net2wire Posted March 26, 2015 Share Posted March 26, 2015 I have no experience with owncloud and mariadb, but if you just want to set a root password in mariadb, you could connect from a different pc in your network with e.g. Heidisql and set the password. Awesome! Thank you. HeidiSQL works like a charm. Interesting though how I had to add/change the password several times. Quote Link to comment
smdion Posted March 26, 2015 Share Posted March 26, 2015 Thought some people may be interested that I got OwnCloud working from behind a reverse proxy. So I can access it at www.domain.com/owncloud. http://www.seandion.info/unraid/apache-reverse-proxy-info-for-smdions-dockers/#owncloud Quote Link to comment
net2wire Posted March 26, 2015 Share Posted March 26, 2015 Thanks again to cirkator for suggesting HeidiSQL. Did a fresh install of ownCloud using MariaDB and everything seems to be functioning as well as I expected. Firstly I recommend that MariaDB be installed, then setting Root password using HeidiSQL, then install ownCloud. Before completing ownCloud installation, at the Add Container Gui, click Advanced View and scroll down to the Environment Variables section and notice the Variable Name and Variable Value. This is used to create your SSL Cert. The Variable Value can be changed to anything you need: /C=US/ST=CA/L=City/O=Organization/OU=Organization Unit/CN=yourhome.com to this: /C=US/ST=NY/L=Buffalo/O=Elm DataCenter/OU=TechOps/CN=mycloud.elmdata.com You can of course include a domain or subdomain that you use to point to your home network (via dynamic dns or other means). I'm assuming that MariaDB and ownCloud will be installed with default ports, and your (Volume Mappings) Host path mapped to your desired location. 1. Simply login to MariaDB with HeidiSQL using the unRAID's IP address with root as username with no password. 2. In HeidiSQL click on Tools then choose User Manager. Find Root and change password. 3. While in HeidiSQL might as well create the ownCloud database and ownCloud user: ex: ocowner 3.A. on the left pane right click your mouse, choose Create new -> Database , and name it what you like ex: owncloud and click OK. 3.B. Click on Tools -> User Manager -> Click Add at the upper left corner -> enter User name, then choose From host (its your preference but I suggest your local LAN), enter password twice, 3.C. then at Allow access to: you may Add object (your preference but I would choose your database to start with and select the entire Database ). I did not choose Global privileges as I believe this will be like adding MariaDB root privileges to ownCloud root user, and this is not desired or necessary IMHO. YMMV. 3.D. Click Save. Exit HiediSQL if you wish. 4. Once ownCloud is installed you can open a browser and go to https://yourlocalhost:8000 and enter a new Admin account and Password, and also choose MariaDB database as install. The rest is your preference. 5. I do recommed after logging in and setting up ownCloud admin settings to winSCP to your unRAID server and find the config.php file for ownCloud, example: /mnt/user/appdata/owncloud/config . You will find config.php under the config folder. Double click the config.php file to open it. It will look like the below code, but be aware that the IP address is specific to my unRAID Tower and mycloud.elmdata.com was added as a trusted domain, that obviously also matches the CN of the SSL cert that was set up in the Environment Variables section in the Add Container section for ownCloud . By adding the URL mycloud.elmdata.com to the config.php there will not be an error on the browser when trying to login to the server from the outside world. I access my server using https://mycloud.elmdata.com by itself. My router port forwards port 80 to https://192.168.100.100:8000. All is good. <?php $CONFIG = array ( 'instanceid' => 'och68ppxik6u', 'passwordsalt' => 'zr0VoAt4/JPiv82RlhcSByxg7c2N9O', 'secret' => 'VbYA4LSzIT0.1Vvg6.amPzTZGtv6RZD13QU9zC9FaddmWfncnotmyrealsecret', 'trusted_domains' => array ( 0 => '192.168.100.100', 1 => 'mycloud.elmdata.com', ), 'datadirectory' => '/var/www/owncloud/data', 'overwrite.cli.url' => 'https://192.168.100.100:8000', 'dbtype' => 'mysql', 'version' => '8.0.2.0', 'dbname' => 'owncloud', 'dbhost' => '192.168.100.100', 'dbtableprefix' => 'oc_', 'dbuser' => 'oc_elmerfudd', 'dbpassword' => 'icantwaitforsummerdeargod', 'installed' => true, 'loglevel' => 0, 'mail_smtpmode' => 'smtp', 'mail_from_address' => 'support', 'mail_domain' => 'elmdata.com', 'mail_smtphost' => 'imap.elmdata.com', 'mail_smtpport' => '465', 'mail_smtpauth' => 1, 'mail_smtpauthtype' => 'PLAIN', 'mail_smtpsecure' => 'ssl', 'mail_smtpname' => '[email protected]', 'mail_smtppassword' => 'itstoodamncoldthiswinter', 'forcessl' => true, ); Quote Link to comment
