[How-To] ownCloud using NGINX, PHP-FPM, and MySQL

[ArgaWoW]

@Jushua
It works for me too.I thank you very much for your advice :)

 

[Joshua Parker Ruehlig]

@Jushua
It works for me too.I thank you very much for your advice :)

great

I have a feeling we only need to compile php56-openssl. and can simplify the steps further. but at least we have something to start with

 

[Smartypants]

Great tutorial everything is working like a charm!

I only have an issue with my HDDs standby. I installed the jail with Owncloud on my SSD so it will not wake my HDD all the time for no reasons but it's doing it anyway.

The system dataset is on the SSD, the jail is on the SSD and I haven't added a storage into the jail. I don't see any reason why it should wake my HDDs up, they are in a totally different volume. Any idea how I can investigate the issue?

Thank you

 

[Joshua Parker Ruehlig]

Great tutorial everything is working like a charm!

I only have an issue with my HDDs standby. I installed the jail with Owncloud on my SSD so it will not wake my HDD all the time for no reasons but it's doing it anyway.

The system dataset is on the SSD, the jail is on the SSD and I haven't added a storage into the jail. I don't see any reason why it should wake my HDDs up, they are in a totally different volume. Any idea how I can investigate the issue?

Thank you

the only thing i can think of is if the disk has swap and the jail is forceing your system to access swap. otherwise there's no crazy virus in nginx/php/mysql that can access devices outside of their userland.

 

[ArgaWoW]

Where do you have your db dataset?

 

[adrianwi]

Although my OC 8.1.1 jail is working fine for syncing files, I've been having some issues with Apps (documents taking a long time to load) and various annoying warning/error messages that various suggested tweaks in the thread haven't removed. I was also struggling to update to 8.1.3 so thought I'd build a new jail with the guide and some of the openssl suggestions over the last few pages.

Doesn't take long now as I've done it several times, and can save some time copy certain config files across from the old jail. Start to finish including SSL and Fail2ban in about 2 hours, although syncing about 200GB across a number of users takes a bit longer :)

After creating the jail, datasets and storage I used WITH_OPENSSL_PORT=yes in /etc/make.conf before installing any packages and have a completely warning/error free install so was wondering whether its worth adding this into the guide?

 

[Joshua Parker Ruehlig]

Although my OC 8.1.1 jail is working fine for syncing files, I've been having some issues with Apps (documents taking a long time to load) and various annoying warning/error messages that various suggested tweaks in the thread haven't removed. I was also struggling to update to 8.1.3 so thought I'd build a new jail with the guide and some of the openssl suggestions over the last few pages.

Doesn't take long now as I've done it several times, and can save some time copy certain config files across from the old jail. Start to finish including SSL and Fail2ban in about 2 hours, although syncing about 200GB across a number of users takes a bit longer :)

After creating the jail, datasets and storage I used WITH_OPENSSL_PORT=yes in /etc/make.conf before installing any packages and have a completely warning/error free install so was wondering whether its worth adding this into the guide?

Probably is a good idea. I'm thinking we add it and recommend compiling the specific ports that need the latest SSL support.

 

[neatfreak]

i thought ill give it another try with your guide. I believe i followed everything i knew how to find but i get an error when i go on xxx.xxx.xxx.xxx/owncloud it says
404 Not Found
so i have a couple questions, i tried search the thread if this was asked before but the search didnt show anything.
in the php-fpm.conf
do i really replace the

Code:

listen = 127.0.0.1:9000 with  
listen = /var/run/php-fpm.sock
    listen.owner = www
    listen.group = www
    env[PATH] = /usr/local/bin:/usr/bin:/bin // and just add this in there?

also after typing
crontab -u www -e
my command window just has a bunch of "~" and nothing happend so i restarted the jail so i could typ something else. other then that i didnt get any errors except that the owncloud setup guide didnt show up in my browser.

thanks.

 

[Joshua Parker Ruehlig]

i thought ill give it another try with your guide. I believe i followed everything i knew how to find but i get an error when i go on xxx.xxx.xxx.xxx/owncloud it says
404 Not Found
so i have a couple questions, i tried search the thread if this was asked before but the search didnt show anything.
in the php-fpm.conf
do i really replace the

Code:

listen = 127.0.0.1:9000 with 
listen = /var/run/php-fpm.sock
    listen.owner = www
    listen.group = www
    env[PATH] = /usr/local/bin:/usr/bin:/bin // and just add this in there?

also after typing
crontab -u www -e
my command window just has a bunch of "~" and nothing happend so i restarted the jail so i could typ something else. other then that i didnt get any errors except that the owncloud setup guide didnt show up in my browser.

thanks.

In the php-fpm.conf file you replace or comment out the listen line and uncomment the other lines.

The "crontab -e" command brings up your users default editor which is probably "vi". Use vi or figure out how to change the editor that is called to something else.

 

[Steven Sedory]

Ok, to confirm, when you browse to http://domain.com/core/img/favicon.png nothing comes up?
But, when you browse to http://domain.com/index.php owncloud loads?

Did you follow the nginx config I posted here?
https://forums.freenas.org/index.ph...x-php-fpm-and-mysql.17786/page-25#post-217063

I apologize for the terribly late response, but this issue resolved on its own somehow. Wish I could tell you what it was. Thanks again for your help Joshua.

 

[Joshua Parker Ruehlig]

I apologize for the terribly late response, but this issue resolved on its own somehow. Wish I could tell you what it was. Thanks again for your help Joshua.

glad to help

 

[neatfreak]

In the php-fpm.conf file you replace or comment out the listen line and uncomment the other lines.

