Doc: Manual Installation

Manual Installation on Linux

Install the Required Packages

When Are Stable Channel Packages Updated?

Packages in the supported distributions’ stable channels are not immediately updated following a release.
This is because we need to make sure that the release is sufficiently stable, as many people use automatic updates.
By waiting a number of business days after a tarball has been released, we are able to make this assessment, based on a number of criteria which include the submitted bug reports from systems administrators.

If you are planning on running additional apps, keep in mind that you might require additional packages.
See xref:installation/manual_installation.adoc#prerequisites[the prerequisites list] for details.

Ubuntu 18.04 LTS Server

To prepare your Ubuntu 18.04 server for the use with ownCloud, follow https://github.com/owncloud/docs/blob/master/modules/admin_manual/pages/installation/server_prep_ubuntu_18.04.adoc.

RHEL (RedHat Enterprise Linux) 7.2

Required Extensions

yum install subscription-manager

Enable the RHEL Server 7 repository

sudo subscription-manager repos --enable rhel-server-rhscl-7-eus-rpms

Install the required packages

sudo yum install httpd mariadb-server php72 php72-php php72-php-opcache \
    php72-php-gd php72-php-mbstring php72-php-mysqlnd

Optional Extensions

sudo yum install -y epel-release http://rpms.remirepo.net/enterprise/remi-release-7.rpm yum-utils \
  && sudo yum-config-manager --enable remi-php72 \
  && sudo yum update -y \
  && sudo yum install -y php72-pecl-apcu \
    redis php72-php-pecl-redis php72-php-ldap \
    mariadb-server mariadb

CentOS 7

sudo yum install -y -q epel-release http://rpms.remirepo.net/enterprise/remi-release-7.rpm yum-utils \
  && sudo yum-config-manager --enable remi-php72 \
  && sudo yum update -y -q \
  && sudo yum install -y -q \
    httpd mariadb-server php72 php72-php php72-php-gd \
    php72-php-mbstring php72-php-mysqlnd php72-php-cli \
    php72-pecl-apcu redis php72-php-pecl-redis php72-php-common php72-php-opcache \
    php72-php-ldap mariadb-server mariadb \
  && sudo scl enable php72 bash

SLES (SUSE Linux Enterprise Server) 12

Required Extensions

sudo zypper install -y apache2 apache2-mod_php7 php7-gd php7-openssl \
    php7-json php7-curl php7-intl php7-sodium php7-zip php7-zlib

Optional Extensions

sudo zypper install -y php7-ldap
APCu

We are not aware of any officially supported APCu package for SLES 12.
However, if you want or need to install it, then we suggest the following steps:

wget http://download.opensuse.org/repositories/server:/php:/extensions/SLE_12_SP1/ server:php:extensions.repo -O /etc/zypp/repos.d/memcached.repo
zypper refresh
zypper install php5-APCu
Redis

The latest versions of Redis servers have shown to be incompatible with SLES 12.
Therefore it is currently recommended to download and install version 2.2.7 or a previous release from: https://pecl.php.net/package/redis.
Keep in mind that version 2.2.5 is the minimum version which ownCloud supports.

If you want or need to install it, we suggest the following steps:

zypper refresh
zypper install -y php7-redis

Install ownCloud

Now download the archive of the latest ownCloud version:

