Raspberry Pi and Owncloud HTTPS with Nginx

If you want to install this service, You'll find dozens (at least) tutorials with your friend Google. So here I'll do easy and quick to share a USB Internet drive partition all in HTTPS !

Raspberry Pi Home Server - Etape 14 : installer Owncloud en HTTPS avec Nginx

The tutorials to install Owncloud you therefore find everywhere (you have an excellent and simple on tropfacile.NET). So one more on this site ! 🙂 On va installer Owncloud pour pouvoir partager une partition the USB disk. We will also see the certificate management to make an HTTPS connection.

  1. Install the necessary packages
    apt - get install php5 php5-json php5-gd php5-sqlite curl libcurl3 libcurl3-dev php5-curl php5-common php-xml-parser sqlite
  2. Package php - apc for optimizer performance (Thank you forum raspberrypi.org)
    apt - get install php - apc
  3. Download OwnCloud
    http://doc.owncloud.org/server/5.0/admin_manual/
  4. Unpack the archive in/var/www
    CD/var/www tar jxvf <Archive>
  5. Change the owner of the directory
    chown -R www-data:www - data/var/www/owncloud
  6. Create the directory /etc/nginx/certs If there is no
    mkdir /etc/nginx/certs
  7. Generate the certificate for the site in the directory /etc/nginx/certsAttention : use a strong password to generate your certificate. The certificate is valid 365 days. Need to generate a new one year
    OpenSSL genrsa - des3 - out owncloud.key 1024
    
    openssl req - new - key owncloud.key - out owncloud.csr cp owncloud.key owncloud.key.org openssl rsa - in owncloud.key.org - out owncloud.key openssl x 509 - req - days 365 -in owncloud.csr -signkey owncloud.key -out owncloud.crt
  8. Remove unnecessary file
    rm owncloud.csr owncloud.key.org
  9. Create a file /etc/nginx/sites-available/owncloud (You choose the port)
    server {
    
     listen 8091 ssl;
    
     SSL on;
    
     ssl_certificate /etc/nginx/certs/owncloud.crt;
    
     ssl_certificate_key /etc/nginx/certs/owncloud.key;
    
     error_log /var/log/nginx/owncloud.log;
    
     access_log /var/log/nginx/owncloud.log;
    
     server_name owncloud;
    
     root /var/www/owncloud;
    
     index index.php;
    
     client_max_body_size 1000M;
    
    # deny direct access rental ~ ^ /.(data|config|.ht|db_structure.xml|README) {
    
     deny all;
    
     }
    
     # default try order rental / {
    
     try_files $uri $uri / @webdav;
    
     }
    
     # owncloud WebDAV rental @webdav {
    
     fastcgi_pass unix:/var/run/PHP5-fpm.sock;
    
     fastcgi_split_path_info ^(.+.php)(/.*)$;
    
     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    
     fastcgi_param HTTPS on;
    
     include fastcgi_params;
    
     }
    
    location ~ .php$ {
    
     include/etc/nginx/fastcgi_params;
    
     try_files $uri = 404;
    
     fastcgi_param HTTPS on;
    
     fastcgi_index index.php;
    
     fastcgi_split_path_info ^(.+.php)(/.+)$;
    
     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    
     fastcgi_pass unix:/var/run/PHP5-fpm.sock;
    
     }
    
     }
  10. Enable the site
    ln -s /etc/nginx/sites-available/owncloud /etc/nginx/sites-enabled/owncloud
  11. Change the rights on the shared directory
    chown -R www-data:www - data/media/usbdrive/internet
  12. Edit the file /etc/php5/fpm/php.ini to increase the size of files that can be sent
    upload_max_filesize = 700M post_max_size = 800M
  13. Restart NGINX and php5-fpm
    Service nginx restart service php5-fpm restart
  14. Accessing Owncloud with https://<IP_du_Raspberry> :<port_in_the_configuration>/

    Display of the certificate to connect to your Owncloud

    Display of the certificate to connect to your Owncloud

  15. Simply follow the instructions on the screen

    Owncloud configuration settings

    Owncloud configuration settings

  16. Appointment on http://owncloud.org/support/ for documentation on the use of Owncloud
  17. A quick tour of your directory of data will confirm that the data will be stored in the right place

Here I hope to have helped you in your installation.

