Manual Installation on Linux
Install the Required Packages
When Are Stable Channel Packages Updated?
Packages in the supported distributions’ stable channels are not immediately updated following a release.
This is because we need to make sure that the release is sufficiently stable, as many people use automatic updates.
By waiting a number of business days after a tarball has been released, we are able to make this assessment, based on a number of criteria which include the submitted bug reports from systems administrators.
If you are planning on running additional apps, keep in mind that you might require additional packages.
See xref:installation/manual_installation.adoc#prerequisites[the prerequisites list] for details.
Ubuntu 18.04 LTS Server
To prepare your Ubuntu 18.04 server for the use with ownCloud, follow https://github.com/owncloud/docs/blob/master/modules/admin_manual/pages/installation/server_prep_ubuntu_18.04.adoc.
RHEL (RedHat Enterprise Linux) 7.2
Required Extensions
yum install subscription-manager
Enable the RHEL Server 7 repository
sudo subscription-manager repos --enable rhel-server-rhscl-7-eus-rpms
Install the required packages
sudo yum install httpd mariadb-server php72 php72-php php72-php-opcache \
php72-php-gd php72-php-mbstring php72-php-mysqlnd
Optional Extensions
sudo yum install -y epel-release http://rpms.remirepo.net/enterprise/remi-release-7.rpm yum-utils \
&& sudo yum-config-manager --enable remi-php72 \
&& sudo yum update -y \
&& sudo yum install -y php72-pecl-apcu \
redis php72-php-pecl-redis php72-php-ldap \
mariadb-server mariadb
CentOS 7
sudo yum install -y -q epel-release http://rpms.remirepo.net/enterprise/remi-release-7.rpm yum-utils \
&& sudo yum-config-manager --enable remi-php72 \
&& sudo yum update -y -q \
&& sudo yum install -y -q \
httpd mariadb-server php72 php72-php php72-php-gd \
php72-php-mbstring php72-php-mysqlnd php72-php-cli \
php72-pecl-apcu redis php72-php-pecl-redis php72-php-common php72-php-opcache \
php72-php-ldap mariadb-server mariadb \
&& sudo scl enable php72 bash
SLES (SUSE Linux Enterprise Server) 12
Required Extensions
sudo zypper install -y apache2 apache2-mod_php7 php7-gd php7-openssl \
php7-json php7-curl php7-intl php7-sodium php7-zip php7-zlib
Optional Extensions
sudo zypper install -y php7-ldap
APCu
We are not aware of any officially supported APCu package for SLES 12.
However, if you want or need to install it, then we suggest the following steps:
wget http://download.opensuse.org/repositories/server:/php:/extensions/SLE_12_SP1/ server:php:extensions.repo -O /etc/zypp/repos.d/memcached.repo
zypper refresh
zypper install php5-APCu
Redis
The latest versions of Redis servers have shown to be incompatible with SLES 12.
Therefore it is currently recommended to download and install version 2.2.7 or a previous release from: https://pecl.php.net/package/redis.
Keep in mind that version 2.2.5 is the minimum version which ownCloud supports.
If you want or need to install it, we suggest the following steps:
zypper refresh
zypper install -y php7-redis
Install ownCloud
Now download the archive of the latest ownCloud version:
- Go to the ownCloud Download Page.
- Go to Download ownCloud Server > Download > Archive file for server owners and download either the tar.bz2 or .zip archive.
- This downloads a file named owncloud-x.y.z.tar.bz2 or owncloud-x.y.z.zip (where x.y.z is the version number).
- Download its corresponding checksum file, e.g., owncloud-x.y.z.tar.bz2.md5, or owncloud-x.y.z.tar.bz2.sha256.
