[How-To] ownCloud using NGINX, PHP-FPM, and MySQL

[jcbergqu]

Ok. So I started MySQL-server, then tried to run "MySQL_secure_installation" again. I get the same error. See below...

I'm baffled. So many people have been able to make it work. I don't know what I'm doing wrong... Thanks for trying to help!

 

[Joshua Parker Ruehlig]

Ok. So I started MySQL-server, then tried to run "MySQL_secure_installation" again. I get the same error. See below...

View attachment 10171

I'm baffled. So many people have been able to make it work. I don't know what I'm doing wrong... Thanks for trying to help!

sockstat will show what sockets you have open. also, you installed mysql instead mariadb100, it might a different default socket.

 

[jcbergqu]

Joshua,

Thanks so much for your help! I was successful in getting ownCloud up and running. Has anyone asked about .mov files? I followed your optional guide for video preview; works for standard mp4 files but not mov. Is there an additional package that would pick these up? Thanks again!

 

[Joshua Parker Ruehlig]

Joshua,

Thanks so much for your help! I was successful in getting ownCloud up and running. Has anyone asked about .mov files? I followed your optional guide for video preview; works for standard mp4 files but not mov. Is there an additional package that would pick these up? Thanks again!

not that I know off.
I don't see anything specific about .mov files here
https://doc.owncloud.org/server/8.2...er/config_sample_php_parameters.html#previews

if you want you can check the preview code what file extensions Movie maps to.

 

[jcbergqu]

Ok. Thanks. I looked through the owncloud documentation and did some google searches... There are apparently some apps that can be added to owncloud (video js) that supposedly allow other video file types to work. I will research it further to figure it out. Just thought you may already figured it out. Thanks again!

 

[Joshua Parker Ruehlig]

Ok. Thanks. I looked through the owncloud documentation and did some google searches... There are apparently some apps that can be added to owncloud (video js) that supposedly allow other video file types to work. I will research it further to figure it out. Just thought you may already figured it out. Thanks again!

I believe that's for playing videos, which is different then generating thumbnail previews. not sure which one you meant.

 

[jcbergqu]

I guess I meant playing videos. In my testing after installation I attempted to move a .mov file from my iphone to a folder created on the owncloud server. The file transfers fine, but will not open from the same iphone from within the owncloud app on the phone. A mp4 file placed in the same folder plays fine.

 

[joehell]

Hi there,

I followed this "how-to" to make my owncloud properly, an it works quite well !

But I have an isse while my desktop client uploads large files (about 4 GB). At the end of the upload, I get the following message : "Gateway Time-Out"
I tried to solve the problem following the comments here : https://www.scalescale.com/tips/nginx/504-gateway-time-out-using-nginx/ but I don't find the specified folders and files (www.conf).
Anyone can help me ?
Thanks !

 

[Joshua Parker Ruehlig]

Hi there,

I followed this "how-to" to make my owncloud properly, an it works quite well !

But I have an isse while my desktop client uploads large files (about 4 GB). At the end of the upload, I get the following message : "Gateway Time-Out"
I tried to solve the problem following the comments here : https://www.scalescale.com/tips/nginx/504-gateway-time-out-using-nginx/ but I don't find the specified folders and files (www.conf).
Anyone can help me ?
Thanks !

I recommend taking a look at this
https://doc.owncloud.org/server/8.2...iles/big_file_upload_configuration.html#nginx

 

[zaggynl]

Thanks for the tutorial!

Is it possible to add another dataset to Owncloud?
I've tried adding storage to /mnt/files/datasetname and /mnt/files/admin/datasetname but no folders appear in Owncloud.

Edit:
Found out how to do this:
- Add jail storage, attach dataset as readonly to /mnt/files/admin/datasetname (haven't tested without readonly)
- open a shell in Owncloud jail using FreeNAS webui
- change directory to owncloud folder: cd /usr/local/www/owncloud
- switch to www user: su -fm www
- run php scan command: php console.php files:scan --all
- exit shell and verify dataset contents have appeared in Owncloud webui

 

[Joshua Parker Ruehlig]

Thanks for the tutorial!

Is it possible to add another dataset to Owncloud?
I've tried adding storage to /mnt/files/datasetname and /mnt/files/admin/datasetname but no folders appear in Owncloud.

Edit:
Found out how to do this:
- Add jail storage, attach dataset as readonly to /mnt/files/admin/datasetname (haven't tested without readonly)
- open a shell in Owncloud jail using FreeNAS webui
- change directory to owncloud folder: cd /usr/local/www/owncloud
- switch to www user: su -fm www
- run php scan command: php console.php files:scan --all
- exit shell and verify dataset contents have appeared in Owncloud webui

I don't recommend you manage your files this way. Do you intend on accessing these additional datasets other then through owncloud?
Owncloud doesn't expect files in its data-directory (/mnt/files) to be modified by any process other then itself.

