Install Owncloud in HTTPS on your Raspberry Pi with Nginx

Warning : This article has been automatically translated by Bing Translate


Danger : This article has been automatically translated by Bing Translate


Caveat : This article has been automatically translated by Bing Translate

La série des installations Owncloud continue. J’ai raté la version 6 alors je me rattrape avec la 7 (7.0.1 pour être précis !). Here is therefore the installation instructions are updated !

Installer Owncloud 7 en HTTPS sur votre Raspberry Pi avec Nginx

I spend Owncloud description, You can find all the information on official site. Turn to the nitty-gritty !

As usual I start with the distribution Moebius. This has several advantages :

  • minimalist on the disk with only 700 MB
  • minimalist in memory with 25 MB after first start
  • not Apache installed by default

I use the user root to make everything. Not much but practical. If you do not use, Remember to add the statement sudo before each command.

  1. Update the system and install NTP for clock synchronization.
    apt-get update && apt-get upgrade -y && apt-get install ntp && apt-get install raspi-config

    Now think about use raspi-config to finish the configuration of your server as extend the filesystem

  2. Install the required packages
    apt-get install nginx php5-fpm php5 php5-json php5-gd php5-sqlite curl libcurl3 libcurl3-dev php5-curl php5-common php-xml-parser sqlite php-apc
  3. Create directory for the sources
    mkdir /var/www
  4. Download the latest version of Owncloud
    cd /var/www
    wget http://download.owncloud.org/community/owncloud-7.0.1.tar.bz2
  5. Unpack the archive download
    tar jxvf owncloud-7.0.1.tar.bz2
  6. Change the owner of the directory
    chown -R www-data:www - data/var/www/owncloud
  7. Create the directory /etc/nginx/certs If there is no
    mkdir /etc/nginx/certs
  8. Generate the certificates for the site. You must be in the directory /etc/nginx/certsAttention : use a strong password to generate your certificate. The certificate is valid 365 days. Need to generate a new one year
    cd/etc/nginx/certs openssl genrsa-des3-out owncloud.key 1024
    
    openssl req - new - key owncloud.key - out owncloud.csr cp owncloud.key owncloud.key.org openssl rsa - in owncloud.key.org - out owncloud.key openssl x 509 - req - days 365 -in owncloud.csr -signkey owncloud.key -out owncloud.crt
  9. Remove unnecessary file
    rm owncloud.csr owncloud.key.org
  10. Create a file /etc/nginx/sites-available/owncloud (You choose the port). The source is available here
    server {
    	listen 8091 ssl;
    	ssl_certificate /etc/nginx/certs/owncloud.crt;
    
    	ssl_certificate_key /etc/nginx/certs/owncloud.key;
    
    	error_log /var/log/nginx/owncloud.log;
    	access_log /var/log/nginx/owncloud.log;
    
    	server_name owncloud;
    
    	root /var/www/owncloud;
    
    	client_max_body_size 10G; # set max upload size
    	fastcgi_buffers 64 4K;
    
    	rewrite ^/caldav((/|$).*)$ /remote.php/caldav$1 last;
    	rewrite ^/carddav((/|$).*)$ /remote.php/carddav$1 last;
    	rewrite ^/webdav((/|$).*)$ /remote.php/webdav$1 last;
    
    	index index.php;
    
    	error_page 403 = /core/templates/403.php;
    	error_page 404 = /core/templates/404.php;
    
    	location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
            }
    
            location ~ ^/(?:\.htaccess|data|config|db_structure.xml|README) {
                    deny all;
            }
    
            location / {
                    # The following 2 rules are only needed with webfinger
                    rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
                    rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
    
                    rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
                    rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
    
                    rewrite ^(/core/doc/[^/]+/)$ $1/index.html;
    
                    try_files $uri $uri/ index.php;
            }
    
            location ~ .php(?:$|/) {
                    fastcgi_split_path_info ^(.+\.php)(/.+)$;
                    include fastcgi_params;
                    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                    fastcgi_param PATH_INFO $fastcgi_path_info;
                    fastcgi_param HTTPS on;
                    fastcgi_pass unix:/var/run/PHP5-fpm.sock;
            }
    
