[support] dlandon - ownCloud


Recommended Posts

I have cloned and updated the linuxservio.io beta ownCloud docker.  I have been using it for over a year and it works very well.  I know that NextCloud is the in thing, but I am committed to ownCloud in my business and have over 200GB of media, calendars, contacts, and tasks on ownCloud.  I do not want to invest time and take the risk trying to move to NextCloud.  The thing I really like about this docker is that mariadb is installed in the docker so a separate docker for the database is not required.

 

I also found other implementations of ownCloud dockers were lacking when it comes to updating ownCloud.  ownCloud cannot be downgraded, so one has to be careful to always go forward, and not backwards.  If a person manually updated ownCloud and then had to reinstall with the original docker, the manual upgrade got written over in other implementations.  This docker prevents that situation because the ownCloud version is persistent in the appdata/owncloud folder.

 

Anyway, the docker is available to install from CA.  If you have the linuxserver.io docker installed, this is a drop in replacement for that docker.  Be sure to back up your data before installing this docker.  To replace the linuxserver.io ownCloud docker, remove that docker and then install this new docker from CA.  Be sure to change any custom settings you made to the original docker template.

 

Installing ownCloud from scratch will install the latest version (Currently 10.5.0 - called ownCloud X).  If you've already installed the docker, your current ownCloud version will not be changed.

 

To install the docker from scratch:

  • Install docker and then go to the WebUI.
  • Enter an administration user and password.
  • Change the data folder to /data.
  • Because the database is built into the container, the database host is localhost.
  • The database user and the database itself are both 'owncloud'.
  • If you do not change the default DB_PASS variable, the default database password is 'owncloud'.
  • Once in the ownCloud WebUI, go to 'Settings->General' and click the 'Cron' method for the cron.php task.  A cron to perform this is built into the docker.
  • If you use your own certificate keys name them cert.key and cert.crt, and place them in config/keys folder.

 

ownCloud can be updated from the WebUI, but it requires a certificate that is not self-signed and some other requirements that will be difficult for a self hosted server.  I will post some manual update instructions so ownCloud can be updated and be persistent.  I will be working on updates that can be done by updating the docker, but I have to put some time into how to do that without breaking things.

 

I recommend you install some security apps for better security:

  • OAuth2 - This app is for remote access to the ownCloud server and uses tokens rather than passwords to log into the server.  Passwords are not stored locally by any clients or third party apps.
  • Brute-Force Protection - Offers brute force login protection.
  • Password Policy - Allows you to set password complexity rules.
Edited by dlandon
Udate initial ownCloud version
  • Like 5
Link to comment

Manual update is the recommended way to update an existing ownCloud installation.

  • Disable apps - Calendar, Contacts, and any add on apps - Settings->Apps.
  • Access the ownCloud Docker 'docker exec -it ownCloud bash'.
  • Install nano 'apt-get install nano'.
  • Put ownCloud in maintenance mode by editing 'nano /config/www/owncloud/config/config.php'.
  • Stop ownCloud docker from the unRAID Docker UI.
  • Get into the unRAID command line.
  • Change directory to 'cd /mnt/user/appdata/ownCloud/www'.
  • Move the existing owncloud version 'mv ./owncloud ./owncloud-old'.
  • Download and unzip the owncloud update from here.  Copy update using a PC to \appdata\ownCloud\www\.
  • Go back to the Unraid command line.
  • Copy external apps 'cp -R /mnt/user/appdata/ownCloud/www/owncloud-old/apps-external/ /mnt/user/appdata/ownCloud/www/owncloud/apps-external/'.
  • Change ownership 'chown nobody:users owncloud'.
  • Copy the old version of config.php 'cp /mnt/user/appdata/ownCloud/www/owncloud-old/config/config.ph /mnt/user/appdata/ownCloud/www/owncloud/config/config.php'.
  • Start owncloud docker from unRAID Docker UI.
  • Access the ownCloud Docker 'docker exec -it ownCloud bash'.
  • Change directory to new owncloud version 'cd /config/www/owncloud'.
  • Change occ to executable 'chmod +x occ''
  • Execute upgrade: 'sudo -u abc ./occ upgrade'.
  • Change permissions on owncloud 'chmod 755 /config/www/owncloud'.
  • Take ownCloud out of maintenance mode by editing 'nano /config/www/owncloud/config/config.php'.
  • Re-enable apps - Calendar, Contacts, and any add on apps.
Edited by dlandon
Add link to ownCloud download
Link to comment

I've built a new docker version that enables the redis server.  This can be used to speed up transactional file locking by using redis instead of the the database for locks.  You do not have to use it.