If you do want a way to modify files other then through owncloud you should be using the owncloud app (External storage support). Mount the datasets not on top of the data-directory (like at /mnt/more-files) then add them as a "Local" mountpoint in the owncloud admin page to whatever user(s) need to access them. You can also set how often these directories should be scanned for changes.
https://doc.owncloud.org/server/8.2...files/external_storage_configuration_gui.html

 

[tamilmad]

Here's the official docs. https://doc.owncloud.org/server/8.2/admin_manual/maintenance/manual_upgrade.html
Looks like we need to..

• backup /usr/local/www/owncloud/config/config.php
• Replace the old /usr/local/www/owncloud directory with the latest one.
• move any apps that wer uninstalled from /usr/local/www/owncloud/apps
• run 'occ upgrade'

Someone can give this a try if they like.

Code:

mv /usr/local/www/owncloud /usr/local/www/owncloud-bak
fetch "http://download.owncloud.org/community/owncloud-8.2.2.tar.bz2" #update version accordingly
tar jxf owncloud-*.tar.bz2 -C /usr/local/www
cp /usr/local/www/owncloud-bak/config/config.php /usr/local/www/owncloud/config
# copy any missing apps from /usr/local/www/owncloud-bak/apps to /usr/local/www/owncloud/apps
chown -R www:www /usr/local/www/owncloud
chsh -s /bin/sh www
su www
cd /usr/local/www/owncloud
php ./occ upgrade
exit
rm -r owncloud-*.tar.bz2 /usr/local/www/owncloud-bak

I followed the steps except the commented step. After I login from the webui of owncloud it says the version is 8.2.2. But all my users and and the corresponding directories were not there. thankfully I had taken a snapshot just before attempting this update and I have reverted back. please help me where I am going wrong. thanks.

 

[Joshua Parker Ruehlig]

I followed the steps except the commented step. After I login from the webui of owncloud it says the version is 8.2.2. But all my users and and the corresponding directories were not there. thankfully I had taken a snapshot just before attempting this update and I have reverted back. please help me where I am going wrong. thanks.

after the update are the files still existing in the user's directory? I don't know why an update would forget about existing files.

 

[zaggynl]

I've successfully added a Letsencrypt cert! https://www.ssllabs.com/ssltest/analyze.html?d=zaggy.nl
After adding fail2ban for Owncloud login I think it's fairly secure.

During stress testing (I'm syncing a 1.8TB folder back to my desktop) I noticed FreeNAS running out of memory, OOM killer at work, reboot/process restarts needed, etc.
Appears to be resolved through:
adding/changing:
php_admin_value[memory_limit] = 64M
in /usr/local/etc/php-fpm.conf and restart php-fpm.

adding/changing:
innodb_buffer_pool_size =384M
key_buffer =256M
query_cache_size =128M
query_cache_limit =1M
thread_cache_size =8
max_connections =400
innodb_lock_wait_timeout =100
in /var/db/mysql/my.cnf and restart mysql-server.
Above is an example and should be set to something appropriate to server hardware/usage.

As speed was fairly low through owncloud client even on LAN max ~30MB/s (even with large files)
I recompiled nginx with spdy and changed
listen 443 ssl
to
listen 443 ssl spdy
in /usr/local/etc/nginx/nginx.conf
Speed is now ~60MB/s, sometimes.
webdav managed ~110MB/s
What is everyone managing in transfer speed?

 

[tamilmad]

after the update are the files still existing in the user's directory? I don't know why an update would forget about existing files.

Today I redid the whole process again and am sucessfull. I am able to access all my users and all the files are intact.

I must have missed something in my earlier attempt which I am not able to figure out.

Thanks for the confidence you inspire by your support and expertise.

 

[Joshua Parker Ruehlig]

Today I redid the whole process again and am sucessfull. I am able to access all my users and all the files are intact.

I must have missed something in my earlier attempt which I am not able to figure out.

Thanks for the confidence you inspire by your support and expertise.

welcome, glad you got it working!

 

[tamilmad]

I've successfully added a Letsencrypt cert! https://www.ssllabs.com/ssltest/analyze.html?d=zaggy.nl
After adding fail2ban for Owncloud login I think it's fairly secure.

During stress testing (I'm syncing a 1.8TB folder back to my desktop) I noticed FreeNAS running out of memory, OOM killer at work, reboot/process restarts needed, etc.
Appears to be resolved through:
adding/changing:
php_admin_value[memory_limit] = 1024M
in /usr/local/etc/php-fpm.conf and restart php-fpm.

adding/changing:
innodb_buffer_pool_size =384M
key_buffer =256M
query_cache_size =128M
query_cache_limit =1M
thread_cache_size =8
max_connections =400
innodb_lock_wait_timeout =100
in /var/db/mysql/my.cnf and restart mysql-server.
Above is an example and should be set to something appropriate to server hardware/usage.