  • Go to the ownCloud Download Page.
  • Go to Download ownCloud Server > Download > Archive file for server owners and download either the tar.bz2 or .zip archive.
  • This downloads a file named owncloud-x.y.z.tar.bz2 or owncloud-x.y.z.zip (where x.y.z is the version number).
  • Download its corresponding checksum file, e.g., owncloud-x.y.z.tar.bz2.md5, or owncloud-x.y.z.tar.bz2.sha256.
  • Verify the MD5 or SHA256 sum:
md5sum -c owncloud-x.y.z.tar.bz2.md5 < owncloud-x.y.z.tar.bz2
sha256sum -c owncloud-x.y.z.tar.bz2.sha256 < owncloud-x.y.z.tar.bz2
md5sum  -c owncloud-x.y.z.zip.md5 < owncloud-x.y.z.zip
sha256sum  -c owncloud-x.y.z.zip.sha256 < owncloud-x.y.z.zip
  • You may also verify the PGP signature:
wget https://download.owncloud.com/server/stable/owncloud-x.y.z.tar.bz2.asc
wget https://download.owncloud.com/owncloud.asc
gpg --import owncloud.asc
gpg --verify owncloud-x.y.z.tar.bz2.asc owncloud-x.y.z.tar.bz2
  • Now you can extract the archive contents.
    Run the appropriate unpacking command for your archive type:
tar -xjf owncloud-x.y.z.tar.bz2
unzip owncloud-x.y.z.zip
  • This unpacks to a single owncloud directory.
    Copy the ownCloud directory to its final destination.
    When you are running the Apache HTTP server, you may safely install ownCloud in your Apache document root:
cp -r owncloud /path/to/webserver/document-root

where /path/to/webserver/document-root is replaced by the document root of your Web server:

cp -r owncloud /var/www

On other HTTP servers, it is recommended to install ownCloud outside of the document root.

Configure the Web Server

Configure Apache

On Debian, Ubuntu, and their derivatives, Apache installs with a useful configuration, so all you have to do is create an /etc/apache2/sites-available/owncloud.conf file with these lines in it, replacing the Directory and other file paths with your own file paths:

Alias /owncloud "/var/www/owncloud/"

<Directory /var/www/owncloud/>
  Options FollowSymlinks
  AllowOverride All

 <IfModule mod_dav.c>
  Dav off
 </IfModule>

 SetEnv HOME /var/www/owncloud
 SetEnv HTTP_HOME /var/www/owncloud

</Directory>

Then create a symlink to /etc/apache2/sites-enabled:

ln -s /etc/apache2/sites-available/owncloud.conf /etc/apache2/sites-enabled/owncloud.conf

Additional Apache Configurations

  • For ownCloud to work correctly, we need the module mod_rewrite.
    Enable it by running: a2enmod rewrite.
    Additionally recommended modules are mod_headers, mod_env, mod_dir, mod_mime, and mod_unique_id.
    To enable them, run the following commands:
  a2enmod headers
  a2enmod env
  a2enmod dir
  a2enmod mime
  a2enmod unique_id

NOTE: If you want to use Marketplace[the OAuth2 app], then http://httpd.apache.org/docs/current/mod/mod_headers.html[mod_headers] must be installed and enabled.

  • You must disable any server-configured authentication for ownCloud, as it uses Basic authentication internally for DAV services.
    If you have turned on authentication on a parent folder (via, e.g., an AuthType Basic directive), you can disable the authentication specifically for the ownCloud entry.
    Following the above example configuration file, add the following line in the <Directory section
Satisfy Any
  • When using SSL, take special note of the ServerName.
    You should specify one in the server configuration, as well as in the CommonName field of the certificate.
    If you want your ownCloud to be reachable via the internet, then set both of these to the domain you want to reach your ownCloud server.

  • Now restart Apache

service apache2 restart
  • If you’re running ownCloud in a sub-directory and want to use CalDAV or CardDAV clients make sure you have configured the correct xref:configuration/general_topics/general_troubleshooting.adoc#service-discovery[Service Discovery] URLs.

Apache Mod_Unique_Id Configuration

http://httpd.apache.org/docs/current/mod/mod_unique_id.html[mod_unique_id]:

Provides a magic token for each request which is guaranteed to be unique across “all” requests under very specific conditions.

If you enable the module, there is nothing else that you have to do, as ownCloud automatically includes the UNIQUE_ID environment variable, which the module makes available, in ownCloud’s log file.

To confirm that it’s working though, check that the UNIQUE_ID environment variable is being set, by running phpinfo() (as in the screenshot below).

image:installation/webservers/apache/mod_unique_id/phpinfo.png[phpinfo() showing that Apache is sending the UNIQUE_ID value from mod_unique_id]

Next, compare the value set for UNIQUE_ID in the output of phpinfo() with the value in ownCloud’s log file, to ensure that they’re the same.
In the example below, you can see an example log entry, where ownCloud is logging the unique id provided by Apache, as the value for the first key reqId in the record.

include::{examplesdir}installation/webservers/apache/log-entry.json[]

Enable SSL

NOTE: You can use ownCloud over plain HTTP, but we strongly encourage you to use SSL/TLS to encrypt all of your server traffic, and to protect user’s logins and data in transit.

