OwnCloud How-To

Discussion in 'Technical' started by DarkLight, Feb 16, 2014.


Tags:
  1. DarkLight

    DarkLight I self identify as a Blackhawk Attack Helicopter! Site Supporter

    Access. Sync. Share.

    ownCloud provides universal access to your files via the web, your computer or your mobile devices — wherever you are.

    It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing right on the web.​

    Instead of putting this in the existing ownCloud thread, I figured I would start a new one. I'll post each How-To under this thread (unless we get a sub-forum, in which case each one will be its own thread...not asking for one, just level-setting expectations). I have included a complex password (which if I remember to I will use on all future How-To's) as an example. It is NOT suggested that you use the same password.

    Fedora 20


    OwnCloud How-To for Fedora 20:

    The purpose of this How-To is a start to finish installation of ownCloud under Fedora 20. The reason for the walk-through is that there are some differences specifically in Fedora 20 that make the installation...non-trivial. This tutorial also assumes that you want to leave SELinux (Security Enhanced Linux) enabled on your system. I do not go through how to disable SELinux if you would prefer to do so.

    You can install ownCloud on an existing installation but these steps and commands will install it from scratch on a newly installed "minimal" installation of Fedora 20. The minimal installation is just that. There is no GUI for you to work in so you will need to install an SSH (Secure SHell) client so that you can copy/paste commands (otherwise you are typing them out from scratch and you WILL make mistakes which will be...frustrating to say the least). During the install of a minimal Fedora 20, you are prompted to create a "non-root" user. This user should have SSH access to the box by default.

    Once you have opened an SSH session to the server, issue the command "su -" to become root. You need to be root to perform these commands. This can also be done via the "sudo" command but it is simpler to just act as root for the duration of the install.

    Once at a root prompt, begin by copying/pasting (or typing if that's just how you want to roll) the commands below IN ORDER.

    Some of them take quite a while to complete, so be patient.

    Near the end you will leave your SSH session and go to a browser to do the initial configuration of ownCloud. BE SURE TO COME BACK TO YOUR SSH SESSION! You need to tighten the security back down as soon as ownCloud is installed and configured.

    Code:
    rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-22-x86_64
    yum install -y @web-server php php-cli mysql-server php-mysql php-xml php-gd php-zip php-mbstring policycoreutils policycoreutils-python nano wget net-tools php-pecl-imagick
    yum update -y selinux-policy libselinux
    systemctl enable mariadb.service
    systemctl start mariadb.service
    systemctl enable httpd.service
    systemctl start httpd.service
    firewall-cmd --add-service=http
    firewall-cmd --permanent --add-service=http
    mysql -u root mysql
    CREATE DATABASE owncloud;
    CREATE USER 'clouddb'@'localhost' IDENTIFIED BY 'x10]5~Y35Gi,e7jc#ew4a^y1F[|UBd2k';
    GRANT ALL PRIVILEGES ON owncloud.* TO 'clouddb'@'localhost' IDENTIFIED BY 'x10]5~Y35Gi,e7jc#ew4a^y1F[|UBd2k'; WITH GRANT OPTION;
    quit
    cd /etc/yum.repos.d/
    rpm --import http://download.opensuse.org/repositories/isv:/ownCloud:/community/Fedora_20/repodata/repomd.xml.key
    wget http://download.opensuse.org/repositories/isv:ownCloud:community/Fedora_20/isv:ownCloud:community.repo
    yum install -y owncloud
    semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/owncloud(/.*)?"
    restorecon -R /var/www/html
    
    Now, go to the webpage for owncloud. That will be http://IP-Address/owncloud
    Input an admin account name and password for that user. This will create the owncloud admin user. Don't Hit Enter yet!
    Click "Advanced"
    Leave the Data Folder as it is.
    Click on "MySQL" under "Configure the Database"
    Fill in your Database User (from above). In this case it would be coulddb
    Fill in your Database User Password (from above).
    Fill in the Database Name (from above). In this case it would be owncloud
    For the Database Host, use localhost.
    Almost done!
    Now that the directories below have been created (data and config), you need to modify permissions for SELinux again:

    Code:
    semanage fcontext -d -t httpd_sys_rw_content_t "/var/www/html/owncloud(/.*)?"
    semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/owncloud/data(/.*)?"
    semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/owncloud/config(/.*)?"
    restorecon -R /var/www/html
    mysql_secure_installation
    
    The mysql_secure_installation script/program will ask you a number of questions. The first is basically "what is the root password". This is the MySQL root password and is blank by default. I didn't change it previously because there have been some inconsistencies with how MySQL was behaving and the last thing you want to be doing is troubleshooting MySQL during the install. For the first prompt, just hit <enter>.

