Your very own cloud storage...

Discussion in 'Technical' started by DarkLight, Feb 15, 2014.

  1. DarkLight

    DarkLight Live Long and Prosper - On Hiatus

    I'm trying to take back a lot of my privacy and one of the things I need to do to accomplish that is get off of Google as much as possible. I've dumped my Facebook account (personal...still have my author page) and I'm "this close" to putting a server back up to allow me to run my own mail server.

    The last thing I will need to do is dump my Google Drive account but I've been hesitant to do that since, well, it's so darned convenient. Having important data "off-site" just makes sense to a certain degree. What doesn't make sense is putting it in the hands of at least one of the alleged PRISM folks.

    Enter OwnCloud. The project is just that, your Own Cloud storage either on the Internet or even just at home. I found this little gem I'm guessing about 6 months ago but just haven't had the time, patience, energy or time (yeah, I said that twice) to get it running. There were a number of "pre-built" VMs that I could run but that meant trusting someone else to build my lockbox...kinda defeats the purpose. A lot of them are built on Ubuntu and the longer Canonical goes on, the less security focused they seem to be, so I didn't want to use the pre-built machines.

    Next, I tried installing Fedora 20 (based at least partly on @melbo's experience with it), and putting owncloud there. Using BTFRS and LUKS to encrypt the drive. This...has been an exercise in futility up to this point. I still don't know what the problem is with apache (web server) and the inability to grant the appropriate rights to the folder. However, tonight I gave it up and installed CentOS 6.4, a minimal install, and I'm now running owncloud as a VM on my laptop.

    It took about 20 minutes to install the base machine, then I had to install a few prerequisites. I'll post a how-to later. Once the prerequisites were installed, I ran the web installer for OwnCloud which pulled down everything I needed, barked about a few more prereq's and then I was done. It actually took less time to install everything than it did to set up an AWS instance on the Amazon Cloud (yes, I have one of for a year).

    In less than 30 minutes I went from nothing to my own private cloud that I can manage and full control over.

    One of the best parts of this particular configuration is that there are even clients (like the old Live Sync from Microsoft or Google Drive client) for Windows, Mac, Linux, iOS and Android! Yes, you can push and pull documents into your own cloud from literally ANY internet enabled device you own.

    Now, to figure out why CentOS was so much easier than Fedora...
    swampbilly, chelloveck and melbo like this.
  2. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Nice report.
    Owncloud is on my todo list still after a few more SM server tweaks.

    Not sure what apache problems Fedora was giving you? It usually comes down to chmod/chown permissions on directories and files or a SELinux AVN denial.

    Now you can safely store all your dogecoins in the cloud!!
  3. DarkLight

    DarkLight Live Long and Prosper - On Hiatus

    During testing I went so far as chmod -R 777 for the entire sub-directory that OwnCloud lived in and chown -R apache:apache the same thing. Not ideal but I was troubleshooting.

    Didn't even occur to me that SELinux might be shooting me in the head. I agree with Linus...that should have never been put in.

    Now I'm off to reinstall F20 minimal again to see if that was it.

    Like I said, once I get it done I'll write up a how-to (because you WILL run into something that the instructions don't cover on the site).
  4. melbo

    melbo Hunter Gatherer Administrator Founding Member

    You may need to chown -R darklight:darklight
    Fedora is a pita with proper permissions although it adds an extra layer of security that I don't mind having on the SM server.

    Check it first but I believe to temp disable SELinux you can run:
     setenforce 0
  5. DarkLight

    DarkLight Live Long and Prosper - On Hiatus

    SELinux was the culprit. Right now it's disabled and things are chugging away smoothly. I will set it to permissive to see if that fixes things as well and then, if necessary, I guess I can actually configure SELinux to allow what I'm asking it to do...though it seems a bit of a pain to have to go that route.

    Then again I may just drop SELinux for "political" reasons.
  6. melbo

    melbo Hunter Gatherer Administrator Founding Member

    In Gnome, SELinux violations (AVN Denials) pop up as notifications and if you click through to 'details', it usually gives you the hint on how to allow that process.

    More on permissive: 5.4. Enabling and Disabling SELinux
  7. DarkLight

    DarkLight Live Long and Prosper - On Hiatus

    May have to install a desktop on the system to see where the error is (the easy way). It's a minimal install with no GUI right now to keep it lightweight.
  8. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Yeah, headless is best for servers. I suppose you could always rm the DE after you had it running.
  9. DarkLight

    DarkLight Live Long and Prosper - On Hiatus

    Looks like there was a specific bug filed that was supposedly resolved (fix pushed to Fedora Stable) on the 12th. Didn't work. I have to say, I while I love working with an open source system that is community driven, some things (like SELinux) can be more trouble than they are worth.

    In that vein, I've fixed it! I actually made SELinux work. This will be part of my how-to but the key was to install the "policycoreutils-python" package and then run the following:

    semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/owncloud/data(/.*)?"
    semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/owncloud/config(/.*)?"
    restorecon -R /var/www/html
    Now to get OpenSSL fixed...
    BTPost likes this.
  10. kckndrgn

    kckndrgn Monkey+++ Moderator Emeritus Founding Member

    interesting. I'm assuming to use this you will need either a hosting service for a domain or a static IP address?

    I actually have both :) My personal site is hosted by DreamHost and I have mySQL installed there (running wordpress on my really out of date site), and I have a static IP at home, because I used to run my own DNS/WEB site/Email/etc.
  11. DarkLight

    DarkLight Live Long and Prosper - On Hiatus

    You could either run it on a VPS/Dedicated off-site system, or at home, or both (though I don't think there's a sync option).

    For the time being I'm going to run it at home because I'm not flush enough with cash to have an off-site/off-shore vps.

    Once I do, I will insist that the machine be built by me instead of "pre-provisioned". I pick the flavor and I walk through the process. Things like encrypted file system would be paramount.
  12. melbo

    melbo Hunter Gatherer Administrator Founding Member

    You can run it from home if you have a static IP and then reach it from inside your network or outside via internet with the proper port forwards.
  13. melbo

    melbo Hunter Gatherer Administrator Founding Member

    You'll probably also need to create your LAMP stack. You already have Linux but will need to install Apache, MySQL and PHP to complete your server.
  14. DarkLight

    DarkLight Live Long and Prosper - On Hiatus

    Believe me, I know. I spent a day getting everything just right for the How-To. :)
survivalmonkey SSL seal warrant canary