Want to subscribe to topics you're interested in?
Become a Member

Current OwnCloud tuto

Discussion in 'Other Web Apps usage' started by Jota, Mar 22, 2016.

  1. Jota

    Jota Member

    75
    18
    8
    Oct 9, 2014
    Ratings:
    +20
    Local Time:
    12:07 AM
  2. Jota

    Jota Member

    75
    18
    8
    Oct 9, 2014
    Ratings:
    +20
    Local Time:
    12:07 AM
    Okay, I decided to use version 8.2.3 and all was Okay until I try to log in to the web interface.

    In fact main screen where you enter mysql credentials worked fine, but after that screen, I got a 404 error.

    Log --> [error] 28531#28531: *30 "/home/nginx/domains/domain.com/public/index.php/apps/files/index.php" is not found (20: Not a directory),

    I guess issue is this one: Owncloud has a buggy Nginx's configuration. - ownCloud Forums

    Any tip ? thanks ! ;)
     
  3. eva2000

    eva2000 Administrator Staff Member

    29,024
    6,587
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,778
    Local Time:
    12:07 AM
    Nginx 1.13.x
    MariaDB 5.5
  4. eva2000

    eva2000 Administrator Staff Member

    29,024
    6,587
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,778
    Local Time:
    12:07 AM
    Nginx 1.13.x
    MariaDB 5.5
    seems official docs at NGINX Configuration · owncloud/documentation Wiki · GitHub

    Example configs
    the 9.x config has some differences for the what is required for php location match in /usr/local/nginx/conf/phpowncloud.conf

    so /usr/local/nginx/conf/phpowncloud.conf would be something like this I believe (not tested)

    Code (Text):
    location ~ \.php(?:$|/) {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
    
        fastcgi_pass   127.0.0.1:9000;
        #fastcgi_pass   unix:/tmp/php5-fpm.sock;
        fastcgi_index  index.php;
    
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
    
    # might shave 200+ ms off PHP requests
    # which don't pass on a content length header
    # slightly faster page response time at the
    # expensive of throughput / scalability
    #sendfile on;
    #tcp_nopush off;
    #keepalive_requests 0;
    
    fastcgi_connect_timeout 60;
    fastcgi_send_timeout 180;
    fastcgi_read_timeout 180;
    fastcgi_buffer_size 512k;
    fastcgi_buffers 512 16k;
    fastcgi_busy_buffers_size 512k;
    fastcgi_temp_file_write_size 512k;
    fastcgi_intercept_errors on;
    
    #new .04+ map method
    fastcgi_param HTTPS $server_https;
    
    # comment out PATH_TRANSLATED line if /usr/local/lib/php.ini sets following:
    # cgi.fix_pathinfo=0
    # as of centminmod v1.2.3-eva2000.01 default is set to cgi.fix_pathinfo=1
    
    fastcgi_param  PATH_TRANSLATED    $document_root$fastcgi_path_info;
    
    fastcgi_param  QUERY_STRING       $query_string;
    fastcgi_param  REQUEST_METHOD     $request_method;
    fastcgi_param  CONTENT_TYPE       $content_type;
    fastcgi_param  CONTENT_LENGTH     $content_length;
    
    fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
    fastcgi_param  REQUEST_URI        $request_uri;
    fastcgi_param  DOCUMENT_URI       $document_uri;
    fastcgi_param  DOCUMENT_ROOT      $document_root;
    fastcgi_param  SERVER_PROTOCOL    $server_protocol;
    
    fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
    fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
    
    fastcgi_param  REMOTE_ADDR        $remote_addr;
    fastcgi_param  REMOTE_PORT        $remote_port;
    fastcgi_param  SERVER_ADDR        $server_addr;
    fastcgi_param  SERVER_PORT        $server_port;
    fastcgi_param  SERVER_NAME        $server_name;
    
    # PHP only, required if PHP was built with --enable-force-cgi-redirect
    fastcgi_param  REDIRECT_STATUS    200;
    
                       }


    and /usr/local/nginx/conf/owncloud.conf
    Code (Text):
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
    
    client_max_body_size 10G; # set max upload size
    fastcgi_buffers 64 4K;
    
    index index.php;
    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;
    
    rewrite ^/.well-known/carddav /remote.php/dav/ permanent;
    rewrite ^/.well-known/caldav /remote.php/dav/ permanent;
    
    # The following 2 rules are only needed for the user_webfinger app.
    # Uncomment it if you're planning to use this app.
    #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
    
    location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
    }
    
    location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ {
    deny all;
    }
    
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
    deny all;
    }
    
    location / {
    
    rewrite ^/remote/(.*) /remote.php last;
    rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
    
    try_files $uri $uri/ =404;
    }
    


    All untested so :)
     
    • Like Like x 1
  5. Jota

    Jota Member

    75
    18
    8
    Oct 9, 2014
    Ratings:
    +20
    Local Time:
    12:07 AM
    Thanks mate, but seems to not be working.

    Anyway, it's fine ... thanks again for your help ! ;)
     
    • Like Like x 1
  6. Ahmad

    Ahmad Active Member

    209
    80
    28
    Apr 13, 2015
    Ratings:
    +150
    Local Time:
    4:07 PM
    1.9.9
    10.1.10
    I have a working owncloud site on a centminmod vps. It's still 8.x and not planning to upgrade to 9.x anytime soon. Mostly used the owncloud nginx configuration guide.
    Will post my config later when I am on my pc.
     
