mNo edit summary |
(→Resources: Nginx added) |
||
| (14 intermediate revisions by 6 users not shown) | |||
| Line 1: | Line 1: | ||
[https://www.owncloud.org ownCloud] is a web application that implements "cloud" services such as file storage and sharing, contact and calendar hosting and more. This page will help you set up an ownCloud server running on a Fedora system. See also the [http://doc.owncloud.org/ official documentation] (though we advise against using upstream's ownCloud packages from the Open Build Service: this guide uses Fedora's own ownCloud packages). | |||
== Features == | == Features == | ||
| Line 5: | Line 5: | ||
* Online file storage | * Online file storage | ||
* Android compatibility | * Android compatibility | ||
* Contacts( | * Contacts (CardDAV) and calendar (CalDAV) synchronization | ||
* Music streaming | * Music streaming | ||
* Many more | * Many more | ||
==Installation== | == Installation == | ||
You most likely want to install one of {{package|owncloud-httpd}} or {{package|owncloud-nginx}}, depending on the web server you wish to use, and at least one of {{package|owncloud-mysql}}, {{package|owncloud-postgresql}} and {{package|owncloud-sqlite}} depending on the database you wish to use. For example: | |||
# dnf install owncloud-httpd owncloud-mysql | |||
If you wish to run ownCloud on [[Apache_HTTP_Server|Apache]] and use a [[MariaDB]] / MySQL database. | |||
=== Enabling and starting the web server === | |||
You will need to enable and start the web server. For Apache: | |||
# systemctl enable --now httpd | |||
For nginx: | |||
# systemctl enable --now nginx php-fpm | |||
See the [[Apache_HTTP_Server|Apache page]] or [[Nginx|Nginx page]] for more detailed instructions on installing and configuring of web server. | |||
=== Enabling, starting and configuring the database server === | |||
If you choose to use SQLite, no special configuration is required. However, please be aware that SQLite is not a good choice for even moderately-sized or public deployments, and should really only be used for small private deployments or testing. | |||
==== [[MariaDB]] / MySQL ==== | |||
If you use MariaDB / MySQL, you will need to enable and start the database server. It is then strongly recommended to secure the server configuration. | |||
# systemctl enable --now mysqld | |||
$ mysql_secure_installation | |||
You should then create a database and a user for ownCloud to use. | |||
$ mysql -u root -p | |||
CREATE USER 'username'@'localhost' IDENTIFIED BY 'password'; | |||
CREATE DATABASE IF NOT EXISTS owncloud; | |||
GRANT ALL PRIVILEGES ON owncloud.* TO 'username'@'localhost' IDENTIFIED BY 'password'; | |||
FLUSH PRIVILEGES; | |||
Set the username as you like (but 'owncloud' is always a safe choice...), and choose a strong password (it will be saved in your ownCloud configuration, so there's no need to worry about convenience in re-typing or remembering it). | |||
For more information on MariaDB / MySQL deployment and configuration on Fedora, see [[MariaDB]]. You can also refer to the excellent [https://mariadb.com/kb/en/mariadb/documentation/ upstream documentation]. | |||
You | |||
==== [[PostgreSQL]] ==== | |||
If you use PostgreSQL, you will need to initialize the server before enabling and starting it. | |||
# postgresql-setup initdb | |||
# systemctl enable --now postgresql | |||
You will also need to configure SELinux to allow the web server to connect to the PostgreSQL server via TCP/IP: | |||
# setsebool -P httpd_can_network_connect_db on | |||
and configure PostgreSQL to use password authentication for local TCP/IP connections. To do this, edit {{filename|/var/lib/pgsql/data/pg_hba.conf}} and change the mechanism from 'ident' to 'password' on the lines that configure TCP/IP connections from localhost, 127.0.0.1, and ::0. The line for the 'local' TYPE does not apply to ownCloud, as it does not use local socket access to PostgreSQL servers. More information on this file can be found in the [http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html PostgreSQL documentation]. | |||
Now you will need to create a database and user for ownCloud to use. | |||
# su - -c "psql" postgres | |||
CREATE USER username WITH PASSWORD 'password'; | |||
CREATE DATABASE owncloud TEMPLATE template0 ENCODING 'UNICODE'; | |||
# | ALTER DATABASE owncloud OWNER TO username; | ||
GRANT ALL PRIVILEGES ON DATABASE owncloud TO username; | |||
Set the username as you like (but 'owncloud' is always a safe choice...), and choose a strong password (it will be saved in your ownCloud configuration, so there's no need to worry about convenience in re-typing or remembering it). | |||
It is also a good idea to set a password for the postgres user within PostgreSQL, which you can do with {{command|\password postgres}} from the PostgreSQL prompt. | |||
For more details on PostgreSQL deployment and configuration on Fedora, see [[PostgreSQL]]. You can also refer to the excellent [http://www.postgresql.org/docs/current upstream documentation]. | |||
=== TLS certificate configuration === | |||
== | |||