 

Once you've updated to the newest docker, change your /config/www/owncloud/config/config.php file and add the following:

  'filelocking.enabled' => true,
  'memcache.locking' => '\OC\Memcache\Redis',
  'redis' => array (
     'host' => '/var/run/redis/redis.sock',
     'port' => 0,
     'timeout' => 0.0,
  ),

right after this line:

  'memcache.local' => '\OC\Memcache\APCu',

This should speed up thumbnail displays if you have a lot of media.

Link to comment

The original template I used for the ownClooud docker I put together was cloned from the linuxserver beta docker they created over a year ago.  The original appdata mappings were:

Data Path: /mnt/user/appdata/owncloud/data

AppData Config Path: /mnt/user/appdata/owncloud/config

 

Because of some changes in DockerMan since the original template was created, DockerMan changes the config path when you install the Docker from CA to:

AppData Config Path: /mnt/user/appdata/ownCloud

 

When setting up ownCloud from CA the appdata mappings will then become:

Data Path: /mnt/user/appdata/owncloud/data

AppData Config Path: /mnt/user/appdata/ownCloud

 

This results in two folders being created in appdata:

appdata/owncloud/data <== data folder

appdata/ownCloud/ <== config folder

 

While this works for the Docker, Windows ignores file and folder case and sees these folders as one.  This is a bit messy.

 

To clean this up, I recommend that you stop the Docker and use a tool like MC or use the command line mv to move the appdata/owncloud/data to appdata/ownCloud/data and remove the empty owncloud folder.  This will clean up the two folders situation and if you go back to the default template, the mappings will be correct.

 

You will need to change the data folder to /mnt/user/appdata/ownCloud/data in your template, or go to CA and re-install ownCloud with the default template.

Edited by dlandon
Link to comment
  • 1 month later...

I have updated the ownCloud Docker.  nginx is updated to version 1.13.3.  I ran the SSL security check against my URL and ownCloud passed with flying colors.  If you want to test your URL and ownCloud, use the SSL server check here.  You will not have a very good rating with a self-signed certificate.  I have a CA certificate and running the SSL server check results in an A+ rating.  Before this update I could only achieve a B.

  • Like 1
Link to comment
  • 3 months later...

Dear dlandon,

 

Kindly I would like to ask if it is possible to gain access to ownCloud from the web to allow synchronisation of files, agendas and contacts; if possible, how to go about it? Some work has already been done to improve security however details seem to be lacking how to configure a modem, DNS settings and SSL certificate (I would like to try to use: https://www.sslforfree.com/)

Secondly are there any other things that are recommended and are possible to do: https://doc.owncloud.org/server/10.0/admin_manual/configuration/server/harden_server.html

Link to comment
1 hour ago, LimeCenter said:

Dear dlandon,

 

Kindly I would like to ask if it is possible to gain access to ownCloud from the web to allow synchronisation of files, agendas and contacts; if possible, how to go about it? Some work has already been done to improve security however details seem to be lacking how to configure a modem, DNS settings and SSL certificate (I would like to try to use: https://www.sslforfree.com/) 

Secondly are there any other things that are recommended and are possible to do: https://doc.owncloud.org/server/10.0/admin_manual/configuration/server/harden_server.html

You will need to set up DDNS to a URL in your router that points to your server.  Forward port 443 in your router to the IP address of your ownCloud Docker.
 

Install a legitimate certificate.  The original post describes where to put the certificate and key.  You will need to own the domain you will use to access your ownCloud.  You cannot get a certificate is you don't own the domain.  You cannot use a sub-domain.

 

ownCloud is pretty secure out of the box if you use https for access and don't use a self-signed certificate.

 

Once you have a certificate, test your security at this link:  https://www.ssllabs.com/ssltest/.  It will tell you if you have any security issues.

Link to comment

Hi - 

 

I am trying to add external storage (SMB) to owncloud but getting an error "Storage is temporarily unavailable" when trying to access the folder in Files.

I specified UNRAID user credential and proper path (/mnt/disks/DATA02/Media/Music) and get a green circle. Any ideas what i might be doing wrong?

Link to comment
1 hour ago, mikeyosm said:

Hi - 

 

I am trying to add external storage (SMB) to owncloud but getting an error "Storage is temporarily unavailable" when trying to access the folder in Files.

I specified UNRAID user credential and proper path (/mnt/disks/DATA02/Media/Music) and get a green circle. Any ideas what i might be doing wrong?

You're trying to access a UD mounted share?

Link to comment
  • 2 weeks later...
On 02/12/2017 at 7:26 PM, dlandon said:

You will need to set up DDNS to a URL in your router that points to your server.  Forward port 443 in your router to the IP address of your ownCloud Docker.
 