    • Like Like x 2
  7. Jota

    Jota Member

    75
    18
    8
    Oct 9, 2014
    Ratings:
    +20
    Local Time:
    12:07 AM
    Hey thanks Ahmad ! I'm sure that will help a lot !

    Cheers !
     
  8. Ahmad

    Ahmad Active Member

    209
    80
    28
    Apr 13, 2015
    Ratings:
    +150
    Local Time:
    4:07 PM
    1.9.9
    10.1.10
    Nginx vhost, may need to adapt it with your ssl config:
    Code (Text):
    server {
      listen 443 ssl http2;
      server_name mydomain.com www.mydomain.com;
    
      ssl_dhparam /usr/local/nginx/conf/ssl/mydomain.com/dhparam.pem;
      ssl_certificate      /etc/letsencrypt/live/mydomain.com/fullchain.pem;
      ssl_certificate_key  /etc/letsencrypt/live/mydomain.com/privkey.pem;
      include /usr/local/nginx/conf/ssl_include.conf;
    
      # mozilla recommended
      ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA:!DES-CBC3-SHA;
      ssl_prefer_server_ciphers   on;
      ########add_header Alternate-Protocol  443:npn-spdy/3;
      # HTTP Public Key Pinning Header uncomment only one that applies include or exclude domains. 
      # You'd want to include subdomains if you're using SSL wildcard certificates
      # include subdomain
      #add_header Public-Key-Pins 'pin-sha256="LiZ43ky3AeWJWGMMEwSFL7K7VluhCyXxpc4fNMrEKW8=8ZudVEGSQ0KeoljREq9TMRaJCw4VdutRH8gYIwGIqUM="; pin-sha256="6j6EWkvIehZMt3GBbpcLPgEeAewLmun459IZLoOQo/I=fnk11YGOKNCHP1O0KiDuC5oLZ+clLgxQPby05wPL944="; max-age=86400; includeSubDomains';
      # exclude subdomains
      #add_header Public-Key-Pins 'pin-sha256="LiZ43ky3AeWJWGMMEwSFL7K7VluhCyXxpc4fNMrEKW8=8ZudVEGSQ0KeoljREq9TMRaJCw4VdutRH8gYIwGIqUM="; pin-sha256="6j6EWkvIehZMt3GBbpcLPgEeAewLmun459IZLoOQo/I=fnk11YGOKNCHP1O0KiDuC5oLZ+clLgxQPby05wPL944="; max-age=86400';
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header  X-Content-Type-Options "nosniff";
      #add_header X-Frame-Options DENY;
      ########spdy_headers_comp 5;
      ssl_buffer_size 1400;
      ssl_session_tickets on;
      # enable ocsp stapling
      resolver 8.8.8.8 8.8.4.4 valid=10m;
      resolver_timeout 10s;
      ssl_stapling on;
      ssl_stapling_verify on;
      ssl_trusted_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;  
    
      # Turn off pagespeed for this vhost
      pagespeed off;
    
      access_log /home/nginx/domains/mydomain.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/mydomain.com/log/error.log;
    
      root /home/nginx/domains/mydomain.com/public;
    
      # prevent access to ./directories and files
      location ~ (?:^|/)\. {
        deny all;
      }  
    
      include /usr/local/nginx/conf/owncloud.conf;
      include /usr/local/nginx/conf/phpowncloud.conf;
      include /usr/local/nginx/conf/staticfiles.conf;
      #include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    


    /usr/local/nginx/conf/owncloud.conf:
    Code (Text):
    client_max_body_size 10G; # set max upload size
    fastcgi_buffers 64 4K;
    
    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
    
    index index.php;
    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;
    
    
    location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
         deny all;
    }
    
    location / {
        # The following 2 rules are only needed with webfinger
        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
    
        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
    
        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
    
        try_files $uri $uri/ index.php;
    }
    
    location ~ ^/home/nginx/domains/mydomain.com/public/data/.+$ {
        internal;
        root /;
    }
    
    location ~ ^/tmp/oc-noclean/.+$ {
        internal;
        root /;
    }
    
    location ~ "^/tmp/owncloud-oc[a-zA-Z0-9]{10}/.+$" {
        internal;
        root /;
    }
    

    I had alot of issues when using the "normal" php file (/usr/local/nginx/conf/php.conf) and after alot of research I couldn't find a solution so I tested alot and giving the site a dedicated php-fpm pool fixed all the issues for som reasons. So you may need to do that too.

    Also you need to append the following to /usr/local/etc/php-fpm.conf:
    Code (Text):
    env[HOSTNAME] = $HOSTNAME
    env[PATH] = /usr/local/bin:/usr/bin:/bin
    env[TMP] = /tmp
    env[TMPDIR] = /tmp
    env[TEMP] = /tmp
    
     
    • Like Like x 1
    • Informative Informative x 1
  9. Jota

    Jota Member

    75
    18
    8
    Oct 9, 2014
    Ratings:
    +20
    Local Time:
    12:07 AM
    I'll check this later .... will update you with the results, thanks buddy !!! ;)
     
  10. Jota

    Jota Member

    75
    18
    8
    Oct 9, 2014
    Ratings:
    +20
    Local Time:
    12:07 AM
    I never have time for this things ..... also I'm so lazy and getting old ! :D
     
    • Like Like x 1