- Verify the MD5 or SHA256 sum:
md5sum -c owncloud-x.y.z.tar.bz2.md5 < owncloud-x.y.z.tar.bz2
sha256sum -c owncloud-x.y.z.tar.bz2.sha256 < owncloud-x.y.z.tar.bz2
md5sum -c owncloud-x.y.z.zip.md5 < owncloud-x.y.z.zip
sha256sum -c owncloud-x.y.z.zip.sha256 < owncloud-x.y.z.zip
- You may also verify the PGP signature:
wget https://download.owncloud.com/server/stable/owncloud-x.y.z.tar.bz2.asc
wget https://download.owncloud.com/owncloud.asc
gpg --import owncloud.asc
gpg --verify owncloud-x.y.z.tar.bz2.asc owncloud-x.y.z.tar.bz2
- Now you can extract the archive contents.
Run the appropriate unpacking command for your archive type:
tar -xjf owncloud-x.y.z.tar.bz2
unzip owncloud-x.y.z.zip
- This unpacks to a single
owncloud
directory.
Copy the ownCloud directory to its final destination.
When you are running the Apache HTTP server, you may safely install ownCloud in your Apache document root:
cp -r owncloud /path/to/webserver/document-root
where /path/to/webserver/document-root
is replaced by the document root of your Web server:
cp -r owncloud /var/www
On other HTTP servers, it is recommended to install ownCloud outside of the document root.
Configure the Web Server
Configure Apache
On Debian, Ubuntu, and their derivatives, Apache installs with a useful configuration, so all you have to do is create an /etc/apache2/sites-available/owncloud.conf
file with these lines in it, replacing the Directory and other file paths with your own file paths:
Alias /owncloud "/var/www/owncloud/"
<Directory /var/www/owncloud/>
Options FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/owncloud
SetEnv HTTP_HOME /var/www/owncloud
</Directory>
Then create a symlink to /etc/apache2/sites-enabled:
ln -s /etc/apache2/sites-available/owncloud.conf /etc/apache2/sites-enabled/owncloud.conf
Additional Apache Configurations
- For ownCloud to work correctly, we need the module
mod_rewrite
.
Enable it by running:a2enmod rewrite
.
Additionally recommended modules aremod_headers
,mod_env
,mod_dir
,mod_mime
, andmod_unique_id
.
To enable them, run the following commands:
a2enmod headers
a2enmod env
a2enmod dir
a2enmod mime
a2enmod unique_id
NOTE: If you want to use Marketplace[the OAuth2 app], then http://httpd.apache.org/docs/current/mod/mod_headers.html[mod_headers] must be installed and enabled.
- You must disable any server-configured authentication for ownCloud, as it uses Basic authentication internally for DAV services.
If you have turned on authentication on a parent folder (via, e.g., anAuthType Basic
directive), you can disable the authentication specifically for the ownCloud entry.
Following the above example configuration file, add the following line in the<Directory
section
Satisfy Any
-
When using SSL, take special note of the
ServerName
.
You should specify one in the server configuration, as well as in theCommonName
field of the certificate.
If you want your ownCloud to be reachable via the internet, then set both of these to the domain you want to reach your ownCloud server. -
Now restart Apache
service apache2 restart
- If you’re running ownCloud in a sub-directory and want to use CalDAV or CardDAV clients make sure you have configured the correct xref:configuration/general_topics/general_troubleshooting.adoc#service-discovery[Service Discovery] URLs.
Apache Mod_Unique_Id Configuration
http://httpd.apache.org/docs/current/mod/mod_unique_id.html[mod_unique_id]:
Provides a magic token for each request which is guaranteed to be unique across “all” requests under very specific conditions.
If you enable the module, there is nothing else that you have to do, as ownCloud automatically includes the UNIQUE_ID
environment variable, which the module makes available, in ownCloud’s log file.
To confirm that it’s working though, check that the UNIQUE_ID
environment variable is being set, by running phpinfo()
(as in the screenshot below).
image:installation/webservers/apache/mod_unique_id/phpinfo.png[phpinfo() showing that Apache is sending the UNIQUE_ID value from mod_unique_id]
Next, compare the value set for UNIQUE_ID
in the output of phpinfo()
with the value in ownCloud’s log file, to ensure that they’re the same.