CHBMB Posted March 27, 2015 Share Posted March 27, 2015 HeidiSQL is awesome, been using it for a few years now. Couldn't manage without it. Quote Link to comment
hurricanehrndz Posted March 27, 2015 Share Posted March 27, 2015 Hey, this isn't an error with the container itself, but rather a question regarding the template. When I edit the template and adjust the port to say 8086 and the protocol to https it doesn't seem to take affect. Quote Link to comment
gfjardim Posted March 27, 2015 Author Share Posted March 27, 2015 Hey, this isn't an error with the container itself, but rather a question regarding the template. When I edit the template and adjust the port to say 8086 and the protocol to https it doesn't seem to take affect. It's the container. Port 8000 is hardcoded, no redirection is allowed because HTTPS is enforced on that port. There's a HTTP service on port 8001 that would allow port redirection. Quote Link to comment
hurricanehrndz Posted March 27, 2015 Share Posted March 27, 2015 Do you mind if I fork it then and make the port adjustable via an environment or is this a feature that you would be willing to implement. Quote Link to comment
gfjardim Posted March 27, 2015 Author Share Posted March 27, 2015 Do you mind if I fork it then and make the port adjustable via an environment or is this a feature that you would be willing to implement. Well, I can change it, but you're the first complaining about this. I'll make the port adjustable. PS: Couldn't make it work without breaking the WebUI address on the unRAID webui. Any ideas? Quote Link to comment
hurricanehrndz Posted March 27, 2015 Share Posted March 27, 2015 Yeah, I will try and do something. Quote Link to comment
gfjardim Posted March 27, 2015 Author Share Posted March 27, 2015 Yeah, I will try and do something. Ok, I think I did it: install.sh #!/bin/bash OWNCLOUD_VERSION="8.0.2" ######################################### ## ENVIRONMENTAL CONFIG ## ######################################### # Configure user nobody to match unRAID's settings export DEBIAN_FRONTEND="noninteractive" usermod -u 99 nobody usermod -g 100 nobody usermod -d /home nobody chown -R nobody:users /home # Disable SSH rm -rf /etc/service/sshd /etc/my_init.d/00_regen_ssh_host_keys.sh ######################################### ## REPOSITORIES AND DEPENDENCIES ## ######################################### # Repositories add-apt-repository "deb http://us.archive.ubuntu.com/ubuntu/ trusty universe multiverse" add-apt-repository "deb http://us.archive.ubuntu.com/ubuntu/ trusty-updates universe multiverse" # Install Dependencies apt-get update -qq apt-get install -qy php5-cli \ php5-gd \ php5-pgsql \ php5-sqlite \ php5-mysqlnd \ php5-curl \ php5-intl \ php5-mcrypt \ php5-ldap \ php5-gmp \ php5-imagick \ php5-fpm \ php5-gd \ smbclient \ nginx \ openssl \ wget \ bzip2 ######################################### ## FILES, SERVICES AND CONFIGURATION ## ######################################### # NGINX mkdir -p /etc/service/nginx cat <<'EOT' > /etc/service/nginx/run #!/bin/bash umask 000 exec /usr/sbin/nginx -c /etc/nginx/nginx.conf EOT # PHP-FPM mkdir -p /etc/service/php-fpm cat <<'EOT' > /etc/service/php-fpm/run #!/bin/bash umask 000 exec /usr/sbin/php5-fpm --nodaemonize --fpm-config /etc/php5/fpm/php-fpm.conf EOT # CONFIG cat <<'EOT' > /etc/my_init.d/config.sh #!/bin/bash # Fix the timezone if [[ $(cat /etc/timezone) != $TZ ]] ; then echo "$TZ" > /etc/timezone dpkg-reconfigure -f noninteractive tzdata sed -i -e "s#;date.timezone.*#date.timezone = ${TZ}#g" /etc/php5/fpm/php.ini fi # Set port if [[ -z ${PORT_HTTPS} ]]; then PORT_HTTPS="8000" fi sed -i -e "s|{PORT_HTTPS}|${PORT_HTTPS}|" /etc/nginx/sites-enabled/owncloud.site if [[ -f /var/www/owncloud/data/server.key && -f /var/www/owncloud/data/server.pem ]]; then echo "Found pre-existing certificate, using it." cp -f /var/www/owncloud/data/server.