As speed was fairly low through owncloud client even on LAN max ~30MB/s (even with large files)
I recompiled nginx with spdy and changed
listen 443 ssl
to
listen 443 ssl spdy
in /usr/local/etc/nginx/nginx.conf
Speed is now ~60MB/s, sometimes.
webdav managed ~110MB/s
What is everyone managing in transfer speed?

Can you elaborate on getting the certificate and the changes you made in the config for https. When you find time please make a step by step instructions so that many (like me) can easily follow.

Thanks

 

[zaggynl]

Can you elaborate on getting the certificate and the changes you made in the config for https. When you find time please make a step by step instructions so that many (like me) can easily follow.

Thanks

My personal notes are quite messy, I need to redo the whole process to make a proper howto for myself too, this is what I did from the top of my head:

On the owncloud freenas jail:
SSL
Cloned the github repo from: https://github.com/letsencrypt/letsencrypt
Following these instructions on acquiring the cert and configuring basic nginx settings: https://adambard.com/blog/using-letsencrypt-with-nginx/
Changed some more nginx settings to improve ssllabs rating: https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html and https://sethvargo.com/getting-an-a-plus-on-qualys-ssl-labs-tester/

Fail2ban
Followed this guide: https://forums.freenas.org/index.php?threads/install-and-setup-fail2ban-on-owncloud-portsjail.19216/
Added this to /usr/local/etc/fail2ban/jails.local:
[owncloud]
enabled = true
filter = owncloud
action = ipfw-owncloud
logpath = /mnt/files/owncloud.log
maxretry = 3
port = 80,443
protocol = tcp

My/usr/local/etc/fail2ban/filter.d/owncloud.conf (borrowed from https://github.com/AykutCevik/owncloud-fail2ban)
[Definition]
failregex = {"reqId":".*","remoteAddr":".*","app":"core","message":"Login failed: '.*' \(Remote IP: '<HOST>'\)","level":2,"time":".*"}
ignoreregex =

Verify fail2ban works by attempting to login 3 times with incorrect credentials, you should be banned for 10m after last attempt, also check /var/log/fail2ban.log.

 

[tamilmad]

My personal notes are quite messy, I need to redo the whole process to make a proper howto for myself too, this is what I did from the top of my head:

On the owncloud freenas jail:
SSL
Cloned the github repo from: https://github.com/letsencrypt/letsencrypt
Following these instructions on acquiring the cert and configuring basic nginx settings: https://adambard.com/blog/using-letsencrypt-with-nginx/
Changed some more nginx settings to improve ssllabs rating: https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html and https://sethvargo.com/getting-an-a-plus-on-qualys-ssl-labs-tester/

Fail2ban
Followed this guide: https://forums.freenas.org/index.php?threads/install-and-setup-fail2ban-on-owncloud-portsjail.19216/
Added this to /usr/local/etc/fail2ban/jails.local:
[owncloud]
enabled = true
filter = owncloud
action = ipfw-owncloud
logpath = /mnt/files/owncloud.log
maxretry = 3
port = 80,443
protocol = tcp

My/usr/local/etc/fail2ban/filter.d/owncloud.conf (borrowed from https://github.com/AykutCevik/owncloud-fail2ban)
[Definition]
failregex = {"reqId":".*","remoteAddr":".*","app":"core","message":"Login failed: '.*' \(Remote IP: '<HOST>'\)","level":2,"time":".*"}
ignoreregex =

Verify fail2ban works by attempting to login 3 times with incorrect credentials, you should be banned for 10m after last attempt, also check /var/log/fail2ban.log.

I am reproducing the error I get as below after I cloned letsencrypt.
----------------------------------------------------------------------------------------
root@owncloud:/letsencrypt # ./letsencrypt-auto
WARNING: FreeBSD support is very experimental at present...
if you would like to work on improving it, please ensure you have backups
and then run this script again with the --debug flag!
root@owncloud:/letsencrypt # ./letsencrypt-auto --debug
Bootstrapping dependencies via FreeBSD...
./letsencrypt-auto: : Permission denied
-------------------------------------------------------------------------------------------
Am I doing correctly or did you follow a different procedure. Thanks for your efforts.

 

[mcolinp]

I just ran a pending update for the latest Freenas (9.3 Stable), and it seems that it may have done something bad to the owncloud jail I had setup. I can no longer access it through a browser; and the sync client is not connecting either . . .

Anyone else experiencing this?

-UPDATE- Restarting the jail seems to have sorted it out.