to be set in one fastcgi_param. When using more 'fastcgi_param PHP_VALUE' directives, the last one will override all the others.
                fastcgi_param PHP_VALUE "open_basedir=/var/www/:/var/tmp/:/dev/urandom
                upload_max_filesize = 1G
                post_max_size = 1G
                max_execution_time = 3600";

                # Make sure that the real IP of the remote host is passed to PHP.
                fastcgi_param REMOTE_ADDR $http_x_real_ip;
            }

            location ~ ^/owncloud/(?:updater|ocs-provider)(?:$|/) {
                try_files $uri/ =404;
                index index.php;
            }

            # Adding the cache control header for js and css files
            # Make sure it is BELOW the PHP block
            location ~* \.(?:css|js)$ {
                try_files $uri /owncloud/index.php$uri$is_args$args;
                proxy_set_header Cache-Control "public, max-age=7200";
                # Add headers to serve security related headers
                # Again use 'proxy_set_header' (not 'add_header') as the headers have to be passed through a proxy.
                proxy_set_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
                proxy_set_header X-Content-Type-Options nosniff;
                proxy_set_header X-Frame-Options "SAMEORIGIN";
                proxy_set_header X-XSS-Protection "1; mode=block";
                proxy_set_header X-Robots-Tag none;
                proxy_set_header X-Download-Options noopen;
                proxy_set_header X-Permitted-Cross-Domain-Policies none;
                # Optional: Don't log access to assets
                access_log off;
            }

            location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
                try_files $uri /owncloud/index.php$uri$is_args$args;
                # Optional: Don't log access to other assets
                access_log off;
            }
        }

        location / {
            #root   html;
            index  index.html index.htm;
        }

        location ~ (\.php$|^/owncloud/[^/]+\.php/) {
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param  PATH_INFO $fastcgi_path_info;
            include        fastcgi_params;
        }
    }

Webserver starten:

sudo brew services start nginx

Test, ob Server läuft (sollte etwas mit Server: nginx/1.10.0 ausgeben):

curl --head http://localhost

Test, ob PHP geht:

echo "<?php phpInfo();" > /var/www/phpInfo.php

In Browser aufrufen: http://localhost/phpInfo.php

Datenbank anlegen

MySQL-Konsole öffnen (Passwort ist leer):

mysql -u root -p

Datenbank anlegen:

create database owncloud;
create user owncloud@localhost identified by 'MeInPasSw0rT';
grant all privileges on owncloud.* to owncloud@localhost;
flush privileges;
exit;

ownCloud installieren

ownCloud-Server hier herunterladen.

ownCloud auspacken:

unzip ~/Downloads/owncloud-9.1.2.zip -d /var/www/https/

Daten-Verzeichnis anlegen und Schreibrechte setzen:

mkdir /var/www/owncloud_data
sudo chown _www:_www /var/www/owncloud_data
sudo chown -R _www:_www /var/www/https/owncloud

ownCloud-Setup starten: https://localhost/owncloud
Dabei richtiges Datenverzeichnis und Datenbank setzen.