This post shows students and new users the steps to install and configure ownCloud on Ubuntu Linux with Nginx and the free Let’s Encrypt SSL certificate.
ownCloud is an open source, self-hosted file syncing and file sharing platform similar to Dropbox, OneDrive, and other proprietary online storage services. ownCloud enables private cloud services on users’ own servers. It is extensible through its application that can be installed on mobile devices and desktop computers to access and synchronize your files, contacts and data on all devices and platforms.
If you’re looking for a self-hosted file sharing and sync platform, ownCloud should be a good place to start. We show you how to install and configure ownCloud on your own Ubuntu server with a link to the Let’s Encrypt SSL post.
Also, for students and new users learning Linux, the easiest place to start learning is Ubuntu Linux. Ubuntu is the modern open source Linux operating system for desktops, servers, and other devices.
To get started installing and configuring ownCloud on Ubuntu Linux, follow the steps below.
How to install Nginx on Ubuntu Linux
As mentioned above, we will use the Nginx web server to run ownCloud. ownCloud requires a web server to function, and Nginx is the most popular open source web server available today.
To install Nginx on Ubuntu, run the following commands:
sudo apt update sudo apt install nginx
After installing Nginx, the following commands can be used to stop, start and enable Nginx services always start every time your server starts.
sudo systemctl stop nginx.service sudo systemctl start nginx.service sudo systemctl enable nginx.service
To test if Nginx is installed and working, open your web browser and look for the IP address or hostname of the server.
http: // localhost
If you see the above page in the browser, then Nginx is working as expected.
How to install MariaDB on Ubuntu Linux
A database server is required for ownCloud to work. ownCloud stores its content in a database, and MariaDB is probably the best database server available to run ownCloud.
MariaDB is fast, secure, and the default server for almost all Linux servers. To install MariaDB, run the following commands:
sudo apt install mariadb-server sudo apt install mariadb-client
After installing MariaDB, the following commands can be used to stop, start and enable MariaDB services always start when the server starts.
sudo systemctl stop mariadb.service sudo systemctl start mariadb.service sudo systemctl enable mariadb.service
Then run the following commands to protect the database server with a root password if you were not prompted to do so during installation.
sudo mysql_secure_installation
When prompted, use the guide below to respond:
If you've just installed MariaDB, and haven't set the root password yet, you should just press enter here. Enter current password for root (enter for none): PRESS ENTER Switch to unix_socket authentication [Y/n] n Change the root password? [Y/n] n Remove anonymous users? [Y/n] y Disallow root login remotely? [Y/n] y Remove test database and access to it? [Y/n] y Reload privilege tables now? [Y/n] y All done!
To verify and validate that MariaDB is installed and working, log into the database console using the following commands:
sudo mysql -u root -p
It should automatically log into the database server as we started the login request as root. Only root can login without password and only from server console.
If you see a screen similar to the one shown above, then the server installed successfully.
How to install PHP on Ubuntu Linux
Also, PHP is required to run ownCloud. The PHP packages are added to the Ubuntu repositories. Repository versions may not be the latest. If you need to install the latest versions, you will need to add a third-party PPA repository.
In a third-party repository with the latest versions of PHP, run the following commands.
sudo apt-get install software-properties-common sudo add-apt-repository ppa:ondrej/php
At the time of writing, the latest version of PHP 8.0.
sudo apt update
Then run the following commands to install PHP 8.0 and related modules.
sudo apt install php7.4-fpm php7.4-imagick php7.4-common php7.4-mysql php7.4-gmp php7.4-imap php7.4-json php7.4-pgsql php7.4-ssh2 php7.4-sqlite3 php7.4-ldap php7.4-curl php7.4-intl php7.4-mbstring php7.4-xmlrpc php7.4-gd php7.4-xml php7.4-cli php7.4-zip
Next, you’ll want to change some PHP configuration settings that work great with ownCloud. Run the following commands to open the default PHP configuration file.
sudo nano /etc/php/7.4/fpm/php.ini
Then change the line settings to be somewhat aligned with the lines below. Save your changes and exit.
file_uploads = On allow_url_fopen = On short_open_tag = On memory_limit = 256M upload_max_filesize = 100M max_execution_time = 360 date.timezone = America/Chicago
How to create an ownCloud database in Ubuntu
At this point, we are ready to create the ownCloud database. As mentioned above, ownCloud uses databases to store its content.