Install a legitimate certificate.  The original post describes where to put the certificate and key.  You will need to own the domain you will use to access your ownCloud.  You cannot get a certificate is you don't own the domain.  You cannot use a sub-domain.

 

ownCloud is pretty secure out of the box if you use https for access and don't use a self-signed certificate.

 

Once you have a certificate, test your security at this link:  https://www.ssllabs.com/ssltest/.  It will tell you if you have any security issues.

1

 

Dear dlandon and other folks,

 

Kindly I would like to inform you that we finished technical testing and that the software works to our expectation and beyond. We managed with ease to create a subdomain [https://paper.example.eu] with an aligned SSL certificate from https://www.sslforfree.com. The SSL test results are stated here below (Grade: B):

Our conclusion is that we recommend this software package as it is presented today.

Thank you for your time and explanations!

Screen Shot 2017-12-14 at 22.12.51.png

Link to comment
2 hours ago, davidk845 said:

Is there any way to set up so that it automatically syncs with a share. So if i upload something to a documents share on my unRAID server it will automatically be included in owncloud.

 

Thanks

There are apps for Windows, Mac, and Linux desktops to synchronize with ownCloud, but I don't know how you would synchronize the files with unRAID.  If you have a desktop computer or VM, you can install the sync app and have it do the sync for you.  I am doing that on two Windows 10 desktop VMs I use.

Link to comment
2 hours ago, davidk845 said:

Is there any way to set up so that it automatically syncs with a share. So if i upload something to a documents share on my unRAID server it will automatically be included in owncloud.

 

Thanks

 

33 minutes ago, dlandon said:

There are apps for Windows, Mac, and Linux desktops to synchronize with ownCloud, but I don't know how you would synchronize the files with unRAID.  If you have a desktop computer or VM, you can install the sync app and have it do the sync for you.  I am doing that on two Windows 10 desktop VMs I use.

 

There is a manual command you can run in Nextcloud and I'd assume it would work in Owncloud.

 

Take a look here, should be able to write a script to do this and use the user.scripts plugin to automate it I would have thought.

 

So if the share is included in Owncloud, mounted appropriately within the application, you can scan that share and register the files as present on Owncloud.

Edited by CHBMB
Link to comment

So played around with this on Nextcloud, just to see how it works..

 

docker exec nextcloud /bin/sh -c "sudo -u abc php7 /config/www/nextcloud/occ files:scan --all"
root@server:~# docker exec nextcloud /bin/sh -c "sudo -u abc php7 /config/www/nextcloud/occ files:scan --all"

Scanning files for 2 users
Starting scan for user 1 out of 2 (wife)
Starting scan for user 2 out of 2 (chbmb)

+---------+-------+--------------+
| Folders | Files | Elapsed time |
+---------+-------+--------------+
| 360     | 6199  | 00:00:50     |
+---------+-------+--------------+

So I guess all you'd have to change for Owncloud is the container name, path and the user (abc) if it's different.

 

Hope that helps. :)

Edited by CHBMB
  • Upvote 1
Link to comment
2 hours ago, CHBMB said:

So played around with this on Nextcloud, just to see how it works..

 


docker exec nextcloud /bin/sh -c "sudo -u abc php7 /config/www/nextcloud/occ files:scan --all"

root@server:~# docker exec nextcloud /bin/sh -c "sudo -u abc php7 /config/www/nextcloud/occ files:scan --all"

Scanning files for 2 users
Starting scan for user 1 out of 2 (wife)
Starting scan for user 2 out of 2 (chbmb)

+---------+-------+--------------+
| Folders | Files | Elapsed time |
+---------+-------+--------------+
| 360     | 6199  | 00:00:50     |
+---------+-------+--------------+

So I guess all you'd have to change for Owncloud is the container name, path and the user (abc) if it's different.

 

Hope that helps. :)

Thank you so much that’s incredibly helpful!

Link to comment
21 minutes ago, FreeMan said:

@CHBMB dude, I know @Squid has been accused of not having a life outside of unRAID, but I think you're just as bad (or is that good?). Just think, if you put as much effort into it as you do supporting other people's dockers, you could probably regrow some hair and change your user name!

 

I like being bald and unpronounceable..... :D

Link to comment

ownCloud 10.0.4 has an issue with DAV.  This affects Android cell phone calendar and contacts apps.  There is a work around that you can apply until the fix is implemented in 10.0.5.

 

Get into the Docker and execute nano to edit a file:

nano /config/www/owncloud/apps/dav/lib/Server.php

Change this line:

$this->server->addPlugin(new CorsPlugin(\OC::$server->getUserSession()));

to:

//$this->server->addPlugin(new CorsPlugin(\OC::$server->getUserSession()));

This comments out the line.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.