* /opt/ else if [[ -z $SUBJECT ]]; then SUBJECT="/C=US/ST=CA/L=Carlsbad/O=Lime Technology/OU=unRAID Server/CN=yourhome.com" fi echo "No pre-existing certificate found, generating a new one with subject:" echo $SUBJECT openssl req -new -x509 -days 3650 -nodes -out /opt/server.pem -keyout /opt/server.key \ -subj "$SUBJECT" ls /opt/ cp -f /opt/server.* /var/www/owncloud/data/ fi if [[ ! -d /var/www/owncloud/data/config ]]; then mkdir /var/www/owncloud/data/config fi if [[ -d /var/www/owncloud/config ]]; then rm -rf /var/www/owncloud/config ln -sf /var/www/owncloud/data/config/ /var/www/owncloud/config fi chown -R nobody:users /var/www/owncloud EOT #PHP-FPM config cat <<'EOT' > /etc/php5/fpm/pool.d/www.conf [global] daemonize = no [www] user = nobody group = users listen = /var/run/php5-fpm.sock listen.mode = 0666 pm = dynamic pm.max_children = 50 pm.start_servers = 3 pm.min_spare_servers = 2 pm.max_spare_servers = 4 pm.max_requests = 500 php_admin_value[upload_max_filesize] = 100G php_admin_value[post_max_size] = 100G php_admin_value[default_charset] = UTF-8 EOT # NGINX config cat <<'EOT' > /etc/nginx/nginx.conf user nobody users; daemon off; worker_processes 4; pid /run/nginx.pid; events { worker_connections 768; } http { sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; gzip on; gzip_disable "msie6"; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } EOT # NGINX site rm -f /etc/nginx/sites-enabled/default cat <<'EOT' > /etc/nginx/sites-enabled/owncloud.site upstream php-handler { server unix:/var/run/php5-fpm.sock; } server { listen 8000 ssl; server_name ""; ssl_certificate /opt/server.pem; ssl_certificate_key /opt/server.key; # Force SSL error_page 497 https://$host:{PORT_HTTPS}$request_uri; # Path to the root of your installation root /var/www/owncloud; client_max_body_size 100G; fastcgi_buffers 64 4K; rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; index index.php; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) { deny all; } location / { # The following 2 rules are only needed with webfinger rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; try_files $uri $uri/ index.php; } location ~ \.php(?|/) { fastcgi_split_path_info ^(.+\.php)(/.+)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_pass php-handler; } # Optional: set long EXPIRES header on static assets location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ { expires 30d; # Optional: Don't log access to assets access_log off; } } server { listen 8001; server_name ""; # Path to the root of your installation root /var/www/owncloud; client_max_body_size 100G; fastcgi_buffers 64 4K; rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; index index.php; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) { deny all; } location / { # The following 2 rules are only needed with webfinger rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; try_files $uri $uri/ index.php; } location ~ \.php(?|/) { fastcgi_split_path_info ^(.+\.php)(/.+)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_pass php-handler; } # Optional: set long EXPIRES header on static assets location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ { expires 30d; # Optional: Don't log access to assets access_log off; } } EOT chmod -R +x /etc/service/ /etc/my_init.d/ ######################################### ## INSTALLATION ## ######################################### # Install ownCloud mkdir -p /var/www/ wget -qO - "https://download.owncloud.org/community/owncloud-${OWNCLOUD_VERSION}.tar.bz2" | tar -jx -C /var/www ######################################### ## CLEANUP ## ######################################### # Clean APT install files apt-get clean -y rm -rf /var/lib/apt/lists/* /var/cache/* /var/tmp/* The PORT_HTTPS variable will change the redirection port. I couldn't find a way nginx would automatically detect the container external port. Please try and let me know. Since my "Movies Disaster", I don't have a running test environment. Quote Link to comment
