最後更新: 2020-09-23
目錄
- Install
- php-fpm Settings
- owncCloud 設定
- Nginx Settings
- Enable Maintenance Mode
- Logs
- occ command
- Defining Background Jobs(cron)
- User Group
- Android Client
- Upload to ownCloud
- owncloud/.htaccess
- Config.php
- Login By IMAP Auth
- Updata File System Tree
- Disable Update Notifications
- Troubleshoot
- Integrity File Check
- Directory Permissions
- SQL Table
Install
PHP Version
- OwnCloud 10.14 -> PHP 7.4
Apache module
- mod_headers
- mod_env
- mod_dir
- mod_mime
- mod_unique_id
Get package
wget https://download.owncloud.com/server/stable/owncloud-10.13.4.tar.bz2
tar -jxf owncloud-10.13.4.tar.bz2
mv owncloud public_html
ln -s /usr/bin/php74 /usr/bin/php
Install ownCloud CLI
cd public_html
mkdir data/ apps/ apps-external/ config/
chmod 770 data/ apps/ apps-external/ config/ -R
chown apache: data/ apps/ apps-external/ config/ -R
./occ maintenance:install \
--database "mysql" \
--database-name "owncloud" \
--database-user "owncloud" \
--database-pass "password" \
--data-dir "/var/www/owncloud/data" \
--admin-user "admin" \
--admin-pass "admin"
ownCloud was successfully installed
./occ status
- installed: true - first_install_version: 10.13.4.1 - version: 10.13.4.1 - versionstring: 10.13.4 - edition: Community
Trusted Domains
config.php
'trusted_domains' => [ 0 => 'localhost', 1 => 'server1.example.com', 2 => '192.168.1.50', ],
php-fpm Settings
/etc/php5/fpm/php.ini
upload_max_filesize = 40M post_max_size = 50M
owncCloud 設定
Config File
/etc/owncloud/config.php
# SQLite handles multiple users very badly SQLite is only recommended for single user * It is not necessary to create a database and a database user "dbtype" => "sqlite", "dbname" => "owncloud", "datadirectory" => "/www/htdocs/owncloud/data",
chmod 644 /etc/owncloud/config.php
在新 Version 要設定 trusted_domains
owncloud/config/config.php
'trusted_domains' =>
array (
0 => 'x.x.x.x',
),
Nginx Settings
server { listen 80; server_name owncloud.datahunter.org; return 301 https://$server_name$request_uri; # enforce https } server { listen 8443 ssl; server_name owncloud.datahunter.org; ssl_certificate /etc/nginx/certs/owncloud.crt; ssl_certificate_key /etc/nginx/certs/owncloud.key; # Path to the root of your installation root /var/www/; client_max_body_size 1G; # set max upload size fastcgi_buffers 64 4K; rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; index index.php; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(data|config|\.ht|db_structure\.xml|README) { deny all; } location / { # The following 2 rules are only needed with webfinger rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; try_files $uri $uri/ index.php; } location ~ ^(.+?\.php)(/.*)?$ { try_files $1 = 404; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$1; fastcgi_param PATH_INFO $2; fastcgi_param HTTPS on; fastcgi_pass 127.0.0.1:9000; # Or use unix-socket with 'fastcgi_pass unix:/var/run/php5-fpm.sock;' } # Optional: set long EXPIRES header on static assets location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ { expires 30d; # Optional: Don't log access to assets access_log off; } }
Enable Maintenance Mode
"maintenance" => false,
Logs
data/owncloud.log
0: DEBUG
1: INFO
2: WARN
3: ERROR
Defining Background Jobs(cron)
一共有兩種 cron jobs
- Background jobs for 'cron'
- System cron jobs
Set Background job for 'cron'
# Is the same as using the Cron section on your ownCloud Admin page
sudo -u apache ./occ background:cron
System cron job
人手行一次
# -p, --progress => progress output. Default without output
sudo -u apache php ./occ system:cron -p
Executing: 7 - OCA\Files\BackgroundJob\ScanFiles 14 [----->----------------------]
sudo -u apache php occ dav:cleanup-chunks
Cleaning chunks older than 2 days(2023-11-20T08:27:47+00:00)
建立 cron job (For Apache)
crontab -u apache -e
# ownCloud cron jobs */15 * * * * /usr/bin/php -f /home/vhosts/owncloud/public_html/occ system:cron 0 2 * * * /usr/bin/php -f /home/vhosts/owncloud/public_html/occ dav:cleanup-chunks
Verify:
crontab -u apache -l
User Group
Group Administrator
- Can manage users in their groups, such as adding and removing them, and changing quota of users in the group.
- Can add new users to their groups and can manage guests.
- Can enable and disable users.
- Can impersonate users in their groups.
- Custom group creation may be restricted to group admins.
Android Client
src:
https://github.com/owncloud/android
binary:
https://f-droid.org/repository/browse/?fdfilter=owncloud&fdid=com.owncloud.android
Upload to ownCloud
ownCloud uses csync for syncing
parallel upload and download with ownCloud 7 and the ownCloud 1.6 client
“Big file chunking” is ownClouds algorithm to upload huge files to ownCloud with clients.
Filename: filename-chunking-epoch-N
Size: 5.0M
zsync
The server can keep a static list of checksums for every block specific to a version of a file
The list can for example be computed along the upload of the file to the server.