See the [[Apache_HTTP_Server|Apache page]] or [[Nginx|Nginx page]] for details on configuring TLS/SSL for your web server. | |||
If you | If you wish, you can configure your ownCloud server to only use TLS/SSL connections. Create a file {{filename|/etc/owncloud/forcessl.config.php}} with these contents: | ||
<?php | |||
$CONFIG = array ( | |||
'forcessl' => true, | |||
); | |||
== | Now whenever someone tries to connect to any ownCloud page without using TLS/SSL, they will be automatically redirected to the appropriate TLS/SSL URL. | ||
=== Initial ownCloud setup === | |||
* [http://doc.owncloud.org/ | |||
To perform initial ownCloud configuration, browse to http://localhost or https://localhost (adding a trust exception for your self-signed certificate, if you used one) from the server. If you wish to perform initial configuration from a browser running on a different machine, you will need to refer to [[Apache_HTTP_Server#webapp-access-control|these instructions for broadening access to ownCloud]] and [[Apache_HTTP_Server#firewall-configuration|these instructions for opening firewall ports]]. Please ensure you do not expose the initial configuration wizard to public access! | |||
In initial configuration, you will set an administrator username and password, and set your database configuration. If using MariaDB / MySQL or PostgreSQL, enter the appropriate username and password for the database you created earlier. | |||
In case of trouble, try restarting the Apache service: | |||
# systemctl restart httpd | |||
== Grant remote access to the server == | |||
Once you have run initial configuration on your server, you can refer to [[Apache_HTTP_Server#webapp-access-control|these instructions for broadening access to ownCloud]] and [[Apache_HTTP_Server#firewall-configuration|these instructions for opening firewall ports]] in order to allow access to your server from any host. Remember that if your server is running behind a NAT router and you wish to allow access from outside your local network, you will need to configure the router to forward the HTTP and HTTPS ports to your server. Configuring DNS is outside the scope of this documentation. | |||
== ownCloud package update policy == | |||
Fedora's ownCloud packages may (and often will) receive major version bumps within a stable release. For instance, ownCloud 7.x may be shipped as an update to ownCloud 6.x within a single Fedora release. We believe this update policy is an appropriate reflection of the upstream development practices: | |||
* Old major versions are quickly deprecated, often receiving few, infrequent or even no updates immediately after a new major version ships | |||
* Upgrades across more than one major release are not supported and frequently fail, meaning it would be dangerous for us to release Fedora X with ownCloud 7 and Fedora X+1 with ownCloud 9 | |||
This policy will be adjusted as appropriate to changes in upstream's practices: if upstream ever adopts an approach more friendly to conservative upgrade policies, we may change to only doing major version bumps between Fedora releases. | |||
As ownCloud is not on the [[Critical_path_package|critical path]], we consider this approach acceptable under the [[Updates_Policy#All_other_updates|updates policy]] - we consider it not to be practically "at all possible" to "[a]void Major version updates, ABI breakage or API changes". | |||
== Resources == | |||
* [[Apache_HTTP_Server]] | |||
* [[Nginx]] | |||
* [[MariaDB]] | |||
* [[PostgreSQL]] | |||
* [http://doc.owncloud.org/ ownCloud documentation] | |||
Latest revision as of 10:10, 15 February 2017
ownCloud is a web application that implements "cloud" services such as file storage and sharing, contact and calendar hosting and more. This page will help you set up an ownCloud server running on a Fedora system. See also the official documentation (though we advise against using upstream's ownCloud packages from the Open Build Service: this guide uses Fedora's own ownCloud packages).
Features
- Online file storage
- Android compatibility
- Contacts (CardDAV) and calendar (CalDAV) synchronization
- Music streaming
- Many more
Installation
You most likely want to install one of 
owncloud-httpd
# dnf install owncloud-httpd owncloud-mysql
If you wish to run ownCloud on Apache and use a MariaDB / MySQL database.
Enabling and starting the web server
You will need to enable and start the web server. For Apache:
# systemctl enable --now httpd
For nginx:
# systemctl enable --now nginx php-fpm
See the Apache page or Nginx page for more detailed instructions on installing and configuring of web server.
Enabling, starting and configuring the database server
If you choose to use SQLite, no special configuration is required. However, please be aware that SQLite is not a good choice for even moderately-sized or public deployments, and should really only be used for small private deployments or testing.
MariaDB / MySQL
If you use MariaDB / MySQL, you will need to enable and start the database server. It is then strongly recommended to secure the server configuration.