breakline Posted March 29, 2015 Share Posted March 29, 2015 Thanks again to cirkator for suggesting HeidiSQL. Did a fresh install of ownCloud using MariaDB and everything seems to be functioning as well as I expected. Firstly I recommend that MariaDB be installed, then setting Root password using HeidiSQL, then install ownCloud. Before completing ownCloud installation, at the Add Container Gui, click Advanced View and scroll down to the Environment Variables section and notice the Variable Name and Variable Value. This is used to create your SSL Cert. The Variable Value can be changed to anything you need: /C=US/ST=CA/L=City/O=Organization/OU=Organization Unit/CN=yourhome.com to this: /C=US/ST=NY/L=Buffalo/O=Elm DataCenter/OU=TechOps/CN=mycloud.elmdata.com You can of course include a domain or subdomain that you use to point to your home network (via dynamic dns or other means). I'm assuming that MariaDB and ownCloud will be installed with default ports, and your (Volume Mappings) Host path mapped to your desired location. 1. Simply login to MariaDB with HeidiSQL using the unRAID's IP address with root as username with no password. 2. In HeidiSQL click on Tools then choose User Manager. Find Root and change password. 3. While in HeidiSQL might as well create the ownCloud database and ownCloud user: ex: ocowner 3.A. on the left pane right click your mouse, choose Create new -> Database , and name it what you like ex: owncloud and click OK. 3.B. Click on Tools -> User Manager -> Click Add at the upper left corner -> enter User name, then choose From host (its your preference but I suggest your local LAN), enter password twice, 3.C. then at Allow access to: you may Add object (your preference but I would choose your database to start with and select the entire Database ). I did not choose Global privileges as I believe this will be like adding MariaDB root privileges to ownCloud root user, and this is not desired or necessary IMHO. YMMV. 3.D. Click Save. Exit HiediSQL if you wish. 4. Once ownCloud is installed you can open a browser and go to https://yourlocalhost:8000 and enter a new Admin account and Password, and also choose MariaDB database as install. The rest is your preference. 5. I do recommed after logging in and setting up ownCloud admin settings to winSCP to your unRAID server and find the config.php file for ownCloud, example: /mnt/user/appdata/owncloud/config . You will find config.php under the config folder. Double click the config.php file to open it. It will look like the below code, but be aware that the IP address is specific to my unRAID Tower and mycloud.elmdata.com was added as a trusted domain, that obviously also matches the CN of the SSL cert that was set up in the Environment Variables section in the Add Container section for ownCloud . By adding the URL mycloud.elmdata.com to the config.php there will not be an error on the browser when trying to login to the server from the outside world. I access my server using https://mycloud.elmdata.com by itself. My router port forwards port 80 to https://192.168.100.100:8000. All is good. <?php $CONFIG = array ( 'instanceid' => 'och68ppxik6u', 'passwordsalt' => 'zr0VoAt4/JPiv82RlhcSByxg7c2N9O', 'secret' => 'VbYA4LSzIT0.1Vvg6.amPzTZGtv6RZD13QU9zC9FaddmWfncnotmyrealsecret', 'trusted_domains' => array ( 0 => '192.168.100.100', 1 => 'mycloud.elmdata.com', ), 'datadirectory' => '/var/www/owncloud/data', 'overwrite.cli.url' => 'https://192.168.100.100:8000', 'dbtype' => 'mysql', 'version' => '8.0.2.0', 'dbname' => 'owncloud', 'dbhost' => '192.168.100.100', 'dbtableprefix' => 'oc_', 'dbuser' => 'oc_elmerfudd', 'dbpassword' => 'icantwaitforsummerdeargod', 'installed' => true, 'loglevel' => 0, 'mail_smtpmode' => 'smtp', 'mail_from_address' => 'support', 'mail_domain' => 'elmdata.com', 'mail_smtphost' => 'imap.elmdata.com', 'mail_smtpport' => '465', 'mail_smtpauth' => 1, 'mail_smtpauthtype' => 'PLAIN', 'mail_smtpsecure' => 'ssl', 'mail_smtpname' => '[email protected]', 'mail_smtppassword' => 'itstoodamncoldthiswinter', 'forcessl' => true, ); Thanks net2wire , I had set it up and was able to access it before reading your post but was not too sure or comfortable that it was correct or secure I have no experience with sql or database software at all. I deleted mariadb and owncloud dockers/shares and folders and