To create a database for ownCloud, run the following commands:
sudo mysql -u root -p
Then create a database called owncloud
CREATE DATABASE owncloud;
Next, create a database user named ownclouduser and set password
CREATE USER 'ownclouduser'@'localhost' IDENTIFIED BY 'new_password_here';
Then grant the user full access to the database.
GRANT ALL ON owncloud.* TO 'ownclouduser'@'localhost' WITH GRANT OPTION;
Finally, save your changes and exit.
FLUSH PRIVILEGES; EXIT;
How to download ownCloud on Ubuntu
We are ready to download ownCloud and start configuring it. First, run the following commands to download the latest version of ownCloud from your repository.
Then extract the downloaded content to the root directory of Nginx. This will create a folder called owncloud.
wget https://download.owncloud.org/community/owncloud-complete-20210721.zip -P /tmp sudo unzip /tmp/owncloud-complete-20210721.zip -d /var/www
Then run the command below to allow www-data user to own the new owncloud directory.
sudo chown -R www-data:www-data /var/www/owncloud/ sudo chmod -R 755 /var/www/owncloud/
How to configure Nginx for ownCloud
We have downloaded the content from ownCloud into a new folder that we call ownCloud. Now, let’s configure Nginx to create a new server block to use with our ownCloud website. You can create so many server blocks with Nginx.
To do that, run the following commands to create a new configuration file called owncloud.conf at / etc / nginx / sites-available / directory to host our ownCloud server block.
sudo nano /etc/nginx/sites-available/owncloud.conf
In the archive, copy and paste the content below in the archive and save it.
upstream php-handler {
server unix:/var/run/php/php7.4-fpm.sock;
}
server {
listen 80;
listen [::]:80;
root /var/www;
index index.php index.html index.htm;
server_name example.com;
location ^~ /owncloud {
client_max_body_size 512M;
fastcgi_buffers 8 4K;
fastcgi_ignore_headers X-Accel-Buffering;
gzip off;
error_page 403 /owncloud/core/templates/403.php;
error_page 404 /owncloud/core/templates/404.php;
location /owncloud {
rewrite ^ /owncloud/index.php$uri;
}
location ~ ^/owncloud/(?:build|tests|config|lib|3rdparty|templates|changelog|data)/ {
return 404;
}
location ~ ^/owncloud/(?:.|autotest|occ|issue|indie|db_|console|core/skeleton/) {
return 404;
}
location ~ ^/owncloud/core/signature.json {
return 404;
}
location ~ ^/owncloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[sm]-provider/.+|core/templates/40[34]).php(?:$|/) {
fastcgi_split_path_info ^(.+.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param modHeadersAvailable true;
fastcgi_read_timeout 180;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^/owncloud/(?:updater|oc[sm]-provider)(?:$|/) {
try_files $uri $uri/ =404;
index index.php;
}
# Adding the cache control header for js and css files
# Make sure it is BELOW the PHP block
location ~ /owncloud/.*.(?:css|js) {
try_files $uri /owncloud/index.php$uri$is_args$args;
add_header Cache-Control "max-age=15778463" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Robots-Tag "none" always;
add_header X-Download-Options "noopen" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
access_log off;
}
location ~ /owncloud/.*.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg|map|json) {
try_files $uri /owncloud/index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=7200" always;
access_log off;
}
}
}
Save the file and close.
After saving the old file, run the following commands to enable the new file that contains our ownCloud server block, as well as other important Nginx modules.
Restart Nginx after that.
sudo ln -s /etc/nginx/sites-available/owncloud.conf /etc/nginx/sites-enabled/
Reload Nginx when you have done the above configuration.
sudo systemctl restart nginx.service
Now that ownCloud is downloaded and the necessary services are configured, open your browser and start the ownCloud installation by visiting the domain name or IP address of your server followed by / owncloud :
http://example.com/owncloud
However, we want to make sure our server is protected with free Let’s Encrypt SSL certificates. So, continue below to learn how to generate Let’s Encrypt SSL certificate for websites.
