so do you always access owncloud from http://mydomain.net:8099/owncloud/ (and never locally on port 80?)Wrong port because of my custom port setup. It brings me back to 80 instead of 8099
fastcgi_param SERVER_PORT 8099;
It is possible to get it working perfectly, but I don't know enough to figure it out.Yes, that's correct, sir.
Unfortunately that fastcgi_param didn't do the trick but actually it's just so tiny glitch that I'm not sure if it's worth tying to fix it. I'm not sure if it's fixable at all since we always will have two situations: when reached locally and when not!?
Thank you all!
I suggest you try to quantify the slowness somehow, I think there may be benchmarking tools somewhere. also you might be better off asking this in the OC forum.I messed up badly with my OC Jail and I had to set it up again from scratch. The thing is that despite I've done everything exactly as I did before the server seems to work really slow. When it comes to discover each directory it takes quite some time before changing to the next one... and I have about 30k files in like 4.5k folders.... I definitely worked faster before, but I have no idea what might have changed. Could anyone help me debug this issue?
BONUS: Updating Owncloud
Everyone likes bonuses right? Buy-one-get-one-free and the like? So here's how I updated my Owncloud from 6.0.1 to 6.0.2. You'll know if Owncloud is out of date because you'll go to your Owncloud Server's webpage and see a warning at the top that it's not the latest and greatest.
NOTE: I'd verify that SSL above works before doing an update. You don't want to do an SSL and update at the same time in case you have problems. Better to change 1 thing at a time so if something goes wrong you have fewer things that can/could go wrong.
Since I'll be installing 6.0.2 the file location is http://download.owncloud.org/community/owncloud-6.0.2.tar.bz2 You can either change the file name yourself or go to owncloud.org and find the link yourself. I went to owncloud.org just to make sure that the link was correct.
Inside the jail as root run the following commands:
# service nginx stop
# cd /tmp
# fetch http://download.owncloud.org/community/owncloud-6.0.2.tar.bz2
# tar jxvf owncloud-*.tar.bz2 -C /usr/local/www
# rm owncloud-*.tar.bz2
# chown -R www:www /usr/local/www/owncloud
# service nginx start
That's it! If you go to http(s)://ip/owncloud there will be a page that says it's updating and to please wait, but within about 10 seconds it refreshed and Owncloud was back online for me.
If you've been reading my posts elsewhere the PBI version sucked because the performance was just horrid with a large number of small files. Throughput was great for large files though. Something like 8000 files totalling 4.6GB took over 16 hours to upload(I stopped counting at 16 hours). With 6.0.2 and using NGINX, PHP-FPM, and MySQL(MariaDB) I was able to sync 8173 files totalling 5.3GB in less than 40 minutes on the same hardware! That's over 18x faster!
Thanks to Joshua for starting this thread with his guide!
fetch http://download.owncloud.org/community/owncloud-8.0.3.tar.bz2
For whatever reason I couldn't get ownCloud to update to 8.0.3 using the updater. I used the manual method @cyberjock had outlined on page 3 of this post, i was hesitant at first because my understanding of SQL/PHP is VERY limited.
I used his commands as listed in order with one expection, I replaced jock's fetch command with:
Code:fetch http://download.owncloud.org/community/owncloud-8.0.3.tar.bz2
Thanks again for everyone's effort put in the forums.
Not much need to be changed. Just make sure to remove this line until owncloud 8.0.4 or 8.1 is released.Hi, I thought I would explain my experience. I have 7.0.5 running very nicely, with ssl and a self signed cert. Thanks to all the dedicated members of this forum. My initial install was 6.x, and all upgrades went swimmingly until 8.0. There are several posts in this thread that explain several issues people are having, and a page or two back -- a link to an ownCloud forum that talks about known upgrade issues.
For me, I've tried upgrading with 8.0 and then with every point version to 8.0.3. I've tried going straight to 8.0.3. I've tried creating a brand new jail and following Josh's guide to install 8.0.3. With all attempts, I get the "blank browser screen." Interestingly, the ownCloud sync client on my laptop seemed to work just fine...I just couldn't access the web guide for my server. I decided to revert back to 7.0.5. I had a backup, but didn't need it -- it seems just using cyberjock's upgrade instructions to reinstall the older version over the newer one worked (for me).
It seems that enough has been changed with 8.x, that an easy upgrade may not be possible for some people's setup. Some users have declared that they have successfully migrated to 8, so it is likely a combination of things. I plan to try again sometime, but for now am happy with what seems to be a fully functional 7.0.5. My only fear is that at some point the desktop client won't work with 7.x.
I have a Lenovo TS-140 with i3-4130 dual core, 20 GB ram, FreeNAS 9.3.