            # Optional: set long EXPIRES header on static assets
            location ~* \.(?:jpg|jpeg|gif|bmp|ICO|PNG|CSS|JS|SWF)$ {
                    expires 30d;
                    # Optional: Don't log access to assets
                    access_log off;
            }
    
    }
    
  11. Enable the site
    ln -s /etc/nginx/sites-available/owncloud /etc/nginx/sites-enabled/owncloud
  12. Change the rights on the shared directory. My House is /owncloud.
    chown -R www-data:www-data /owncloud
  13. Edit the file /etc/php5/fpm/php.ini to increase the size of files that can be sent
    upload_max_filesize = 700M post_max_size = 800M
  14. Restart NGINX and php5-fpm
    Service nginx restart service php5-fpm restart
  15. Accessing Owncloud with https://<IP_du_Raspberry> :<port_in_the_configuration>/
    Installer Owncloud 7 en HTTPS sur votre Raspberry Pi avec Nginx
  16. And this is !
    Installer Owncloud 7 en HTTPS sur votre Raspberry Pi avec NginxInstaller Owncloud 7 en HTTPS sur votre Raspberry Pi avec Nginx

 

You may also like...

  • south

    Bravo and thank you for this tutorial.
    installation worked 1 shot!
    I installed it on Xbian.
    Par contre je cherche à connecter un DD branché en USB sur le Raspberry (formaté Linux et monté en Ext4 dans /media) et je ne trouve pas la solution. Am I missing something at the level of the configuration?
    Thank you for your help
    south

    • Hello. In the installation there is the base of storage directory. You can choose or when data

      • south

        Thank you for your reply.
        I tried to edit in config.php and it generated an error and Owncloud blocking.
        I just reinstalled by choosing good storage before finalizing and everything is OK.
        Is it possible to make the modification (or add another storage) without reinstall everything?
        Again thank you for this tutorial very well done
        south

        • It is not obvious but initially feasible : http://forum.owncloud.org/viewtopic.php?t=7118

          • south

            Hello
            actually the change seems a bit complicated (for a beginner), I believe that it is better to reinstall.

            Another question, the program works properly from a web browser, the iOs app,(yet to try Android.)
            I can transfer files to the server, but the office apps don't work.
            On Mac and Windows XP, the app opens but it is unable to synchronize files (internal error 1060. Server certificate commonName attibute missing in subjectname).
            On Windows7 “cannot open in safe mode.”
            An idea?
            Thanks in advance
            south

          • The certificate is self signed what can be problematic. More when it is created it must be inform. And enable authorization of the certificate in the client : http://forum.owncloud.org/viewtopic.php?f=14&t=18820

  • conreo

    Hello,

    Small question about the creation of the certificate, What should be are formed to be support and imported on a smartphone android under jellybean or earlier?
    I test used DAVdroid with my server owncloud but his blocks a installation of the certificate…

    PS: idea of improvement : configuration de fail2ban avec owncloud 😉 sa fait 1 and a half years I have an arm server running and sometimes it y of foreign ip attempting this top log…

    • Hello. The .pem cannot suffice ? For Amazon's AWS machines is that they give and it works (on my ipad)

      Thanks for the tip fail2ban !

  • Step 10 is not well formatted. Could you copy it in another way? Maybe in paste.org

    Thnks

  • Theo

    Hello, I have a problem with the client windows and Davdroid
    with the windows client synchronization does not want to be in my sharing folder , the message following appears :
    Server certificate was missing commonName attribute in subject name because I have indeed supported on enter when creating the certificate,
    I tried to recreate a certificate, but it did not work then I tried to correct it with a script found on a site, but still the same problem ….
    Here is the site in question: http://www.turnkeylinux.org/forum/support/20131014/commonname-attribute-error

    I get a connect me without problems to the server however