started fresh following your guide and feel better about it. one question I have though is I set up a share called owncloud and set : /var/www/owncloud/data to /mnt/user/owncloud/ and all owncloud files are in there including my owncloud user folder ,is that how it should be or should I point /var/www/owncloud/data to mnt/cache/docker/apps/owncloud for config and other app files and then set another container volume as /data and point to host path: /mnt/user/owncloud where all my user folders for owncloud would be ? sorry dont even know if that makes sense still trying to wrap my head around how some dockers have seperate container volume and host paths and and what it means and how they work and how that is determined. Quote Link to comment
cirkator Posted March 29, 2015 Share Posted March 29, 2015 Net2wire, happy to assist! Thank you for the detailed how-to, maybe I'll give owncloud a go :-) Quote Link to comment
hurricanehrndz Posted March 30, 2015 Share Posted March 30, 2015 Yeah, I will try and do something. Ok, I think I did it: install.sh #!/bin/bash OWNCLOUD_VERSION="8.0.2" ######################################### ## ENVIRONMENTAL CONFIG ## ######################################### # Configure user nobody to match unRAID's settings export DEBIAN_FRONTEND="noninteractive" usermod -u 99 nobody usermod -g 100 nobody usermod -d /home nobody chown -R nobody:users /home # Disable SSH rm -rf /etc/service/sshd /etc/my_init.d/00_regen_ssh_host_keys.sh ######################################### ## REPOSITORIES AND DEPENDENCIES ## ######################################### # Repositories add-apt-repository "deb http://us.archive.ubuntu.com/ubuntu/ trusty universe multiverse" add-apt-repository "deb http://us.archive.ubuntu.com/ubuntu/ trusty-updates universe multiverse" # Install Dependencies apt-get update -qq apt-get install -qy php5-cli \ php5-gd \ php5-pgsql \ php5-sqlite \ php5-mysqlnd \ php5-curl \ php5-intl \ php5-mcrypt \ php5-ldap \ php5-gmp \ php5-imagick \ php5-fpm \ php5-gd \ smbclient \ nginx \ openssl \ wget \ bzip2 ######################################### ## FILES, SERVICES AND CONFIGURATION ## ######################################### # NGINX mkdir -p /etc/service/nginx cat <<'EOT' > /etc/service/nginx/run #!/bin/bash umask 000 exec /usr/sbin/nginx -c /etc/nginx/nginx.conf EOT # PHP-FPM mkdir -p /etc/service/php-fpm cat <<'EOT' > /etc/service/php-fpm/run #!/bin/bash umask 000 exec /usr/sbin/php5-fpm --nodaemonize --fpm-config /etc/php5/fpm/php-fpm.conf EOT # CONFIG cat <<'EOT' > /etc/my_init.d/config.sh #!/bin/bash # Fix the timezone if [[ $(cat /etc/timezone) != $TZ ]] ; then echo "$TZ" > /etc/timezone dpkg-reconfigure -f noninteractive tzdata sed -i -e "s#;date.timezone.*#date.timezone = ${TZ}#g" /etc/php5/fpm/php.ini fi # Set port if [[ -z ${PORT_HTTPS} ]]; then PORT_HTTPS="8000" fi sed -i -e "s|{PORT_HTTPS}|${PORT_HTTPS}|" /etc/nginx/sites-enabled/owncloud.site if [[ -f /var/www/owncloud/data/server.key && -f /var/www/owncloud/data/server.pem ]]; then echo "Found pre-existing certificate, using it." cp -f /var/www/owncloud/data/server.* /opt/ else if [[ -z $SUBJECT ]]; then SUBJECT="/C=US/ST=CA/L=Carlsbad/O=Lime Technology/OU=unRAID Server/CN=yourhome.com" fi echo "No pre-existing certificate found, generating a new one with subject:" echo $SUBJECT openssl req -new -x509 -days 3650 -nodes -out /opt/server.pem -keyout /opt/server.key \ -subj "$SUBJECT" ls /opt/ cp -f /opt/server.* /var/www/owncloud/data/ fi if [[ ! -d /var/www/owncloud/data/config ]]; then mkdir /var/www/owncloud/data/config fi if [[ -d /var/www/owncloud/config ]]; then rm -rf /var/www/owncloud/config ln -sf /var/www/owncloud/data/config/ /var/www/owncloud/config fi chown -R nobody:users /var/www/owncloud EOT #PHP-FPM config cat <<'EOT' > /etc/php5/fpm/pool.d/www.conf [global] daemonize = no [www] user = nobody group = users listen = /var/run/php5-fpm.sock listen.mode = 0666 pm = dynamic pm.max_children = 50 pm.start_servers = 3 pm.min_spare_servers = 2 pm.max_spare_servers = 4 pm.max_requests = 500 php_admin_value[upload_max_filesize] = 100G php_admin_value[post_max_size] = 100G php_admin_value[default_charset] = UTF-8 EOT # NGINX config cat <<'EOT' > /etc/nginx/nginx.conf user nobody users; daemon