The "crontab -e" command brings up your users default editor which is probably "vi". Use vi or figure out how to change the editor that is called to something else.

great thanks, after watching a few youtube videos on crontabs i then figured out how to save and edit those lines in.
i got it running now :) i better make a snapshot before i do something stupid.

thanks again.

 

[Delivereath]

Hi,

I've used your guide to set up a working Owncloud jail. I can access it without any issue at http://192.168.0.13/owncloud.

I have an nginx reverse proxy running on another VM. I would like to inlude a configuration to access my owncloud server at http://owncloud.mydomain.com.

Here is my reverse proxy config :

Code:

server {
server_name owncloud.mydomain.com; ### Change this name to your dns name

listen 80;
ssl off;
access_log /var/log/nginx/owncloud.access.log;
error_log /var/log/nginx/owncloud.error.log;

location / {
### Proxy Pass Info ###
proxy_pass http://192.168.0.13/owncloud/; ###You can change the ipadress with the remote address of your owncloud server if it $

### Set headers ###
proxy_set_header Accept-Encoding "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_buffering off;
add_header Front-End-Https off;

### Options ##
client_max_body_size 64M;

### Set timeouts ###
proxy_read_timeout 600;
proxy_send_timeout 600;
proxy_connect_timeout 600;
}
}

However, it's not working. When looking at nginx logs on the owncloud jail, I can see a lot of these :

Code:

2015/09/29 10:34:19 [error] 94050#0: *397 open() "/usr/local/www/owncloud/owncloud/core/js/backgroundjobs.js" failed (2: No such file or directory)

My nginx reverse proxy seems to be sending the requests to http://192.168.0.13/owncloud/owncloud which obviously doesn't exist.

Do you know what is wrong on my config ?

Thanks

 

[Joshua Parker Ruehlig]

Hi,

I've used your guide to set up a working Owncloud jail. I can access it without any issue at http://192.168.0.13/owncloud.

I have an nginx reverse proxy running on another VM. I would like to inlude a configuration to access my owncloud server at http://owncloud.mydomain.com.

Here is my reverse proxy config :

Code:

server {
server_name owncloud.mydomain.com; ### Change this name to your dns name

listen 80;
ssl off;
access_log /var/log/nginx/owncloud.access.log;
error_log /var/log/nginx/owncloud.error.log;

location / {
### Proxy Pass Info ###
proxy_pass http://192.168.0.13/owncloud/; ###You can change the ipadress with the remote address of your owncloud server if it $

### Set headers ###
proxy_set_header Accept-Encoding "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_buffering off;
add_header Front-End-Https off;

### Options ##
client_max_body_size 64M;

### Set timeouts ###
proxy_read_timeout 600;
proxy_send_timeout 600;
proxy_connect_timeout 600;
}
}

However, it's not working. When looking at nginx logs on the owncloud jail, I can see a lot of these :

Code:

2015/09/29 10:34:19 [error] 94050#0: *397 open() "/usr/local/www/owncloud/owncloud/core/js/backgroundjobs.js" failed (2: No such file or directory)

My nginx reverse proxy seems to be sending the requests to http://192.168.0.13/owncloud/owncloud which obviously doesn't exist.

Do you know what is wrong on my config ?

Thanks

you might want to remove the /owncloud part of the URL from the proxy_pass line.

 

[Delivereath]

Thanks for your reply.

When doing this, requests are sent to my owncloud jail but wrong target folder since it's sending to the web server root /usr/local/www/ while it should try to reach /usr/local/www/owncloud/.

Do you know how to fix this ?

 

[Jailer]

Change the document root of the backend server config to match where your owncloud installation resides.

 

[Joshua Parker Ruehlig]

good idea @Jailer
I've never proxied nginx to nginx with a webroot but you might want to also look at the nginx config here.
https://www.jruehlig.com/wordpress/installation-configuration-of-freenas-plugins/

 

[Jailer]

@Delivereath I'm no nginx expert but a couple of other things you might want to look at with your proxy config.

Nginx has a top to bottom workflow. You have your listen port listed after your server name in your server block. It sounds like it's still working but is definitely not a best practice. Move it one line above so it's listed before your server name.

Are you logging on your back end server? If so listing the error and access log in the server block is just giving you duplicate logging for the same traffic. If you want to log all traffic that goes through the proxy move that info to the http block on your proxy server config.

In your server block you specify ssl off; Not sure why you have that listed there as you are listening on port 80 and SSL default listen port is 443.

If you want the IP address of your visitor logged on the back end server you'll have to compile nginx from ports on your proxy server with the realip module enabled. The nginx package is not compiled with this option enabled by default and as a result your access logs on the backend server will only show the IP address of the upstream proxy server for every connection. You will also need to add these 2 lines to your http block of your backend server config file to log the real IP of visitors:

Code:

set_real_ip_from (ip address of proxy server); *without quotes
real_ip_header X-Forwarded-For;

 

[Joshua Parker Ruehlig]

nginx does process locations top to bottom (within each location type). but what you are talking about are directives, where order doesn't matter as long as you don't have any conflicting ones (in which case i think last would win).

it's still best to organize things so our human brains understand how things work but the nginx config compiler could care less.

 

[Jailer]

nginx does process locations top to bottom (within each location type). but what you are talking about are directives, where order doesn't matter as long as you don't have any conflicting ones (in which case i think last would win).

That's right, thanks for the correction. You are correct it processes the last one encountered if there is a conflict.

Still learning, but I'm getting there. ;)