How to configure Let’s Encrypt for ownCloud
We have written an excellent post on how to generate and manage Let’s Encrypt SSL certificates for the Nginx web server. You can use that post to apply here for your ownCloud website.
To read the post on how to generate Let’s Encrypt SSL certificates for the website, click the link below:
How to set up Let’s Encrypt on Ubuntu Linux with Nginx
If you managed to generate a Let’s Encrypt SSL certificate, you need to reopen the server block for our ownCloud website by running the following commands.
sudo nano /etc/nginx/sites-available/owncloud.conf
The new ownCloud server block settings should look similar to the following line. Take notes on the highlighted lines.
- The first server block listens on port 80. It contains a 301 redirect to redirect HTTP to HTTPS.
- The second server block listens on port 443. It contains a 301 redirect to redirect www to a domain other than www.
upstream php-handler { server unix:/var/run/php/php7.4-fpm.sock; } server { listen 80; listen [::]:80; root /var/www; index index.php index.html index.htm; server_name example.com www.example.com; include snippets/well-known.conf; return 301 https://$host$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; root /var/www; index index.php index.html index.htm; server_name www.example.com; ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains"; include snippets/well-known.conf; return 301 https://example.com$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; root /var/www; index index.php index.html index.htm; server_name example.com; ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:50m; ssl_session_timeout 1d; ssl_session_tickets off; ssl_stapling on; ssl_stapling_verify on; resolver 8.8.8.8 8.8.4.4 valid=300s; resolver_timeout 30s; ssl_dhparam /etc/ssl/certs/dhparam.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains"; location / { return 301 https://$server_name:443$request_uri; } location ^~ /owncloud { client_max_body_size 512M; fastcgi_buffers 8 4K; fastcgi_ignore_headers X-Accel-Buffering; gzip off; error_page 403 /owncloud/core/templates/403.php; error_page 404 /owncloud/core/templates/404.php; location /owncloud { rewrite ^ /owncloud/index.php$uri; } location ~ ^/owncloud/(?:build|tests|config|lib|3rdparty|templates|changelog|data)/ { return 404; } location ~ ^/owncloud/(?:.|autotest|occ|issue|indie|db_|console|core/skeleton/) { return 404; } location ~ ^/owncloud/core/signature.json { return 404; } location ~ ^/owncloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[sm]-provider/.+|core/templates/40[34]).php(?:$|/) { fastcgi_split_path_info ^(.+.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param HTTPS on; fastcgi_param modHeadersAvailable true; fastcgi_read_timeout 180; fastcgi_pass php-handler; fastcgi_intercept_errors on; fastcgi_request_buffering off; } location ~ ^/owncloud/(?:updater|oc[sm]-provider)(?:$|/) { try_files $uri $uri/ =404; index index.php; } # Adding the cache control header for js and css files # Make sure it is BELOW the PHP block location ~ /owncloud/.*.(?:css|js) { try_files $uri /owncloud/index.php$uri$is_args$args; add_header Cache-Control "max-age=15778463" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-Protection "1; mode=block" always; add_header X-Robots-Tag "none" always; add_header X-Download-Options "noopen" always; add_header X-Permitted-Cross-Domain-Policies "none" always; access_log off; } location ~ /owncloud/.*.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg|map|json) { try_files $uri /owncloud/index.php$uri$is_args$args; add_header Cache-Control "public, max-age=7200" always; access_log off; } } }
Save the file above, then restart Nginx and PHP using the commands below.
sudo systemctl reload nginx
Finally, if everything went according to plan, you should be able to start the ownCloud setup wizard by navigating to the server’s hostname or IP address via HTTPS.
https://example.com/owncloud
An ownCloud setup wizard should appear. Follow the wizard to complete the setup.
- Create an administrator account and password
- leave the default data folder
- Select MySQL / MariaDB
- Enter the database username
- Enter the password of the database user
- Enter the name of the database
- Leave the database host as local host if ownCloud and the database server are on the same host.
Click Finish setup
Wait for the configuration to complete. Then log in and start setting up your environment.
You should do that!
Conclusion:
In this tutorial we have seen how to configure ownCloud on Ubuntu Linux with Nginx and Let’s Encrypt. If you find any errors above or have something to add, use the comment form below.