* the approach does not work very well for compressed files
owncloud/.htaccess
....................... <IfModule mod_php5.c> php_value upload_max_filesize 513M php_value post_max_size 513M php_value memory_limit 512M php_value mbstring.func_overload 0 php_value always_populate_raw_post_data -1 php_value default_charset 'UTF-8' php_value output_buffering 0 <IfModule mod_env.c> SetEnv htaccessWorking true </IfModule> </IfModule> .......................
Config.php
; All css and js files will be served by the web server statically in one js file and one css file ; mkdir /home/vhosts/files/public_html/assets ; chown www-data. /home/vhosts/files/public_html/assets 'asset-pipeline.enabled' => true, 'logtimezone' => 'Asia/Hong_Kong', 'default_language' => 'en', 'defaultapp' => 'files', 'enable_avatars' => false, 'allow_user_to_change_display_name' => false, ; 自動清垃圾 'trashbin_auto_expire' => true, 'trashbin_retention_obligation' => 30, ; 100 megabytes 'log_rotate_size' => 104857600 , ; already logged-in are kicked out of ownCloud instantly 'maintenance' => false, ; ture => 只有 "admin group" 才可以 login 'singleuser' => false,
crashdirectory
'crashdirectory' => '/var/www/owncloud/data',
不在 default 的 public_html 內
i.e.
public_html/data/crash-2023-11-22.log
hide version
hide the ownCloud version information in status.php
'version.hide' => true,
i.e. /status.php
installed true maintenance false needsDbUpgrade false version "" versionstring "" edition "" productname "" product ""
Supported languages
ls -1 settings/l10n/
'default_language' => 'zh_HK',
session lifetime
# The default is 20 minutes, expressed in seconds.
'session_lifetime' => 60 * 20,
Disable preview generation
By default, ownCloud can generate previews for the following filetypes:
- Image files
- Covers of MP3 files
- Text documents
'enable_previews' => false,
Override cli URL
Use this configuration parameter to specify the base URL for any URLs which are generated
within ownCloud using any kind of command line tools (cron or occ).
'overwrite.cli.url' => '',
Login By IMAP Auth
* You may configure additional user backends in ownCloud’s configuration config/config.php
i.e.
<?php "user_backends" => array ( 0 => array ( "class" => ..., "arguments" => array ( 0 => ... ), ), ),
Class: OC_User_IMAP
Arguments: a mailbox string as defined in the PHP documentation
Dependency: php-imap (See Manual Installation on Linux)(http://www.php.net/manual/en/function.imap-open.php)
Enable and Configure IMAP Authentication
Login to your running owncloud configuration as an administrator
Enable the app named "External user support"
Note: "External user support" is included with owncloud as an "Internal app".
Edit <owncloud>/config/config.php
Remove "/novalidate-cert" if your chosen mail server uses a signed SSL certificate):
Table: oc_users_extenal
'user_backends' => array ( 0 => array ( 'class' => 'OC_User_IMAP', 'arguments' => array ( 0 => '{[mail.yourdomain.com]:993/imap/ssl/novalidate-cert}', ), ), ),
Troubleshoot
U14.04
T1: log: owncloud.log
{"reqId":"w0gDQplLAOvw10Q4x\/AO","remoteAddr":"192.168.123.200","app":"user_external","message":"ERROR: PHP imap extension is not installed","level":3,"time":"2016-01-06T08:05:51+00:00"}
apt-get install php5-imap
php5enmod imap
service apache2 restart
T2: log: owncloud.log
Jan 06 16:09:31 auth: Debug: auth client connected (pid=8844)
Jan 06 16:09:31 imap-login: Info: Disconnected (no auth attempts): rip=192.168.123.12, lip=192.168.123.251, TLS handshaking: SSL_accept() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48
/notls do not do start-TLS to encrypt the session, even with servers that support it
Updata File System Tree
1) Copy your files:
*** You may have to set the permissions of your folder and contents to (drwxr-xr-x)
/<owncloud directory>/data/<your user>/files/
2) Make apache the owner and group for all files and files/sub-folders:
chown -R apache:apache <Your folder of files and other folders>
3) Empty the 'oc_fscache' Table:
TRUNCATE `oc_filecache`;
Disable Update Notifications
# disable owncloud update notification
'updatechecker' => false,
Troubleshoot
Q1: {"app":"core","message":"setting locale to en_US.UTF-8\/en_US.UTF8 failed. Support is probably not installed on your system","level":3,"time":1398851032}
A1: apt-get install php5-intl
Q2: {"app":"core","message":"User backend OC_User_IMAP not found.","level":3,"time":1398851097}
A2: 因為 config.php 有以下設定
'user_backends' => array ( 0 => array ( 'class' => 'OC_User_IMAP', 'arguments' => array ( 0 => '{imap.gmail.com:993/imap/ssl}INBOX', ), ), ),
Integrity File Check
occ files:checksums:verify
Get all checksums in filecache and compares them by recalculating the checksum of the file.
occ files:scan
files:scan [options] [--] [<user_id>]...
Rescans the filesystem.
- Scans for new files.
- Scans not fully scanned files.
- Repairs file cache holes.
- Updates the file cache.
File scans can be performed per-user, for a space-delimited list of users, for groups of users, and for all users.
- --all
- -g --groups=[GROUP]
- --repair
- --unscanned Only scan files which are marked as not fully scanned.
Directory Permissions
# V10
Your HTTP user must own the config/, data/, apps-external/ and apps/ directories
chmod 770 data/ apps/ apps-external/ config/ -R
chown apache: data/ apps/ apps-external/ config/ -R
SQL Table
oc_users: uid, displayname, password
oc_preferences: userid, appid, configkey, configvalue
oc_group_user: gid, uid