Install ownCloud on Ubuntu 20.04
Introduction
This is a short guide to installing ownCloud on a fresh installation of Ubuntu 20.04. Run the following commands in your terminal to complete the installation.
This guide can not go into details and has its limits by nature. If you experience issues like with dependencies of PHP or other relevant things like the operating system, web server or database, look at the Detailed Installation Guide for more information.
Prerequisites and Notes
-
A fresh installation of Ubuntu 20.04 with SSH enabled.
-
This guide assumes that you are working as the root user.
-
Your ownCloud directory will be located in
/var/www/owncloud/
. -
php 7.4 is the default version installable with Ubuntu 20.04.
-
Use the correct Multi-Processing Module (MPM).
-
Read the openSSL Version notes which are important when planning to use encryption.
Preparation
Set Your Domain Name
my_domain="Your.Domain.tld"
echo $my_domain
hostnamectl set-hostname $my_domain
hostname -f
Update Your System
First, ensure that all the installed packages are entirely up to date and that PHP is available in the APT repository. To do so, follow the instructions below:
apt update && \
apt upgrade -y
Create the occ Helper Script
Create a helper script to simplify running occ commands:
FILE="/usr/local/bin/occ"
cat <<EOM >$FILE
#! /bin/bash
cd /var/www/owncloud
sudo -E -u www-data /usr/bin/php /var/www/owncloud/occ "\$@"
EOM
Make the helper script executable:
chmod +x $FILE
Install the Required Packages
apt install -y \
apache2 libapache2-mod-php \
mariadb-server openssl redis-server wget php-imagick \
php-common php-curl php-gd php-gmp php-bcmath php-imap \
php-intl php-json php-mbstring php-mysql php-ssh2 php-xml \
php-zip php-apcu php-redis php-ldap php-phpseclib
Install smbclient php Module
If you want to connect to external storage via SMB you need to install the smbclient php module.
First install the required packages:
apt-get install -y libsmbclient-dev php-dev php-pear
Then install smblclient php module using pecl:
pecl channel-update pecl.php.net
mkdir -p /tmp/pear/cache
pecl install smbclient-stable
echo "extension=smbclient.so" > /etc/php/7.4/mods-available/smbclient.ini
phpenmod smbclient
systemctl restart apache2
Check if it was successfully activated:
php -m | grep smbclient
This should show the following output:
libsmbclient
smbclient
Install the Recommended Packages
Additional useful tools helpful for debugging:
apt install -y \
unzip bzip2 rsync curl jq \
inetutils-ping ldap-utils\
smbclient
Configure Apache
Create a Virtual Host Configuration
FILE="/etc/apache2/sites-available/owncloud.conf"
cat <<EOM >$FILE
<VirtualHost *:80>
# uncommment the line below if variable was set
#ServerName $my_domain
DirectoryIndex index.php index.html
DocumentRoot /var/www/owncloud
<Directory /var/www/owncloud>
Options +FollowSymlinks -Indexes
AllowOverride All
Require all granted
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/owncloud
SetEnv HTTP_HOME /var/www/owncloud
</Directory>
</VirtualHost>
EOM
Configure the Database
It’s recommended to execute mysql_secure_installation to secure the mariadb installation and set a strong password for the database user.
|
Ensure transaction-isolation level is set and performance_schema on.
sed -i "/\[mysqld\]/atransaction-isolation = READ-COMMITTED\nperformance_schema = on" /etc/mysql/mariadb.conf.d/50-server.cnf
systemctl start mariadb
mysql -u root -e \
"CREATE DATABASE IF NOT EXISTS owncloud; \
CREATE USER IF NOT EXISTS 'owncloud'@'localhost' IDENTIFIED BY 'password'; \
GRANT ALL PRIVILEGES ON *.* TO 'owncloud'@'localhost' WITH GRANT OPTION; \
FLUSH PRIVILEGES;"
It is recommended to run mysqltuner script to analyse database configuration after running with load for several days.
Installation
Download ownCloud
cd /var/www/
wget https://download.owncloud.com/server/stable/owncloud-complete-latest.tar.bz2 && \
tar -xjf owncloud-complete-latest.tar.bz2 && \
chown -R www-data. owncloud
Install ownCloud
We recommend to set a strong password for your owncloud admin user and the database user. |
occ maintenance:install \
--database "mysql" \
--database-name "owncloud" \
--database-user "owncloud" \
--database-pass "password" \
--data-dir "/var/www/owncloud/data" \
--admin-user "admin" \
--admin-pass "admin"
Configure ownCloud’s Trusted Domains
my_ip=$(hostname -I|cut -f1 -d ' ')
occ config:system:set trusted_domains 1 --value="$my_ip"
occ config:system:set trusted_domains 2 --value="$my_domain"
Configure the cron Jobs
Set your background job mode to cron:
occ background:cron
Configure the execution of the cron job to every 15 min and the cleanup of chunks every night at 2 am:
echo "*/15 * * * * /var/www/owncloud/occ system:cron" \
| sudo -u www-data -g crontab tee -a \
/var/spool/cron/crontabs/www-data
echo "0 2 * * * /var/www/owncloud/occ dav:cleanup-chunks" \
| sudo -u www-data -g crontab tee -a \
/var/spool/cron/crontabs/www-data
If you need to sync your users from an LDAP or Active Directory Server, add this additional Cron job. Every 4 hours this cron job will sync LDAP users in ownCloud and disable the ones who are not available for ownCloud. Additionally, you get a log file in |
echo "1 */6 * * * /var/www/owncloud/occ user:sync \
'OCA\User_LDAP\User_Proxy' -m disable -vvv >> \
/var/log/ldap-sync/user-sync.log 2>&1" \
| sudo -u www-data -g crontab tee -a \
/var/spool/cron/crontabs/www-data
mkdir -p /var/log/ldap-sync
touch /var/log/ldap-sync/user-sync.log
chown www-data. /var/log/ldap-sync/user-sync.log
Configure Caching and File Locking
occ config:system:set \
memcache.local \
--value '\OC\Memcache\APCu'
occ config:system:set \
memcache.locking \
--value '\OC\Memcache\Redis'
occ config:system:set \
redis \
--value '{"host": "127.0.0.1", "port": "6379"}' \
--type json
Configure Log Rotation
FILE="/etc/logrotate.d/owncloud"
sudo cat <<EOM >$FILE
/var/www/owncloud/data/owncloud.log {
size 10M
rotate 12
copytruncate
missingok
compress
compresscmd /bin/gzip
}
EOM
Finalize the Installation
Make sure the permissions are correct:
cd /var/www/
chown -R www-data. owncloud
ownCloud is now installed. You can confirm that it is ready to enable HTTPS (for example using Let’s Encrypt) by pointing your web browser to your ownCloud installation.
To check if you have installed the correct version of ownCloud and that the occ command is working, execute the following:
occ -V
echo "Your ownCloud is accessable under: "$my_ip
echo "Your ownCloud is accessable under: "$my_domain
echo "The Installation is complete."
We recommend you check out the section Hardening and Security Guidance next. |