(Brand new edition of Owncloud installation guide, with all main security features enabled) |
mNo edit summary |
||
Line 1: | Line 1: | ||
Owncloud is an AGPLv3 software for creating a personal cloud system. Here, an installation guide for the server side. | |||
== Features == | == Features == |
Revision as of 20:54, 21 July 2014
Owncloud is an AGPLv3 software for creating a personal cloud system. Here, an installation guide for the server side.
Features
- Online file storage
- Android compatibility
- Contacts(CarDAV) and calendar (CalDAV) synchronization
- Music streaming
- Many more
Installation
# yum install owncloud
SSL certificate configuration
In order to have secure communications between host and server, you need to generate a key and a certificate
# yum install crypto-utils
# genkey hostname
Answer "no" to the question "Would you like to send a Certificate Request (CSR) to a Certificate Authority (CA)?"
To allow httpd service to use SSL, you need to install proper dependencies
# yum install mod_ssl openssl
and apply the following editings to
/etc/httpd/conf.d/ssl.conf
putting at the bottom
SSLCertificateFile /etc/pki/tls/certs/hostname.crt SSLCertificateKeyFile /etc/pki/tls/private/hostname.key
To force SSL usage in Owncloud server:
# nano /etc/owncloud/config.php
e modify entry
'forcessl' => false
as the following one
'forcessl' => true,
To create admin user, insert into the browser (ignoring warning about unsigned certificate)
localhost/owncloud
Grant remote access to the server
Firewall configuration
You need to find out the active firewall zone
# firewall-cmd --list-all-zones | grep active
in our case:
public (default, active)
then we will use the following commands to allow access to http and https services
# firewall-cmd --permanent --zone=public --add-service=http # firewall-cmd --permanent --zone=public --add-service=https # systemctl restart firewalld
Configuring Apache permissions
In order to allow access to remote hosts, you need to configure Apache's
/etc/httpd/conf.d/owncloud.conf
as the following example:
<IfModule mod_authz_core.c> # Apache 2.4 #Require local Require all granted </IfModule> <IfModule !mod_authz_core.c> # Apache 2.2 Order Deny,Allow #Deny from all #Allow from 127.0.0.1 #Allow from ::1 Allow from all </IfModule>
Configuration of exposed IP addresses
Finally you need to set into configuration file
/etc/owncloud/config.php
at entry
array ( 0 => 'localhost', )
the IP addresses with which the server will be exposed outside (both LAN and WAN). An example of configuration with IP addresses for both LAN and WAN is:
array ( 0 => 'localhost', 1 => '192.168.1.100', 2 => '200.100.1.100', )
Troubleshooting
Dynamic IP adress
If you have a dynamic IP address you can configure a dynamic DNS client, for example inadyn-mt to update your ip for your DNS server account