I'll post my experience if I ever do get oc 8.0.x running properly in a jail with this guide. The plugin version of ownCloud is unbearably slow...
Sean
fastcgi_param MOD_X_ACCEL_REDIRECT_ENABLED on;
php /usr/local/www/owncloud/occ upgrade
why did you fresh install 8.0.2 instead of 8.0.3?So, I tried upgrading again and finally irreversibly trashed my owncloud jail. That's the bad news. The good news... I was able to install 8.0.2 into a new jail with new database and data folders. Previously, I had been trying to upgrade on top of the old db, and it didn't work. Then I just pulled my backed up data into the new dataset.
Hopefully upgrading to 8.0.3 will go smoother.
SDC
Sure, my setup might be a bit different then yours so modify for you own use case. Also you can thank PiBa from the pfsense forums who added a bunch of features to the HAProxy-devel plugin at my request.
NETWORK LAYOUT
HAProxy
Varnish (Optional, really only useful for the public websites I host)
- Accepts HTTPS Requests, overwrites client_ip and protocol header
- Offloads SSL (for multiple domains), decides which cert to send using SNI
- Forwards to Varnish
NGINX (On my FreeBSD server, in your case FreeNAS)
- Accepts HTTP Requests, if not forwarded from HAProxy overwrites client_ip and protocol header
- Caches static objects
- Forwards to different backends depending on requested URI / host health (I have a dedicated FreeBSD webserver for ownCloud and other PHP programs, a static backup running on my pfSense box for public websites I host, and plugins on my FreeNAS box )
- sets real_IP
- sets https variable based on protocol header
NOTES THAT MAY LEAD YOU IN THE RIGHT DIRECTION
- Changed pfSense WebUI to listen on 444
- I have HAProxy listening on port 443 WAN, made a rule to open this port, no NAT needed
- HAProxy Frontend
- check 'use forwardfor option'
- 'use httpclost option' = http-server-close
- check 'use offloading'
- certificate = default certificate, add this in pfsense Cert Manager, uncheck Add ACL for certificate CommonName
- Additional certificates = add any others, uncheck Add ACL for certificate CommonName
- Advanced ssl options = no-sslv3 ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA
- Varnish is listening on port 80, made a rule to open this port, no NAT needed
- Varnish (I recommend you skip this part unless you know what you're doing)
- set settings in pfSense WebUI as close as possible
- Advanced startup options = "-f /usr/local/etc/varnish/default.vcl"
Code:cp /var/etc/default.vcl /usr/local/etc/varnish/default.vcl
/usr/local/etc/varnish/default.vcl
Code:sub vcl_recv { if (!client.ip ~ haproxy) { set req.http.X-Forwarded-For = client.ip; set req.http.X-Forwarded-Proto = "http"; } # Custom logic to handle different URIs }
/usr/local/etc/nginx/nginx.conf
Code:#sendfile on; #this isn't helpful is serving files from ZFS set_real_ip_from 192.168.1.1; real_ip_header X-Forwarded-For; map $http_x_forwarded_proto $server_https { default off; https on; } map $http_x_forwarded_proto $host_port { default 80; https 443; }
/usr/local/etc/nginx/fastcgi_params
Code:fastcgi_index index.php; fastcgi_param HTTPS $server_https; fastcgi_param SERVER_NAME $host; fastcgi_param SERVER_PORT $host_port;
Sure, my setup might be a bit different then yours so modify for you own use case. Also you can thank PiBa from the pfsense forums who added a bunch of features to the HAProxy-devel plugin at my request.