Good evening


For the version 5.0.4, Thanks to EFT (its site here) for his help :

    1. the name of the server (caution it appears in two places) –> server_name owncloud;
    2. the ssl port-> listen 8091 ssl;
    3. the location and the name of certificates :
      • –> ssl_certificate /etc/nginx/certs/owncloud.crt;
      • –> ssl_certificate_key /etc/nginx/certs/owncloud.key;
    4. the root-> root /var/www/owncloud;

You may also like...

  • Max

    Hello

    En ce qui me concerne je voulais avoir une redirection ssl uniquement sur le dossier owncloud et pas sur les autres services. Voici la solution trouvée pour la configuration de nginx

    server {
    
      listen 443 ssl;
    
      SSL on;
    
      server_name mondomaine.com;
    
    
    
      # directives for SSL certificates          ssl_certificate /etc/nginx/certs/owncloud.crt;
    
        ssl_certificate_key /etc/nginx/certs/owncloud.key;
    
      # root, index, error_log, access_log directives    root /var/www/;
    
      index index.html index.php;
    
      client_max_body_size 1000M; # set maximum upload size
    
    
    
    
    
    
    
      # deny direct access    location ~ ^/(data|config|.ht|db_structure.xml|README) {
    
        deny all;
    
      }
    
    
    
      # default try order    location /owncloud {
    
        try_files $uri $uri / @webdav;
    
      }
    
    
    
      # owncloud WebDAV    location @webdav {
    
        fastcgi_split_path_info ^(.+.php)(/.*)$;
    
        fastcgi_pass unix:/var/run/PHP5-fpm.sock;
    
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    
        #fastcgi_params HTTPS on;
    
        include fastcgi_params;
    
      }
    
    
    
      location ~ .php$ {
    
        # directives to handle PHP files      fastcgi_pass unix:/var/run/PHP5-fpm.sock;
    
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    
        #fastcgi_params HTTPS on;
    
        include fastcgi_params;
    
      }
    
    
    
      # leave everything else to port 80
    
      location / {
    
        rewrite ^ http://$host$request_uri permanent;
    
      }
    
    }
    
    
    
    server {
    
      listen 80;
    
      server_name mondomaine.com;
    
    
    
      # root, index, error_log, access_log directives    root /var/www/;
    
      index index.html index.php;
    
      client_max_body_size 1000M; # set maximum upload size
    
    
    
      # redirect yourdomain.com/shop to port 443
    
      # Please put this before location / block as
    
      # nginx stops after seeing the first match    location /owncloud {
    
        rewrite ^ https://$host$request_uri permanent;
    
      }
    
    
    
      location / {
    
        # guidelines to handle what's inside /, for example
    
        # try_files $uri $uri / index.php;
    
      }
    
    
    
      location ~ .php$ {
    
        # directives to handle PHP files      fastcgi_pass unix:/var/run/PHP5-fpm.sock;
    
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    
        #fastcgi_params HTTPS on;
    
        include fastcgi_params;
    
    
    
      }
    
    
    
    }
    
    
    
    

    There may be things to refine but it works well

  • Halukard

    Hello,

    Thank you for all these interesting super tutorial. I have just a question, in the finalization of the installation I was wrong directory at the time I get an error when the script tests to run. I searched around a bit but I have not found what config file is stored the value I passed him for the change and put the correct path to my directory.

    If you know it or know how to solve this small “problem” 🙂

    Thank you

    • Hello,
      Is it comes to owncloud base directory ? If this is the case it can be seen at the level of the open_basedir variable in the file /etc/php/php.ini. This is the list of directories where can be found PHP scripts.

      • Halukard

        Not actually in the field data folder I typed a wrong directory of the coup on the index.php page I get a message telling me that the path does not exist (Boulet time).

        I'd look this evening if I find something in the php.ini, I searched a bit in php conf file in/var/www/owncloud but I found nothing meaningful.