    Next it will ask you if you want to change your root password. The correct answer here is YES! Hit "Y" and then enter a password for the MySQL root user. This should be complex and different than your OS root password.

    Next it asks if you want to delete the "anonymous" user. Again the correct answer is yes. Hit "Y".

    Next it will ask if you want to restrict remote root login. This is up to you but the suggestion is "Y".

    Next you are prompted to remove the test database. It is suggested that you hit "Y".

    Finally, you are prompted to reload the privilege table. ABSOLUTELY, otherwise the changes that have been made won't go fully into effect.

    Go back to your browser and hit refresh. If everything "stays" the way it was, you're done with the install and now it's time to configure!

    The official ownCloud documentation for Configuration is here.

    ***ETA 08/18/15***
    There I forgot to put a -y in the list of commands above which caused the install to not work as expected if you copied/pasted all of the commands at once. That is now fixed. It was a '-y' in the final yum command to install owncloud. I also added a line to pre-download the signing key as being prompted for that will also break copying and pasting the 'script' as a whole instead of one line at a time.
     
    Last edited: Aug 18, 2015
    Ganado and melbo like this.
  2. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Very nice write up. Thanks for posting.
     
    Ganado likes this.
  3. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Would you still begin with a minimal install or would you use the Server package if performing this on f22?
     
  4. DarkLight

    DarkLight I self identify as a Blackhawk Attack Helicopter! Site Supporter

    Not sure. Haven't looked at the server base in F22 the main reason for minimal was to keep from putting anything not vital to the app on the box in the first place. I'll see if I can't take a look over the next couple of days.
     
  5. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Thanks DL :)
    Fedora split into 3 products after f20: Server, Workstation and Cloud
    Fedora
     
    DarkLight likes this.
  6. DarkLight

    DarkLight I self identify as a Blackhawk Attack Helicopter! Site Supporter

    @melbo - Yeah, I just haven't had a chance to play with it. Upgraded my 19 -> 20 -> 21 and simply chose workstation and ran with it.

    As for the instructions...things haven't changed much between the two with the exception that dnf has replaced yum (cli compatible but still, throws 'errors' about deprecation).

    The difference in the amount of space used by the different installs is right around 400mb. The difference in installed packages is as follows (including dependencies):
    Base Server w/Owncloud - 778
    Minimal Install w/Owncloud - 456

    I'm attaching (instead of pasting) the list of differences in package installation between the two. Server-not-minimal.txt contains all the rpms installed on a Server install but that don't exist on the Minimal install. Minimal-not-Server.txt is the opposite. In some cases it's a matter of version (for example cups-libs is a different version between the two but they both have cup-libs installed...and it installed from the same media. Go figure).

    That having been said, the script (that I fixed above) works for Fedora 22 Server with either a Server install or a Minimal install. One thing to note, however, is that you will need to install the net-tools package from the console in order to figure out what your IP address is (unless you set it manually) since ifconfig isn't available otherwise in a minimal installation.

    For those of you who aren't @melbo who are still reading, this doesn't go into the in's and out's of setting up the system to be secure with an encrypted disk, etc. That's beyond the scope of what we were doing here but is important to do nonetheless.

    It should be noted that I have done precisely zero investigation as to how much the additional packages potentially raises your attack surface and exposure.
     

    Attached Files:

    Ganado and melbo like this.
  7. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Thank you. I have a few machines running 21 and 22 Wotkstation already. Will check out the files.
     
  8. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Minimal sure is minimal.
     
survivalmonkey SSL seal        survivalmonkey.com warrant canary
17282WuJHksJ9798f34razfKbPATqTq9E7