The goal today: replacing DropBox with ownCloud. This assumes no web server was previously installed.
- Files accessible from the internet
- Ability to synchronize a folder on multiple computers / devices with the main server
- Transferring data in a secure way, hopefully more secure than Dropbox
We’ll do it from the command line via SSH.
Install the dependencies
The ownCloud website proposes to run
apt-get install apache2 php5 php5-json php-xml php-mbstring php5-zip php5-gd
but that returns several error messages:
Note, selecting 'php5-common' instead of 'php5-json'
E: Unable to locate package php-xml
E: Unable to locate package php-mbstring
E: Unable to locate package php5-zip
I then tried:
apt-get install apache2 php5 php5-json php5-gd php5-sqlite curl libcurl3 libcurl3-dev php5-curl php5-common php-xml-parser
apt-get install sqlite
And it worked much better. I also ran
afterwards to clean installed packages, but that is not required.
Download and install ownCloud
Download the latest version from ownCloud website:
tar -xjf owncloud-4.0.6.tar.bz2
mv -r owncloud /var/www
chown -R www-data:www-data /var/www
note: www-data is the default group / user used by the apache server.
The official website recommends to enable .htaccess and mod_rewrite. The first part is done by editing the 000-default file:
and setting AllowOverride to All
(in vi: select the N of None in “AllowOverride None” and press R (replace), type All, Escape, select the extra e and Delete. Type : x to exit and save.)
The second part is done with the following commands:
service apache2 restart
Then login on http://the-ip/ or http://localhost from the server and finalise the configuration steps.
Securing the server
At the end of the previous step, we have a working ownCloud server. But connections are not encrypted (file content and user/password information), which is a no go.
Creating a Certificate Authority (CA)
That’s a required step to be able to issue the certificate that will be used by the web server.
First edit /etc/ssl/openssl.cnf file, especially:
dir = /root/sslCA
default_days = 3650 # 10 years
default_bits = 2048 # recommended by NSA until 2030
countryName_default = UK
0.organizationName_default = organization name
We will now create the CA in the root directory with permission 700:
chmod 700 sslCA
mkdir certs private newcerts
echo 1000 > serial
openssl req -new -x509 -days 3650 -extensions v3_ca \
-keyout private/cakey.pem -out cacert.pem \
Country Name (2 letter code) [UK]:
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) :London
Organization Name (eg, company) [company]:
Organizational Unit Name (eg, section) :
Common Name (eg, YOUR name) :web.server.ip.address OR url
Email Address :firstname.lastname@example.org
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password :
An optional company name :
You can enter . to enter a blank information or press [enter] to keep the default value. The Country, State, Organization Name and Common Name fields seem mandatory.
Generating a Certificate for apache
Create the SSL request:
> openssl req -new -nodes \
-out apache-req.pem \
-keyout private/apache-key.pem \
Generate the certificate and copy the files to the ssl directory:
> openssl ca \
-config /etc/ssl/openssl.cnf \
-out apache-cert.pem \
cp apache-cert.pem /etc/ssl/crt
cp private/apache-key.pem /etc/ssl/key
Enable HTTPS on the apache server
> a2enmod ssl
CustomLog /var/www/logs/ssl-access_log combined
service apache2 restart
You can now type https://web.server.ip.address in a browser and the ownCloud login page should appear.
Note: I got various emails reporting an error in PHP:
PHP Warning: PHP Startup: Unable to load dynamic library ‘/usr/lib/php5/20090626+lfs/sqlite.so’ – /usr/lib/php5/20090626+lfs/sqlite.so: cannot open shared object file: No such file or directory in Unknown on line 0
This warning was cleared by commenting out the second line in /etc/php5/conf.d/sqlite.ini with a ;
Synchronizing with a windows computer and mobile devices
- I installed the Windows Client and… it does not work (can’t connect to the site blablabla)… Hum… Using the default WebClient service on Windows 7 did not work (apparently because of issues with SSL). I tried cyberduck and it seems to work fine to read / write files but the synchronizing process is cumbersome…
- On Android, ES File Explorer was able to access owncloud by setting a new FTP / WEBDAV server – the address is web.server.ip.address/files/webdav.php