Installing ownCloud on Ubuntu

The goal today: replacing DropBox with ownCloud. This assumes no web server was previously installed.

Features needed:

  • Files accessible from the internet
  • Ability to synchronize a folder on multiple computers / devices with the main server
  • Transferring data in a secure way, hopefully more secure than Dropbox

Installation

We’ll do it from the command line via SSH.

Install the dependencies

The ownCloud website proposes to run

apt-get install apache2 php5 php5-json php-xml php-mbstring php5-zip php5-gd

but that returns several error messages:

Note, selecting 'php5-common' instead of 'php5-json'
E: Unable to locate package php-xml
E: Unable to locate package php-mbstring
E: Unable to locate package php5-zip

I then tried:

apt-get update
apt-get upgrade
apt-get install apache2 php5 php5-json php5-gd php5-sqlite curl libcurl3 libcurl3-dev php5-curl php5-common php-xml-parser
apt-get install sqlite

And it worked much better. I also ran

apt-get autoremove

afterwards to clean installed packages, but that is not required.

Download and install ownCloud

Download the latest version from ownCloud website:

cd Downloads/
wget http://owncloud.org/releases/owncloud-4.0.6.tar.bz2
tar -xjf owncloud-4.0.6.tar.bz2
mv -r owncloud /var/www
rm owncloud-4.0.6.tar.bz2
chown -R www-data:www-data /var/www

note: www-data is the default group / user used by the apache server.

Configuration

The official website recommends to enable .htaccess and mod_rewrite. The first part is done by editing the 000-default file:

vi /etc/apache2/sites-enabled/000-default

and setting AllowOverride to All
(in vi: select the N of None in “AllowOverride None” and press R (replace), type All, Escape, select the extra e and Delete. Type : x to exit and save.)

The second part is done with the following commands:

a2enmod rewrite
a2enmod headers
service apache2 restart

Then login on http://the-ip/ or http://localhost from the server and finalise the configuration steps.

Securing the server

At the end of the previous step, we have a working ownCloud server. But connections are not encrypted (file content and user/password information), which is a no go.

Creating a Certificate Authority (CA)

That’s a required step to be able to issue the certificate that will be used by the web server.

First edit /etc/ssl/openssl.cnf file, especially:

dir = /root/sslCA
default_days = 3650 # 10 years
default_bits = 2048 # recommended by NSA until 2030
countryName_default = UK
0.organizationName_default = organization name

We will now create the CA in the root directory with permission 700:

cd ~root/
mkdir sslCA
chmod 700 sslCA
cd sslCA
mkdir certs private newcerts

echo 1000 > serial
touch index.txt

openssl req -new -x509 -days 3650 -extensions v3_ca \
-keyout private/cakey.pem -out cacert.pem \
-config /etc/ssl/openssl.cnf

    Country Name (2 letter code) [UK]:
    State or Province Name (full name) [Some-State]:.
    Locality Name (eg, city) []:London
    Organization Name (eg, company) [company]:
    Organizational Unit Name (eg, section) []:
    Common Name (eg, YOUR name) []:web.server.ip.address OR url
    Email Address []:admin@webserver.com

    Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []:
    An optional company name []:

You can enter . to enter a blank information or press [enter] to keep the default value. The Country, State, Organization Name and Common Name fields seem mandatory.

Generating a Certificate for apache

Create the SSL request:

> openssl req -new -nodes \
	-out apache-req.pem \
	-keyout private/apache-key.pem \
	-config /etc/ssl/openssl.cnf

Generate the certificate and copy the files to the ssl directory:

> openssl ca \
	-config /etc/ssl/openssl.cnf \
	-out apache-cert.pem \
	-infiles apache-req.pem
mkdir /etc/ssl/crt
mkdir /etc/ssl/key
cp apache-cert.pem /etc/ssl/crt
cp private/apache-key.pem /etc/ssl/key

Enable HTTPS on the apache server

>  a2enmod ssl
mkdir /var/www/logs
cd /etc/apache2/conf.d
vi httpd-ssl.conf

    <VirtualHost *:443>
    ServerName web.server.ip.address
    SSLEngine on
    SSLCertificateFile /etc/ssl/crt/apache-cert.pem
    SSLCertificateKeyFile /etc/ssl/key/apache-key.pem

    DocumentRoot /var/www/owncloud
    CustomLog /var/www/logs/ssl-access_log combined
    ErrorLog /var/www/logs/ssl-error_log
    </VirtualHost>

service apache2 restart

You can now type https://web.server.ip.address in a browser and the ownCloud login page should appear.

Note: I got various emails reporting an error in PHP:
PHP Warning: PHP Startup: Unable to load dynamic library ‘/usr/lib/php5/20090626+lfs/sqlite.so’ – /usr/lib/php5/20090626+lfs/sqlite.so: cannot open shared object file: No such file or directory in Unknown on line 0

This warning was cleared by commenting out the second line in /etc/php5/conf.d/sqlite.ini with a ;

Synchronizing with a windows computer and mobile devices

  • I installed the Windows Client and… it does not work (can’t connect to the site blablabla)… Hum… Using the default WebClient service on Windows 7 did not work (apparently because of issues with SSL). I tried cyberduck and it seems to work fine to read / write files but the synchronizing process is cumbersome…
  • On Android, ES File Explorer was able to access owncloud by setting a new FTP / WEBDAV server – the address is web.server.ip.address/files/webdav.php
Advertisements
Tagged ,

2 thoughts on “Installing ownCloud on Ubuntu

  1. Olivier says:

    Thanks for your instructions clear and straight… :-)..
    I love Owncloud and it’s nice to see you can get your own private cloud…
    Have a nice day…

  2. Santosh says:

    Much appreciated. Thank you for the detailed steps.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: