最後更新: 2020-09-23
目錄
- Install
- php-fpm Settings
- owncCloud 設定
- Nginx Settings
- Enable Maintenance Mode
- Logs
- occ command
- Defining Background Jobs(cron)
- User Group
- Android Client
- Upload to ownCloud
- owncloud/.htaccess
- Login By IMAP Auth
- Updata File System Tree
- Disable Update Notifications
- Troubleshoot
- Integrity File Check
- Directory Permissions
- SQL Table
Install
PHP Version
- OwnCloud 10.14 -> PHP 7.4
Apache module
- mod_headers
- mod_env
- mod_dir
- mod_mime
- mod_unique_id
Install Packages (PHP & Apache)
# Recommended Packages
apt install -y openssl unzip bzip2 rsync curl jq inetutils-ping wget net-tools
apt install -y apache2
apt install -y libapache2-mod-php php-common\
php-curl php-gd php-gmp php-bcmath \
php-intl php-json php-mbstring php-mysql php-ssh2 php-xml \
php-zip php-phpseclib php-imagick
# 要用 cache 時就要安它們
apt install -y redis-server php-redis
# 當 DB 不在本地時
apt install mariadb-server
# 非必要
php-imap php-apcu
Get package
wget https://download.owncloud.com/server/stable/owncloud-10.13.4.tar.bz2
tar -jxf owncloud-10.13.4.tar.bz2
mv owncloud public_html
ln -s /usr/bin/php74 /usr/bin/php
Install ownCloud CLI
cd public_html
mkdir data/ apps/ apps-external/ config/
chmod 770 data/ apps/ apps-external/ config/ -R
chown apache: data/ apps/ apps-external/ config/ -R
./occ maintenance:install \
--database "mysql" \
--database-name "owncloud" \
--database-user "owncloud" \
--database-pass "password" \
--data-dir "/var/www/owncloud/data" \
--admin-user "admin" \
--admin-pass "admin"
ownCloud was successfully installed
./occ status
- installed: true - first_install_version: 10.13.4.1 - version: 10.13.4.1 - versionstring: 10.13.4 - edition: Community
Trusted Domains
config.php
'trusted_domains' => [ 0 => 'localhost', 1 => 'server1.example.com', 2 => '192.168.1.50', ],
Apache Config
FILE="/etc/apache2/sites-available/owncloud.conf" cat <<EOM >$FILE <VirtualHost *:80> # uncommment the line below if variable was set #ServerName $my_domain DirectoryIndex index.php index.html DocumentRoot /var/www/owncloud <Directory /var/www/owncloud> Options +FollowSymlinks -Indexes AllowOverride All Require all granted <IfModule mod_dav.c> Dav off </IfModule> SetEnv HOME /var/www/owncloud SetEnv HTTP_HOME /var/www/owncloud </Directory> </VirtualHost> EOM
a2dissite 000-default
a2ensite owncloud.conf
a2enmod dir env headers mime rewrite setenvif
systemctl restart apache2
occ Helper Script
FILE="/usr/local/bin/occ" cat <<EOM >$FILE #! /bin/bash cd /var/www/owncloud sudo -E -u www-data /usr/bin/php /var/www/owncloud/occ "\$@" EOM
chmod +x $FILE
php-fpm Settings
/etc/php5/fpm/php.ini
upload_max_filesize = 40M post_max_size = 50M
owncCloud 設定
Config File
/etc/owncloud/config.php
# SQLite handles multiple users very badly SQLite is only recommended for single user * It is not necessary to create a database and a database user "dbtype" => "sqlite", "dbname" => "owncloud", "datadirectory" => "/www/htdocs/owncloud/data",
chmod 644 /etc/owncloud/config.php
在新 Version 要設定 trusted_domains
owncloud/config/config.php
'trusted_domains' =>
array (
0 => 'x.x.x.x',
),
Nginx Settings
server { listen 80; server_name owncloud.datahunter.org; return 301 https://$server_name$request_uri; # enforce https } server { listen 8443 ssl; server_name owncloud.datahunter.org; ssl_certificate /etc/nginx/certs/owncloud.crt; ssl_certificate_key /etc/nginx/certs/owncloud.key; # Path to the root of your installation root /var/www/; client_max_body_size 1G; # set max upload size fastcgi_buffers 64 4K; rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; index index.php; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(data|config|\.ht|db_structure\.xml|README) { deny all; } location / { # The following 2 rules are only needed with webfinger rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; try_files $uri $uri/ index.php; } location ~ ^(.+?\.php)(/.*)?$ { try_files $1 = 404; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$1; fastcgi_param PATH_INFO $2; fastcgi_param HTTPS on; fastcgi_pass 127.0.0.1:9000; # Or use unix-socket with 'fastcgi_pass unix:/var/run/php5-fpm.sock;' } # Optional: set long EXPIRES header on static assets location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ { expires 30d; # Optional: Don't log access to assets access_log off; } }
Enable Maintenance Mode
"maintenance" => false,
Logs
data/owncloud.log
0: DEBUG
1: INFO
2: WARN
3: ERROR
Log Rotation
FILE="/etc/logrotate.d/owncloud" cat <<EOM >$FILE /var/www/owncloud/data/owncloud.log { size 10M rotate 12 copytruncate missingok compress compresscmd /bin/gzip } EOM
Defining Background Jobs(cron)
一共有兩種 cron jobs
- Background jobs for 'cron'
- System cron jobs
Set Background job for 'cron'
# Is the same as using the Cron section on your ownCloud Admin page
sudo -u apache ./occ background:cron
System cron job
人手行一次
# -p, --progress => progress output. Default without output
sudo -u apache php ./occ system:cron -p
Executing: 7 - OCA\Files\BackgroundJob\ScanFiles 14 [----->----------------------]
sudo -u apache php occ dav:cleanup-chunks
Cleaning chunks older than 2 days(2023-11-20T08:27:47+00:00)
建立 cron job (For Apache)
crontab -u apache -e
# ownCloud cron jobs */15 * * * * /usr/bin/php -f /home/vhosts/owncloud/public_html/occ system:cron 0 2 * * * /usr/bin/php -f /home/vhosts/owncloud/public_html/occ dav:cleanup-chunks
Verify:
crontab -u apache -l
User Group
Group Administrator
- Can manage users in their groups, such as adding and removing them, and changing quota of users in the group.
- Can add new users to their groups and can manage guests.
- Can enable and disable users.
- Can impersonate users in their groups.
- Custom group creation may be restricted to group admins.
Android Client
src:
https://github.com/owncloud/android
binary:
https://f-droid.org/repository/browse/?fdfilter=owncloud&fdid=com.owncloud.android
Upload to ownCloud
ownCloud uses csync for syncing
parallel upload and download with ownCloud 7 and the ownCloud 1.6 client
“Big file chunking” is ownClouds algorithm to upload huge files to ownCloud with clients.
Filename: filename-chunking-epoch-N
Size: 5.0M
zsync
The server can keep a static list of checksums for every block specific to a version of a file
The list can for example be computed along the upload of the file to the server.
* the approach does not work very well for compressed files
owncloud/.htaccess
# Ver. 10 的 .htaccess 會更改 upload_max_filesize, post_max_size, memory_limit !!
<IfModule mod_php7.c> php_value upload_max_filesize 513M php_value post_max_size 513M php_value memory_limit 512M php_value mbstring.func_overload 0 php_value default_charset 'UTF-8' php_value output_buffering 0 <IfModule mod_env.c> SetEnv htaccessWorking true </IfModule> </IfModule>
Login By IMAP Auth
* You may configure additional user backends in ownCloud’s configuration config/config.php
e.g.
<?php "user_backends" => array ( 0 => array ( "class" => ..., "arguments" => array ( 0 => ... ), ), ),
Class: OC_User_IMAP
Arguments: a mailbox string as defined in the PHP documentation
Dependency: php-imap (See Manual Installation on Linux)(http://www.php.net/manual/en/function.imap-open.php)
Enable and Configure IMAP Authentication
Login to your running owncloud configuration as an administrator
Enable the app named "External user support"
Note: "External user support" is included with owncloud as an "Internal app".
Edit <owncloud>/config/config.php
Remove "/novalidate-cert" if your chosen mail server uses a signed SSL certificate):
Table: oc_users_extenal
'user_backends' => array ( 0 => array ( 'class' => 'OC_User_IMAP', 'arguments' => array ( 0 => '{[mail.yourdomain.com]:993/imap/ssl/novalidate-cert}', ), ), ),
Troubleshoot
U14.04
T1: log: owncloud.log
{"reqId":"w0gDQplLAOvw10Q4x\/AO","remoteAddr":"192.168.123.200","app":"user_external","message":"ERROR: PHP imap extension is not installed","level":3,"time":"2016-01-06T08:05:51+00:00"}
apt-get install php5-imap
php5enmod imap
service apache2 restart
T2: log: owncloud.log
Jan 06 16:09:31 auth: Debug: auth client connected (pid=8844)
Jan 06 16:09:31 imap-login: Info: Disconnected (no auth attempts): rip=192.168.123.12, lip=192.168.123.251, TLS handshaking: SSL_accept() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48
/notls do not do start-TLS to encrypt the session, even with servers that support it
Updata File System Tree
1) Copy your files:
*** You may have to set the permissions of your folder and contents to (drwxr-xr-x)
/<owncloud directory>/data/<your user>/files/
2) Make apache the owner and group for all files and files/sub-folders:
chown -R apache:apache <Your folder of files and other folders>
3) Empty the 'oc_fscache' Table:
TRUNCATE `oc_filecache`;
Disable Update Notifications
# disable owncloud update notification
'updatechecker' => false,
Troubleshoot
Q1: {"app":"core","message":"setting locale to en_US.UTF-8\/en_US.UTF8 failed. Support is probably not installed on your system","level":3,"time":1398851032}
A1: apt-get install php5-intl
Q2: {"app":"core","message":"User backend OC_User_IMAP not found.","level":3,"time":1398851097}
A2: 因為 config.php 有以下設定
'user_backends' => array ( 0 => array ( 'class' => 'OC_User_IMAP', 'arguments' => array ( 0 => '{imap.gmail.com:993/imap/ssl}INBOX', ), ), ),
Q3: Upload 大 file 會 fail
A3: 因為完成 upload 後會 access .file 的 link
e.g.
https://DOMAIN/owncloud/remote.php/dav/uploads/USER/web-file-upload-ID/.file
Integrity File Check
occ files:checksums:verify
Get all checksums in filecache and compares them by recalculating the checksum of the file.
occ files:scan
files:scan [options] [--] [<user_id>]...
Rescans the filesystem.
- Scans for new files.
- Scans not fully scanned files.
- Repairs file cache holes.
- Updates the file cache.
File scans can be performed per-user, for a space-delimited list of users, for groups of users, and for all users.
- --all
- -g --groups=[GROUP]
- --repair
- --unscanned Only scan files which are marked as not fully scanned.
Directory Permissions
# V10
Your HTTP user must own the config/, data/, apps-external/ and apps/ directories
chmod 770 data/ apps/ apps-external/ config/ -R
chown apache: data/ apps/ apps-external/ config/ -R
SQL Table
oc_users: uid, displayname, password
oc_preferences: userid, appid, configkey, configvalue
oc_group_user: gid, uid