off; worker_processes 4; pid /run/nginx.pid; events { worker_connections 768; } http { sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; gzip on; gzip_disable "msie6"; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } EOT # NGINX site rm -f /etc/nginx/sites-enabled/default cat <<'EOT' > /etc/nginx/sites-enabled/owncloud.site upstream php-handler { server unix:/var/run/php5-fpm.sock; } server { listen 8000 ssl; server_name ""; ssl_certificate /opt/server.pem; ssl_certificate_key /opt/server.key; # Force SSL error_page 497 https://$host:{PORT_HTTPS}$request_uri; # Path to the root of your installation root /var/www/owncloud; client_max_body_size 100G; fastcgi_buffers 64 4K; rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; index index.php; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) { deny all; } location / { # The following 2 rules are only needed with webfinger rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; try_files $uri $uri/ index.php; } location ~ \.php(?|/) { fastcgi_split_path_info ^(.+\.php)(/.+)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_pass php-handler; } # Optional: set long EXPIRES header on static assets location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ { expires 30d; # Optional: Don't log access to assets access_log off; } } server { listen 8001; server_name ""; # Path to the root of your installation root /var/www/owncloud; client_max_body_size 100G; fastcgi_buffers 64 4K; rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; index index.php; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) { deny all; } location / { # The following 2 rules are only needed with webfinger rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; try_files $uri $uri/ index.php; } location ~ \.php(?|/) { fastcgi_split_path_info ^(.+\.php)(/.+)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_pass php-handler; } # Optional: set long EXPIRES header on static assets location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ { expires 30d; # Optional: Don't log access to assets access_log off; } } EOT chmod -R +x /etc/service/ /etc/my_init.d/ ######################################### ## INSTALLATION ## ######################################### # Install ownCloud mkdir -p /var/www/ wget -qO - "https://download.owncloud.org/community/owncloud-${OWNCLOUD_VERSION}.tar.bz2" | tar -jx -C /var/www ######################################### ## CLEANUP ## ######################################### # Clean APT install files apt-get clean -y rm -rf /var/lib/apt/lists/* /var/cache/* /var/tmp/* The PORT_HTTPS variable will change the redirection port. I couldn't find a way nginx would automatically detect the container external port. Please try and let me know. Since my "Movies Disaster", I don't have a running test environment. I didn't try, but I did fork and create pull request. The two edits I made (1 to the template the other to the install.sh of owncloud) work in conjunction and seems to work how I would like. Quote Link to comment
net2wire Posted March 31, 2015 Share Posted March 31, 2015 Thanks net2wire , I had set it up and was able to access it before reading your post but was not too sure or comfortable that it was correct or secure I have no experience with sql or database software at all. I deleted mariadb and owncloud dockers/shares and folders and started fresh following your guide and feel better about it. one question I have though is I set up a share called owncloud and set : /var/www/owncloud/data to /mnt/user/owncloud/ and all owncloud files are in there including my owncloud user folder ,is that how it should be or should I point /var/www/owncloud/data to mnt/cache/docker/apps/owncloud for config and other app files and then set another container volume as /data and point to host path: /mnt/user/owncloud where all my user folders for owncloud would be ? sorry dont even know if that makes sense still trying to wrap my head around how some dockers have seperate container volume and host paths and and what it means and how they work and how that is determined. I usually like to keep the volume mappings / hosts path as simple and recognizable to me as possible. The Container volume mapping for ownCload is /var/www/owncloud/data , and my Host path is /mnt/user/Data/owncloud-mariaDB. The reason I named it with -mariaDB is that I have two versions, the original owncloud sqlite install (/mnt/user/Data/owncloud). Basically all my Dockers and Phaze plugins are all under /mnt/user/Data/... hope that was helpful. Quote Link to comment