In the example below, you can see an example log entry, where ownCloud is logging the unique id provided by Apache, as the value for the first key reqId
in the record.
include::{examplesdir}installation/webservers/apache/log-entry.json[]
Enable SSL
NOTE: You can use ownCloud over plain HTTP, but we strongly encourage you to use SSL/TLS to encrypt all of your server traffic, and to protect user’s logins and data in transit.
Apache installed under Ubuntu comes already set-up with a simple self-signed certificate.
All you have to do is to enable the ssl
module and the default site. Open a terminal and run:
a2enmod ssl
a2ensite default-ssl
service apache2 reload
NOTE: Self-signed certificates have their drawbacks - especially when you plan to make your ownCloud server publicly accessible. You might want to consider getting a certificate signed by a commercial signing authority. Check with your domain name registrar or hosting service for good deals on commercial certificates.
Multi-Processing Module (MPM)
prefork - Apache HTTP Server Version 2.4[Apache prefork] has to be used.
Don’t use a threaded MPM
like event
or worker
with mod_php
, because PHP is currently PHP: Apache 2.x on Unix systems - Manual[not thread safe].
Configure NGINX
NGINX Unique_Id Configuration
NGINX supports functionality similar to Apache’s mod_unique_id, called {nginx-app-tracing-url}[Application Tracing].
To enable it, please add the following code to the server block of your ownCloud NGINX configuration.
fastcgi_param UNIQUE_ID $request_id;
TIP: For more details, please refer to {nginx-app-tracing-url}[Application Tracing with NGINX and NGINX Plus].
Run the Installation Wizard
After restarting Apache, you must complete your installation by running either the Graphical Installation Wizard or on the command line with the occ
command.
To enable this, temporarily change the ownership on your ownCloud directories to your HTTP user
TIP: Refer to the xref:set-strong-directory-permissions[Set Strong Directory Permissions] section to learn how to find your HTTP user):
chown -R www-data:www-data /var/www/owncloud/
NOTE: Admins of SELinux-enabled distributions may need to write new SELinux rules to complete their ownCloud installation; see xref:installation/configuration_notes_and_tips.adoc#config-notes-and-tips-selinux[the SELinux guide] for a suggested configuration.
To use occ
refer to the xref:installation/command_line_installation.adoc[command-line installation details].
To use the graphical Installation Wizard refer to xref:installation/installation_wizard.adoc[the installation_wizard].
IMPORTANT: Please know that ownCloud’s data directory must be exclusive to ownCloud and not be modified manually by any other process or user.
Headers
NOTE: ownCloud has a mechanism to set headers programmatically.
These headers are set with the always
directive to avoid errors when there are additional headers set in the web servers configuration file like http.conf
.
More information on headers can be found {mod_headers-url}[in the mod_headers
documentation].
Set Strong Directory Permissions
After completing the installation, you must immediately xref:installation/installation_wizard.adoc#post-installation-steps[set the directory permissions] in your ownCloud installation as strictly as possible for stronger security.
After you do so, your ownCloud server will be ready to use.
Managing Trusted Domains
All URLs used to access your ownCloud server must be white-listed in your config.php
file, under the trusted_domains
setting.
Users are allowed to log into ownCloud only when they point their browsers to a URL that is listed in the trusted_domains
setting.
NOTE: This setting is important when changing or moving to a new domain name.
You may use IP addresses and domain names.
A typical configuration looks like this:
'trusted_domains' #> [
0 #> 'localhost',
1 #> 'server1.example.com',
2 #> '192.168.1.50',
],
The loopback address, 127.0.0.1
, is automatically white-listed, so as long as you have access to the physical server you can always log in.
In the event that a load-balancer is in place, there will be no issues as long as it sends the correct X-Forwarded-Host
header.
NOTE: For further information on improving the quality of your ownCloud installation, please see xref:installation/configuration_notes_and_tips.adoc[the configuration notes and tips guide].
NOTE: Admins of SELinux-enabled distributions such as CentOS, Fedora, and Red Hat Enterprise Linux may need to set new rules to enable installing ownCloud.
See xref:installation/configuration_notes_and_tips.adoc#config-notes-and-tips-selinux[SELinux] for a suggested configuration.