[How-To] ownCloud using NGINX, PHP-FPM, and MySQL

[garyjg]

Joshua, I've done what you mentions and installed an earlier version of owncloud and I'm able to login to the server. thou I'm getting some warning: the datadirectory I have is named ocfiles

Security & setup warnings

• It was not possible to execute the cronjob via CLI. The following technical errors have appeared:
  1. Data directory (\mnt\ocfiles) must be an absolute path Check the value of "datadirectory" in your configuration
  2. Data directory (\mnt\ocfiles) is invalid Please check that the data directory contains a file ".ocdata" in its root.
  3. Cannot create "data" directory (\mnt\ocfiles) This can usually be fixed by <a href="https://doc.owncloud.org/server/8.1/go.php?to=admin-dir_permissions" target="_blank">giving the webserver write access to the root directory</a>.

 

[ArgaWoW]

Hi,
have any one else problems with the activity app of onwlcoud? I followed a guide to solve this problem it seems to point on the database table of activity.

The guide:

1. disable activity
2. emrove the 2 activity mysql tables
3. enable activty app

but still activity dont work for me and the two tables i have deleted are still gone. I tought the would recreate on acitation the app again.

I hope of any advice....

Thank you!

 

[thefox13]

I started a clean jail since I bricked my owncloud 8.2 trying to fix the curl 60 error and followed Joshua's guide again and I also had an issue with:
make install clean -C /usr/ports/security/php56-openssl && pkg install php56-curl
I skipped that and installed php56-curl and continues on....surprisingly, I still have the cURL 60 error which I'm certain has to do with the openSSL version and not the certificates store locally, correct?
I'm going to continue trying to find out with the make step failed.....

 

[garyjg]

anyone having this problem and if so what's the fix???
Security & setup warnings
It was not possible to execute the cronjob via CLI. The following technical errors have appeared:

1. Data directory (\mnt\ocfiles) must be an absolute path Check the value of "datadirectory" in your configuration

 

[garyjg]

Thanks guys... I figured it out.

 

[Joshua Parker Ruehlig]

I started a clean jail since I bricked my owncloud 8.2 trying to fix the curl 60 error and followed Joshua's guide again and I also had an issue with:
make install clean -C /usr/ports/security/php56-openssl && pkg install php56-curl
I skipped that and installed php56-curl and continues on....surprisingly, I still have the cURL 60 error which I'm certain has to do with the openSSL version and not the certificates store locally, correct?
I'm going to continue trying to find out with the make step failed.....

skipping that step wouldn't work, it's critical to fixing this issue. pkg install works because it grabs the dependencies for you, but these aren't compiled with the newer openssl. you have to get the compile working, if it errors during compiling a dependency 'pkg install' the dependency and try the compile again.

 

[Joshua Parker Ruehlig]

Hi,
have any one else problems with the activity app of onwlcoud? I followed a guide to solve this problem it seems to point on the database table of activity.

The guide:

1. disable activity
2. emrove the 2 activity mysql tables
3. enable activty app

but still activity dont work for me and the two tables i have deleted are still gone. I tought the would recreate on acitation the app again.

I hope of any advice....

Thank you!

I upgraded to OC8.2 on my production install and activity works as expected.

 

[garyjg]

anyone having this problem when tiring in install an app in owncloud:

This app cannot be installed because the following dependencies are not fulfilled:

The library openssl is not available. The library ldap is not available.

 

[John Doe]

the bad gateway error problem here.
I can't figure it out. I followed exactly as the guide says.

 

[Joshua Parker Ruehlig]

anyone having this problem when tiring in install an app in owncloud:

This app cannot be installed because the following dependencies are not fulfilled:

The library openssl is not available. The library ldap is not available.

try "pkg install php56-ldap" then restart php-fpm

 

[Joshua Parker Ruehlig]

the bad gateway error problem here.
I can't figure it out. I followed exactly as the guide says.

show the output of 'sockstat'

 

[ArgaWoW]

I upgraded to OC8.2 on my production install and activity works as expected.

I also upgraded to OC8.2. After I do the update I get the error 'error on loading activity' (a message on top in the middle of the windows)

 

[Joshua Parker Ruehlig]

I also upgraded to OC8.2. After I do the update I get the error 'error on loading activity' (a message on top in the middle of the windows)

hmm, now that I think of it, I might have replaced my activisty app from the one from github. I would search the bugs on github, I think this was a known issue. I wonder of they packaged a correct version for 8.2.1

 

[ArgaWoW]

hmm, now that I think of it, I might have replaced my activisty app from the one from github. I would search the bugs on github, I think this was a known issue. I wonder of they packaged a correct version for 8.2.1

How I must do this? Just overwrite the existing app folder?
And... Perhaps would you be so kind and post the link to the files I should use.

Thank you very much for more advice [emoji3]

 

[Joshua Parker Ruehlig]

How I must do this? Just overwrite the existing app folder?
And... Perhaps would you be so kind and post the link to the files I should use.