pinion Posted March 31, 2015 Share Posted March 31, 2015 After reading through I'm still confused. I have a separate nginx install and I just want to know what I need to put in my nginx config to get it to work. Currently own cloud tries to auto forward to port 8000 instead of just going to domain.tld/owncloud. I get domain.tld:8000/owncloud and nothing works. Most of my other forwards look like: location ~ ^/owncloud($|./*) { proxy_pass http://192.168.2.69:8000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } Quote Link to comment
net2wire Posted March 31, 2015 Share Posted March 31, 2015 So far I have about 10 people using my ownCloud with MariaDB without any problems and people seem to like it. I will probably have many more users before long so I am wondering how one can install a new ssl cert from a Certificate Authority in ownCloud? I'm researching this: docker run -v /host/path/to/certs:/container/path/to/certs -d IMAGE_ID "update-ca-certificates" , don't know if it's the right idea, and need more info on the container/path/to/certs. A little nudge goes a long way! =D Quote Link to comment
gfjardim Posted March 31, 2015 Author Share Posted March 31, 2015 So far I have about 10 people using my ownCloud with MariaDB without any problems and people seem to like it. I will probably have many more users before long so I am wondering how one can install a new ssl cert from a Certificate Authority in ownCloud? I'm researching this: docker run -v /host/path/to/certs:/container/path/to/certs -d IMAGE_ID "update-ca-certificates" , don't know if it's the right idea, and need more info on the container/path/to/certs. A little nudge goes a long way! =D Just put them on the config folder, probably under your appdata folder. The files are server.pem and server.key. Quote Link to comment
smdion Posted March 31, 2015 Share Posted March 31, 2015 After reading through I'm still confused. I have a separate nginx install and I just want to know what I need to put in my nginx config to get it to work. Currently own cloud tries to auto forward to port 8000 instead of just going to domain.tld/owncloud. I get domain.tld:8000/owncloud and nothing works. Most of my other forwards look like: location ~ ^/owncloud($|./*) { proxy_pass http://192.168.2.69:8000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } Can't speak for nginx, but this is what I had to add to my apache config http://www.seandion.info/unraid/apache-reverse-proxy-info-for-smdions-dockers/#owncloud Quote Link to comment
pinion Posted March 31, 2015 Share Posted March 31, 2015 After reading through I'm still confused. I have a separate nginx install and I just want to know what I need to put in my nginx config to get it to work. Currently own cloud tries to auto forward to port 8000 instead of just going to domain.tld/owncloud. I get domain.tld:8000/owncloud and nothing works. Most of my other forwards look like: location ~ ^/owncloud($|./*) { proxy_pass http://192.168.2.69:8000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } Can't speak for nginx, but this is what I had to add to my apache config http://www.seandion.info/unraid/apache-reverse-proxy-info-for-smdions-dockers/#owncloud Thanks, I suspected it might be in the config for own cloud but it's still not working for me. I assume you put it in $CONFIG = array ( like the docs say but I tried both ways and no dice. I might start with a fresh own cloud install since I don't have anything synced anyway Quote Link to comment
