Support #572
Updated by Daniel Curtis almost 10 years ago
{{>toc}}
This is a simple guide for setting up ownCloud on a LAMP server on Debian 7 (wheezy).
h1. Prepare The Server
This guide is assumed that a +Bare Debian install with only SSH Server+ access, a user that has sudo access.
* Obtain a root shell and upgrade the server:
<pre>
sudo -s
apt-get update && apt-get upgrade
</pre>
* Set the hostname in the hosts:
<pre>
vi /etc/hosts
</pre>
#* And add/modify the following:
<pre>
127.0.1.1 owncloud.example.com owncloud
</pre>
* And also edit the hostname file:
<pre>
vi /etc/hostname
</pre>
#* And add/modify the following:
<pre>
owncloud
</pre>
* Reboot to apply the hostname settings:
<pre>
reboot
</pre>
h1. Install Apache 2
* Install apache:
<pre>
apt-get install apache2
</pre>
h2. Configure Apache 2
* Edit the default apache2 Vhost config:
<pre>
vi /etc/apache2/sites-available/default
</pre>
#* And add/modify the following VirtualHost block:
<pre>
<VirtualHost *:80>
ServerName owncloud.example.com
DocumentRoot /var/www
<Directory /var/www>
Options -Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
</pre>
#* *NOTE*: Make sure AllowOverride is set to ALL, or else the .htaccess file will not work.
* Restart apache2:
<pre>
service apache2 restart
</pre>
* Now navigate to http://owncloud.example.com and the default *It Works!* should be displayed.
h2. Securing Apache with SSL
* Install openssl:
<pre>
apt-get install openssl
</pre>
* Generate a strong SSL key and a CSR to send for signing by a CA:
<pre>
mkdir /etc/apache2/ssl && cd /etc/apache2/ssl
openssl req -sha512 -out owncloud.example.com.csr -new -newkey rsa:4096 -nodes -keyout owncloud.example.com.key
</pre>
* Make sure to securely copy the SSL certificate to *owncloud.example.com.crt*
* Edit the apache2 default ssl Vhost config file:
<pre>
vi /etc/apache2/sites-available/default-ssl
</pre>
#* And Add the following:
<pre>
<VirtualHost *:443>
ServerName www.example.com
DocumentRoot /var/www
<Directory /var/www>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/owncloud.example.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/owncloud.example.com.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
BrowserMatch "MSIE [2-6]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</pre>
* Change the SSL certificate and key ownership to the apache user:
<pre>
chown www-data:www-data /etc/apache2/ssl/owncloud.example.com.{crt,key}
chmod o-rwx /etc/apache2/ssl/owncloud.example.com.key
</pre>
* Enable the ssl apache modules:
<pre>
a2enmod ssl
</pre>
h3. Forcing SSL on a Website
* Enable forced SSL connection by setting the two lines from earlier in the @.htaccess@ file. Open the file for editing:
<pre>
vi /var/www/.htaccess
</pre>
#* Look for the following two lines, and remove the @#@ characters before them:
<pre>
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</pre>
* Restart apache2:
<pre>
service apache2 restart
</pre>
* Now the website will be accessible from https://owncloud.example.com
h1. Install MySQL 5.5
* Install MySQL server and client:
<pre>
apt-get install mysql-server mysql-client
</pre>
#* *NOTE*: During the setup a prompt will appear to set the *root* MySQL user password. Set a strong password and do not forget it.
h2. Configure a new MySQL database
* Log into the MySQL console:
<pre>
mysql -h localhost -u root -p
</pre>
#* Create the *ownclouduser* user with the *SuperSecretPassword* password and the *ownclouddb* database:
<pre>
CREATE USER 'ownclouduser'@'localhost' IDENTIFIED BY 'SuperSecretPassword';
CREATE DATABASE IF NOT EXISTS `ownclouddb` CHARACTER SET utf8 COLLATE utf8_general_ci;
GRANT ALL PRIVILEGES ON `ownclouddb`.* TO 'ownclouduser'@'localhost';
flush privileges;
exit
</pre>
h1. Install PHP 5
* Install PHP 5 with the apache-php module and a few common PHP extensions:
<pre>
apt-get install php5 libapache2-mod-php5 php5-cli php5-mysql php5-mcrypt php5-gd php5-gd php5-json php-pear php-xml-parser php5-intl php5-sqlite curl libcurl3 libcurl3-dev php5-curl smbclient cifs-utils mp3info zip
</pre>
#* PHP has many extensions, run the following to get a list of all available extensions:
<pre>
apt-cache search php5-
</pre>
* Increase the max upload size for PHP:
<pre>
vi /etc/php5/apache2/php.ini
</pre>
#* And modify the following parameters:
<pre>
upload_max_filesize = 1024M
post_max_size = 1032M
</pre>
* Restart apache for the php module to take effect:
<pre>
service apache2 restart
</pre>
h1. Install ownCloud
* Install git:
<pre>
apt-get install git
</pre>
* Install ownCloud:
<pre>
rm /var/www/*
git clone -b stable8 https://github.com/owncloud/core.git /var/www
</pre>
#* Install ownCloud 3rdparty apps:
<pre>
git clone -b stable8 https://github.com/owncloud/3rdparty.git /var/www/3rdparty
</pre>
* Change the ownership of the ownCloud files to the apache user:
<pre>
chown -R www-data:www-data /var/www
</pre>
h2. (Optional) Install 3rd Party ownCloud Apps
h3. Install ownNote
* Install the ownNote app:
<pre>
git clone https://github.com/Fmstrat/ownnote.git /var/www/apps/ownnote
</pre>
* Edit the owncloud config file:
<pre>
nano /var/www/config/config/php
</pre>
#* And add the following:
<pre>
'custom_csp_policy' => "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src *; font-src 'self' data:; media-src *",
</pre>
#* NOTE: I use MyOwnNotes on Android, available from F-Droid.
h3. News
* Install the News app:
<pre>
git clone https://github.com/owncloud/news.git /var/www/apps/news
</pre>
h3. XMPP
* Install the XMPP app:
<pre>
git clone https://github.com/jsxc/jsxc.git /var/www/apps/jsxc
</pre>