Thank you very much for more advice [emoji3]

yeah, you replace the apps/activity folder but I don't see an 8.2.0 release here
https://github.com/owncloud/activity/releases
maybe the best solution is to update to 8.2.1 which hopefully fixed this bug

 

[ArgaWoW]

yeah, you replace the apps/activity folder but I don't see an 8.2.0 release here
https://github.com/owncloud/activity/releases
maybe the best solution is to update to 8.2.1 which hopefully fixed this bug

I thought 8.2 is the actual latest release of OC. Or have I something misunderstood
....
Edit:
Forget it. I open the link and now it's clear [emoji6]

 

[Joshua Parker Ruehlig]

I thought 8.2 is the actual latest release of OC. Or have I something misunderstood

they released 8.2.1 yesterday, I assuming it fixes bugs with 8.2.0

 

[wrath]

I get following message:

• Transactional file locking is using the database as locking backend, for best performance it's advised to configure a memcache for locking. See the documentation ↗ for more information.

and in error logs I get a spammed with:

Array to string conversion at /usr/local/www/owncloud/lib/private/template/functions.php#36

any clue what is causing these problems?

 

[Joshua Parker Ruehlig]

I get following message:


and in error logs I get a spammed with:



any clue what is causing these problems?

the first is a warning and can be safely be ignored. but if you want you can setup reddis instead of APCu.

the second sounds like a bug. I suggest you post a bug on github to help get it resolved.

 

[wrath]

the first is a warning and can be safely be ignored. but if you want you can setup reddis instead of APCu.

the second sounds like a bug. I suggest you post a bug on github to help get it resolved.

Thanks man it works great now.

I have another issue now. I cannot share files with other users/groups. When I type I don't get autocomplete or even it I type full name I get nothing.
The sharing settings are turned on and the users belong to the same group with one user as group's admin.

edit: only thing I did different was add https. like cyberjock said.
I also added

add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;

to get rid of other warning from official documentation

full config:

note: there are more changes I took from official doc but they were done later on and this issue was already there.

Code:

worker_processes  4;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        off;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    gzip  off;

    server {
    listen 443 ssl;

    ssl_certificate /usr/local/etc/nginx/server.crt;
        ssl_certificate_key /usr/local/etc/nginx/server.key;

    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
      add_header X-Content-Type-Options nosniff;
      add_header X-Frame-Options "SAMEORIGIN";
      add_header X-XSS-Protection "1; mode=block";
      add_header X-Robots-Tag none;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

    root /usr/local/www;
        location = /robots.txt { allow all; access_log off; log_not_found off; }
        location = /favicon.ico { access_log off; log_not_found off; }
    rewrite ^/caldav(.*)$ /owncloud/remote.php/caldav$1 redirect;
    rewrite ^/carddav(.*)$ /owncloud/remote.php/carddav$1 redirect;
    rewrite ^/webdav(.*)$ /owncloud/remote.php/webdav$1 redirect;

        location ^~ /owncloud {
            index index.php;
       rewrite ^/.well-known/host-meta /owncloud/public.php?service=host-meta last;
            rewrite ^/.well-known/host-meta.json /owncloud/public.php?service=host-meta-json last;

       rewrite ^/.well-known/carddav /owncloud/remote.php/carddav/ redirect;
           rewrite ^/.well-known/caldav /owncloud/remote.php/caldav/ redirect;
       rewrite ^(/owncloud/core/doc/[^\/]+/)$ $1/index.html;
            try_files $uri $uri/ /owncloud/index.php$is_args$args;
            error_page 403 /owncloud/core/templates/403.php;
            error_page 404 /owncloud/core/templates/404.php;
            client_max_body_size 10G;
            fastcgi_buffers 64 4K;
            location ~ ^/owncloud/(?:\.|build|tests|config|lib|3rdparty|templates|data|autotest|occ|issue|indie|db_|console) {
                deny all;
            }
            location ~ \.php(?:$|/) {
                fastcgi_split_path_info ^(.+\.php)(/.*)$;
                fastcgi_pass unix:/var/run/php-fpm.sock;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param PATH_INFO $fastcgi_path_info;
                fastcgi_intercept_errors on;
        fastcgi_param modHeadersAvailable true;
        fastcgi_param HTTPS on;
                include fastcgi_params;
            }

            location ~* \.(?:css|js)$ {
           add_header Cache-Control "public, max-age=7200";
            # Add headers to serve security related headers
            add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
            add_header X-Content-Type-Options nosniff;
            add_header X-Frame-Options "SAMEORIGIN";
            add_header X-XSS-Protection "1; mode=block";
            add_header X-Robots-Tag none;
            access_log off;
            }

            location ~* \.(?:jpg|jpeg|bmp|swf|gif|ico|png|css|js|svg)$ {
        access_log off;
                expires max; add_header Cache-Control public;
            }
        }
}