NETWORK LAYOUT
HAProxy
Varnish (Optional, really only useful for the public websites I host)
- Accepts HTTPS Requests, overwrites client_ip and protocol header
- Offloads SSL (for multiple domains), decides which cert to send using SNI
- Forwards to Varnish
NGINX (On my FreeBSD server, in your case FreeNAS)
- Accepts HTTP Requests, if not forwarded from HAProxy overwrites client_ip and protocol header
- Caches static objects
- Forwards to different backends depending on requested URI / host health (I have a dedicated FreeBSD webserver for ownCloud and other PHP programs, a static backup running on my pfSense box for public websites I host, and plugins on my FreeNAS box )
- sets real_IP
- sets https variable based on protocol header
NOTES THAT MAY LEAD YOU IN THE RIGHT DIRECTION
- Changed pfSense WebUI to listen on 444
- I have HAProxy listening on port 443 WAN, made a rule to open this port, no NAT needed
- HAProxy Frontend
- check 'use forwardfor option'
- 'use httpclost option' = http-server-close
- check 'use offloading'
- certificate = default certificate, add this in pfsense Cert Manager, uncheck Add ACL for certificate CommonName
- Additional certificates = add any others, uncheck Add ACL for certificate CommonName
- Advanced ssl options = no-sslv3 ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA
- Varnish is listening on port 80, made a rule to open this port, no NAT needed
- Varnish (I recommend you skip this part unless you know what you're doing)
- set settings in pfSense WebUI as close as possible
- Advanced startup options = "-f /usr/local/etc/varnish/default.vcl"
Code:cp /var/etc/default.vcl /usr/local/etc/varnish/default.vcl
/usr/local/etc/varnish/default.vcl
Code:sub vcl_recv { if (!client.ip ~ haproxy) { set req.http.X-Forwarded-For = client.ip; set req.http.X-Forwarded-Proto = "http"; } # Custom logic to handle different URIs }
/usr/local/etc/nginx/nginx.conf
Code:#sendfile on; #this isn't helpful is serving files from ZFS set_real_ip_from 192.168.1.1; real_ip_header X-Forwarded-For; map $http_x_forwarded_proto $server_https { default off; https on; } map $http_x_forwarded_proto $host_port { default 80; https 443; }
/usr/local/etc/nginx/fastcgi_params
Code:fastcgi_index index.php; fastcgi_param HTTPS $server_https; fastcgi_param SERVER_NAME $host; fastcgi_param SERVER_PORT $host_port;
I don't have any experience using squid as a reverse proxy. Varnish is much simpler and more performant for that task. Any reason you want to use squid?Hi, I've been reading/following this thread as I have been working through this setup. I was able to get owncloud running serving http/https no problem. I also have pfsense and initially configured squid3 as a reverse proxy which worked fine for all other apps https or http I have on my freenas box...but not Owncloud. Is there some special code that must be in the nginx.conf file to allow reverse proxy to work? Or does this lie in the config.php like so many articles on the web discuss? As seen in the attached pict, it appears there are some major problems servicing files through the reverse proxy.
For now I have given up on Squid3 unless you have some insight and i'm trying to get haproxy to work...so far no luck but I have not lost hope. Thanks in advance for any suggestions.
I don't have any experience using squid as a reverse proxy. Varnish is much simpler and more performant for that task. Any reason you want to use squid?
Nice, glad you got it working. I actually use both HAProxy and Varnish in my setup. But, Varnish doesn't do much for owncloud as most everything has a cookie and wouldn't be cached. But forsure, HAProxy is great for SSL.Not anymore. I just got haproxy working, i like it very much so feel free to ignore my question. I had to turn the health checker on HAProxy to none then it started working. Just wanted SOMETHING to work for me. But i'm good now, thanks.
root@owncloud:/ # service nginx start && service php-fpm start && service mysql-server start Performing sanity check on nginx configuration: nginx: [emerg] location "^/owncloud/(?:\.|data|config|db_structure\.xml|README)" is outside location "/owncloud" in /usr/local/etc/nginx/nginx.conf:22 nginx: configuration file /usr/local/etc/nginx/nginx.conf test failed Starting nginx. nginx: [emerg] location "^/owncloud/(?:\.|data|config|db_structure\.xml|README)" is outside location "/owncloud" in /usr/local/etc/nginx/nginx.conf:22 /usr/local/etc/rc.d/nginx: WARNING: failed to start nginx
you aren't supposed to replace the whole nginx.conf, just modify a few lines at the beginning, then replace the whole server block.Code:root@owncloud:/ # service nginx start && service php-fpm start && service mysql-server start Performing sanity check on nginx configuration: nginx: [emerg] location "^/owncloud/(?:\.|data|config|db_structure\.xml|README)" is outside location "/owncloud" in /usr/local/etc/nginx/nginx.conf:22 nginx: configuration file /usr/local/etc/nginx/nginx.conf test failed Starting nginx. nginx: [emerg] location "^/owncloud/(?:\.|data|config|db_structure\.xml|README)" is outside location "/owncloud" in /usr/local/etc/nginx/nginx.conf:22 /usr/local/etc/rc.d/nginx: WARNING: failed to start nginx
I just replaced all the content of nginx.conf with yours, because of luck of experience with regexp and nginx itself, and got lines above. This is 3rd jail so far.. Could you point me the right direction, because the error seems too general for me.
Btw, is it ok to exec all the comands in FreeNAS CLI or should I use any instance of SSH?
Also, following your man, I found no /var/db/mysql/my.cnf existing, so the question is should I worry about any unix permissions creating it?
I replaced it because most of the content was either similar to yours or commented anyway.you aren't supposed to replace the whole nginx.conf, just modify a few lines at the beginning, then replace the whole server block.