Apache installed under Ubuntu comes already set-up with a simple self-signed certificate.
All you have to do is to enable the ssl module and the default site. Open a terminal and run:

a2enmod ssl
a2ensite default-ssl
service apache2 reload

NOTE: Self-signed certificates have their drawbacks - especially when you plan to make your ownCloud server publicly accessible. You might want to consider getting a certificate signed by a commercial signing authority. Check with your domain name registrar or hosting service for good deals on commercial certificates.

Multi-Processing Module (MPM)

prefork - Apache HTTP Server Version 2.4[Apache prefork] has to be used.
Don’t use a threaded MPM like event or worker with mod_php, because PHP is currently PHP: Apache 2.x on Unix systems - Manual[not thread safe].

Configure NGINX

NGINX Unique_Id Configuration

NGINX supports functionality similar to Apache’s mod_unique_id, called {nginx-app-tracing-url}[Application Tracing].
To enable it, please add the following code to the server block of your ownCloud NGINX configuration.

fastcgi_param UNIQUE_ID $request_id;

TIP: For more details, please refer to {nginx-app-tracing-url}[Application Tracing with NGINX and NGINX Plus].

Run the Installation Wizard

After restarting Apache, you must complete your installation by running either the Graphical Installation Wizard or on the command line with the occ command.
To enable this, temporarily change the ownership on your ownCloud directories to your HTTP user

TIP: Refer to the xref:set-strong-directory-permissions[Set Strong Directory Permissions] section to learn how to find your HTTP user):

chown -R www-data:www-data /var/www/owncloud/

NOTE: Admins of SELinux-enabled distributions may need to write new SELinux rules to complete their ownCloud installation; see xref:installation/configuration_notes_and_tips.adoc#config-notes-and-tips-selinux[the SELinux guide] for a suggested configuration.

To use occ refer to the xref:installation/command_line_installation.adoc[command-line installation details].
To use the graphical Installation Wizard refer to xref:installation/installation_wizard.adoc[the installation_wizard].

IMPORTANT: Please know that ownCloud’s data directory must be exclusive to ownCloud and not be modified manually by any other process or user.

Headers

NOTE: ownCloud has a mechanism to set headers programmatically.
These headers are set with the always directive to avoid errors when there are additional headers set in the web servers configuration file like http.conf.
More information on headers can be found {mod_headers-url}[in the mod_headers documentation].

Set Strong Directory Permissions

After completing the installation, you must immediately xref:installation/installation_wizard.adoc#post-installation-steps[set the directory permissions] in your ownCloud installation as strictly as possible for stronger security.
After you do so, your ownCloud server will be ready to use.

Managing Trusted Domains

All URLs used to access your ownCloud server must be white-listed in your config.php file, under the trusted_domains setting.
Users are allowed to log into ownCloud only when they point their browsers to a URL that is listed in the trusted_domains setting.

NOTE: This setting is important when changing or moving to a new domain name.
You may use IP addresses and domain names.

A typical configuration looks like this:

'trusted_domains' #> [
   0 #> 'localhost',
   1 #> 'server1.example.com',
   2 #> '192.168.1.50',
],

The loopback address, 127.0.0.1, is automatically white-listed, so as long as you have access to the physical server you can always log in.
In the event that a load-balancer is in place, there will be no issues as long as it sends the correct X-Forwarded-Host header.

NOTE: For further information on improving the quality of your ownCloud installation, please see xref:installation/configuration_notes_and_tips.adoc[the configuration notes and tips guide].

NOTE: Admins of SELinux-enabled distributions such as CentOS, Fedora, and Red Hat Enterprise Linux may need to set new rules to enable installing ownCloud.
See xref:installation/configuration_notes_and_tips.adoc#config-notes-and-tips-selinux[SELinux] for a suggested configuration.

1 Like