        Another small question to the passage, I can't access my usb with the command cd drive directory (CD/media/sda1/owncloud for example), It's been very (very) longtemps que je n’avais pas touché des commandes linux du coup j’ai beaucoup de lacune 🙂

        • I don't know if ca is not stored in the db …. A look at the Forum of owncloud but on my side I have no idea.

        • For directories : you have assembled your partitions correctly ? With the command mount.

  • Halukard

    Thanks for the info I managed a dépatouiller me, the default directory is stored in the /config/config.php file

    Maintenant j’ai un soucis de configuration de samba et de subsonic 😀

  • Paul

    This tutorial seems incomplete. Missing steps… Jāzeps nginx ? At no time you say that it should be installed.

    • Hello. Actually I'm not talking about d install Nginx. I left principle that if you need there is an another tutorial for l install. Here it s is therefore d install Owncloud if you have Nginx

  • TEF

    Good evening,

    I have two concerns when I am logged in owncloud:

    A pop-up window appears every time I click on a menu link (files, music, contact, etc…) that tells me “This content failed to load” and of course when I close this window I have a progress bar (which remains frozen) indicating “Upgrade the file system cache”.

    And when I change something in the menu at the top right (Administration/users/etc…) It does not save anything.

    Problem of rights once again… But where? I dry

  • TEF

    It works o.

    Merci beaucoup 🙂

    In fact I was almost…

    So this is what has worked for me with version 5.0.4 for owncloud :

    Need to edit the file/etc/nginx/sites-available/owncloud to only put the code at this address : https://github.com/owncloud/documentation/blob/master/admin_manual/installation/installation_others.rst

    And change the following lines :

    1- the name of the server (caution it appears in two places) –> server_name owncloud;

    2- the ssl port –> listen 8091 ssl;

    3- the location and the name of certificates :

    –> ssl_certificate /etc/nginx/certs/owncloud.crt;

    –> ssl_certificate_key /etc/nginx/certs/owncloud.key;

    4- the root –> root /var/www/owncloud;

    And thats it. It was really not complicated. I'm a Cannonball…

    I hope that it will serve to others who like me do not have the habit of fiddling around.

    PS : And enough I would like to thank Chris for his patience and his great work.

    • Thanks much for the info (and it is you who has done it all ! 🙂 )

      Updated article updated !

  • Thomas

    Good evening,

    I have the tutorial with new data, I had the famous error “This content failed to load “, now when I enter https:// :8091 I see “502 Bad Gateway nginx/1.2.1” on the demon browser page. Yet I have activate the site with “ln -s /etc/nginx/sites-available/owncloud /etc/nginx/sites-enabled/owncloud” Do you have an idea ?

    Kind regards

    • What is the FastCGI wrapper is well launched ? Because usually the gateway it is this program. There is also more info in /var/log/nginx/.log

  • Thomas

    I did the command “ps - ef ” and if the FastCGI wrapper is the process “fcgiwrap” So yes it is well launched : ” www - data 1876 1 0 20:54 ? 00:00:00 /usr/sbin/fcgiwrap”

    in the log /var/log/nginx/error.log I have :

    2013/04/12 21:08:42 [error] 2525#0: *5 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.1.30, server: owncloud, request: “GET / HTTP/1.1”, upstream: “FastCGI://127.0.0.1:9000”, host: “192.168.1$

    It mentions of the fastcgi indeed.

  • Isador

    Hello,

    I got the same error as you, Thomas.

    In fact it comes from the line “fastcgi_param 127.0.0.1:9000”

    It should be replaced by this line to use php5-fpm (as in the conf of the tutorial database, By the way) :

    “fastcgi_pass unix:/var/run/PHP5-fpm.sock;”

  • TEF

    ARF sorry…

    Actually I forgot this line in my solution.

    Thanks Isador

    • Thomas

      Thank you, les gars tout fonctionne parfaitement 🙂

  • Marc

    Thanks for the tutorial and the details of Isidor

    If like me, After a few tries you get the following error : “nginx: [Emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)” When you restart the server, I advise you to go to this address : http://ibnuyahya.com/nginx-emerg-bind-to-0-0-0-080-failed-98-address-already-in-use/ . It solved my problem.