smdion Posted March 31, 2015 Share Posted March 31, 2015 After reading through I'm still confused. I have a separate nginx install and I just want to know what I need to put in my nginx config to get it to work. Currently own cloud tries to auto forward to port 8000 instead of just going to domain.tld/owncloud. I get domain.tld:8000/owncloud and nothing works. Most of my other forwards look like: location ~ ^/owncloud($|./*) { proxy_pass http://192.168.2.69:8000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } Can't speak for nginx, but this is what I had to add to my apache config http://www.seandion.info/unraid/apache-reverse-proxy-info-for-smdions-dockers/#owncloud Thanks, I suspected it might be in the config for own cloud but it's still not working for me. I assume you put it in $CONFIG = array ( like the docs say but I tried both ways and no dice. I might start with a fresh own cloud install since I don't have anything synced anyway I decided to risk the security and delete the allowed domains. Quote Link to comment
net2wire Posted March 31, 2015 Share Posted March 31, 2015 So far I have about 10 people using my ownCloud with MariaDB without any problems and people seem to like it. I will probably have many more users before long so I am wondering how one can install a new ssl cert from a Certificate Authority in ownCloud? I'm researching this: docker run -v /host/path/to/certs:/container/path/to/certs -d IMAGE_ID "update-ca-certificates" , don't know if it's the right idea, and need more info on the container/path/to/certs. A little nudge goes a long way! =D Just put them on the config folder, probably under your appdata folder. The files are server.pem and server.key. Great! Thanks. Works like a charm. I've seen those files (server.key & server.pem) there since initial installation and noticed in the logs that they get reinstalled every time there is an edit to owncloud. Anyway with this new ssl cert I had to decrypt the server.key (unRAID shell) so as to get rid of this error 1. Error: nginx: [emerg] SSL_CTX_use_PrivateKey_file("/opt/server.key") failed (SSL: error:0906406D:PEM routines:PEM_def_callback:problems getting password error:0906A068:PEM routines:PEM_do_header:bad password read error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib) Enter PEM pass phrase: 2. I stopped ownCloud and in the working folder (config folder) I use (/mnt/user/Data/owncloud-mariaDB/) I removed the original server.key and server.pem files. I winscp'd to that working folder and copied my new ssl.key and ssl.pem files that I received from the Cert Authority. I putty'd via SSH to unRAID to the working (config) folder and ran this: openssl rsa -in ssl.key -out server.key , and entered password that was setup when the SSL Cert was created at the Cert Authority. Started ownCloud and the result: *** Running /etc/my_init.d/config.sh... Found pre-existing certificate, using it. *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 14 BTW I used https://www.startssl.com/ as previously suggested. The instructions are for obtaining a free SSL Cert, and to setup a Reverse Proxy, but I was not interested in the proxy, yet. Follow directions carefully. http://www.seandion.info/unraid/add-ssl-to-your-reverse-proxy-for-free/ Thanks for the guidance. Quote Link to comment
tr0910 Posted March 31, 2015 Share Posted March 31, 2015 What is the biggest OwnCloud project you've tried using local unRaid storage 1. How many TB? 2. How many files? I want to put several TB out there with a hundred thousand files. Clients are Windows or Mac. Some files I would want to sync (Adobe Lightroom catalog) but most raw image files should not to be synced to the users client owncloud folder. It would be too extreme Does it scale? Quote Link to comment
iamkhris Posted March 31, 2015 Share Posted March 31, 2015 Can anyone point me in the direction I need to go in order to add plugins to the ownCloud docker? I'm not completely familiar with how to interact with it (ie: copy files in/out, etc). Quote Link to comment
smdion Posted March 31, 2015 Share Posted March 31, 2015 BTW I used https://www.startssl.com/ as previously suggested. The instructions are for obtaining a free SSL Cert, and to setup a Reverse Proxy, but I was not interested in the proxy, yet. Follow directions carefully. http://www.seandion.info/unraid/add-ssl-to-your-reverse-proxy-for-free/ Thanks for the guidance. Glad it worked well! Quote Link to comment
tr0910 Posted April 1, 2015 Share Posted April 1, 2015 I'm trying to get my unRaid files recognized, however owncloud "red lines" my typing /mnt/disk1 or /mnt/user/usershare. See this: Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.