# systemctl enable --now mysqld $ mysql_secure_installation
You should then create a database and a user for ownCloud to use.
$ mysql -u root -p CREATE USER 'username'@'localhost' IDENTIFIED BY 'password'; CREATE DATABASE IF NOT EXISTS owncloud; GRANT ALL PRIVILEGES ON owncloud.* TO 'username'@'localhost' IDENTIFIED BY 'password'; FLUSH PRIVILEGES;
Set the username as you like (but 'owncloud' is always a safe choice...), and choose a strong password (it will be saved in your ownCloud configuration, so there's no need to worry about convenience in re-typing or remembering it).
For more information on MariaDB / MySQL deployment and configuration on Fedora, see MariaDB. You can also refer to the excellent upstream documentation.
PostgreSQL
If you use PostgreSQL, you will need to initialize the server before enabling and starting it.
# postgresql-setup initdb # systemctl enable --now postgresql
You will also need to configure SELinux to allow the web server to connect to the PostgreSQL server via TCP/IP:
# setsebool -P httpd_can_network_connect_db on
and configure PostgreSQL to use password authentication for local TCP/IP connections. To do this, edit /var/lib/pgsql/data/pg_hba.conf and change the mechanism from 'ident' to 'password' on the lines that configure TCP/IP connections from localhost, 127.0.0.1, and ::0. The line for the 'local' TYPE does not apply to ownCloud, as it does not use local socket access to PostgreSQL servers. More information on this file can be found in the PostgreSQL documentation.
Now you will need to create a database and user for ownCloud to use.
# su - -c "psql" postgres CREATE USER username WITH PASSWORD 'password'; CREATE DATABASE owncloud TEMPLATE template0 ENCODING 'UNICODE'; ALTER DATABASE owncloud OWNER TO username; GRANT ALL PRIVILEGES ON DATABASE owncloud TO username;
Set the username as you like (but 'owncloud' is always a safe choice...), and choose a strong password (it will be saved in your ownCloud configuration, so there's no need to worry about convenience in re-typing or remembering it).
It is also a good idea to set a password for the postgres user within PostgreSQL, which you can do with \password postgres from the PostgreSQL prompt.
For more details on PostgreSQL deployment and configuration on Fedora, see PostgreSQL. You can also refer to the excellent upstream documentation.
TLS certificate configuration
See the Apache page or Nginx page for details on configuring TLS/SSL for your web server.
If you wish, you can configure your ownCloud server to only use TLS/SSL connections. Create a file /etc/owncloud/forcessl.config.php with these contents:
<?php $CONFIG = array ( 'forcessl' => true, );
Now whenever someone tries to connect to any ownCloud page without using TLS/SSL, they will be automatically redirected to the appropriate TLS/SSL URL.
Initial ownCloud setup
To perform initial ownCloud configuration, browse to http://localhost or https://localhost (adding a trust exception for your self-signed certificate, if you used one) from the server. If you wish to perform initial configuration from a browser running on a different machine, you will need to refer to these instructions for broadening access to ownCloud and these instructions for opening firewall ports. Please ensure you do not expose the initial configuration wizard to public access!
In initial configuration, you will set an administrator username and password, and set your database configuration. If using MariaDB / MySQL or PostgreSQL, enter the appropriate username and password for the database you created earlier.
In case of trouble, try restarting the Apache service:
# systemctl restart httpd
Grant remote access to the server
Once you have run initial configuration on your server, you can refer to these instructions for broadening access to ownCloud and these instructions for opening firewall ports in order to allow access to your server from any host. Remember that if your server is running behind a NAT router and you wish to allow access from outside your local network, you will need to configure the router to forward the HTTP and HTTPS ports to your server. Configuring DNS is outside the scope of this documentation.
ownCloud package update policy
Fedora's ownCloud packages may (and often will) receive major version bumps within a stable release. For instance, ownCloud 7.x may be shipped as an update to ownCloud 6.x within a single Fedora release. We believe this update policy is an appropriate reflection of the upstream development practices:
- Old major versions are quickly deprecated, often receiving few, infrequent or even no updates immediately after a new major version ships
- Upgrades across more than one major release are not supported and frequently fail, meaning it would be dangerous for us to release Fedora X with ownCloud 7 and Fedora X+1 with ownCloud 9
This policy will be adjusted as appropriate to changes in upstream's practices: if upstream ever adopts an approach more friendly to conservative upgrade policies, we may change to only doing major version bumps between Fedora releases.
As ownCloud is not on the critical path, we consider this approach acceptable under the updates policy - we consider it not to be practically "at all possible" to "[a]void Major version updates, ABI breakage or API changes".