    Furthermore, the latest version of owncloud is downloadable through the links provided on the changelog : http://owncloud.org/releases/Changelog

  • Hello ,

    After following your tutorial to the letter, I get this error :

    root@raspberrypi:~ # sudo service nginx restart

    Restarting nginx: nginx: [Emerg] SSL_CTX_use_certificate_chain_file(“/etc/SSL/nginx/certs/owncloud.CRT”) failed (SSL: error:02001002:system library:fopen:No. such file or directory error:20074002:BIO routines:FILE_CTRL:System lib error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:System lib)

    nginx: configuration file /etc/nginx/nginx.conf test failed

    I tried to rebuild my certificates : as it says here : http://geekmps.fr/linux-categorie/251-installer-owncloud-5-sous-nginx

    But nothing to do I always get this error, would you have an idea where this could he come?

    (I'm on raspberry model B, moebius 1.1.0, owncloud 5.0.4, installation of nginx following your tutorial)

    • Hello,
      The /etc/ssl/nginx/certs/owncloud.crt file exists ? Either it is defined in another directory ?
      Soon, I'll redo the Owncloud tutorial with version 5 😉

      • I have the following command : find - name *.crt

        But it can't find me anything.

        I even tried a “Nano /etc/ssl/nginx/certs/owncloud.crt”

        But it leaves me a blank file..

        • You did well the stages of generation of certificates ?

  • I have the following command : find - name *.crt

    But it can't find me anything.

    I even tried a “Nano /etc/ssl/nginx/certs/owncloud.crt”

    But it leaves me a blank file..

  • vincentpaulet

    Yes I ve tried to generate by carefully following your procedure at least 3/4 times. J am even arrived at the tt uninstall and aany over again, but nothing to do, j still got this error.

    • Once generated you tried to point Owncloud on these files or copy them to the directory where the server will look for them ?
      I have the impresion that there is a problem between where your certificates and where nginx expect them

  • ___ Yes, You are right, I just find the cause of the problem, an error in the address of the certificates in the file : /etc/nginx/sites-available/owncloud.

    _J' then had this error when the restart Nginx :

    nginx: [Emerg] Socket() [::]:80 failed (97: Address family not supported by protocol)

    nginx: configuration file /etc/nginx/nginx.conf test failed

    that I solved by commenting, in the file/etc/nginx/sites-available/default, the line :

    #listen [::]:80 default_server ipv6only = on; ## listen for ipv6

    _Under connecting me to owncloud (5.0.4 I said because I used the github file on the link of EFT) : I then got an error 502 “Bad Gateway”.

    in the light of the present comments top, I looked in the file : /etc/nginx/sites-available/default line : “fastcgi_param 127.0.0.1:9000”.

    But she was already commented …..

    I then looked in the following file : /etc/nginx/sites-available/owncloud

    location ~ ^(.+?.php)(/.*)?$ {

    try_files $1 = 404;

    include fastcgi_params;

    fastcgi_param SCRIPT_FILENAME $document_root$ 1;

    fastcgi_param PATH_INFO $2;

    fastcgi_param HTTPS on;

    fastcgi_pass 127.0.0.1:9000;

    # Or use unix-socket with ' fastcgi_pass unix:/var/run/PHP5-fpm.sock;’

    I realized that was the line here also. To remove this error 502 I then modified like this :

    fastcgi_param HTTPS on;

    #fastcgi_pass 127.0.0.1:9000;

    fastcgi_pass unix:/var/run/PHP5-fpm.sock;

    And now it works !! Thanks again for your help Chris

    • We really need that I consolidates all your comments to make a tutorial for Owncloud 5 ! 🙂
      Thanks for the Info

      • Bob

        +1

        Si en plus tu peux mettre quelques mots sur la mise à jour 🙂

  • New tutorial with version 5.0.6 ! 🙂

  • Crozy

    Hello, Thanks for be tuto its niquel market. However how to install another site next to like for example Raspcontrol or Transmission ? what setting should make it change ?

    Thank you

    • Hello,
      You must configure other sites in Nginx. Usually I have a different port by site to distinguish them. It happens in/etc/nginx/sites-enabled. You can create a new file by changing the listening port.