[How-To] ownCloud using NGINX, PHP-FPM, and MySQL

[boricuastock]

Did you find a solution to this problem? I thought I'd update the packages in my jail, but also now face 'bad gateway' messages. To anyone reading this: do not update the jail, since it might break nginx.
Cyberjock, did you find a way to roll back to the old situation? Or did you manage to fix this issue in some other way? I'm very interested if you have ;-)

I just went through this tutorial as well. I hit a few hiccups and this was one of them (the other was pecl-APCu did not make properly without installing a dependency first!). I do have it working though. In the /usr/local/etc/php-fpm.conf also set the listen mode as shown below.

Code:

listen.owner = www
listen.group = www
listen.mode = 0660

I am pretty sure this is what allowed it to work. Nginx is showing 1.6.0 for me and since it is a new install I assume I that is the latest version that you all updated to.

 

[Joshua Parker Ruehlig]

I updated the guide on the opening pages for ownCloud 7

 

[unknownuser]

I am running into a problem when trying to do my initial setup in owncloud.

| Data directory (mnt/files) is invalid
| Please check that the data directory contains a file ".ocdata" in its root.

Before this owncloud warned me that .htaccess could not be accessed.

Here is a link to my owncloud.log on pastebin.

 

[Joshua Parker Ruehlig]

I am running into a problem when trying to do my initial setup in owncloud.

| Data directory (mnt/files) is invalid
| Please check that the data directory contains a file ".ocdata" in its root.

Before this owncloud warned me that .htaccess could not be accessed.

Here is a link to my owncloud.log on pastebin.

can you confirm if u put in '/mnt/files' or 'mnt/files'

also I heard 9.2.1.6 had a bug where mountpoints weren't being created. you may want to check this

 

[unknownuser]

can you confirm if u put in '/mnt/files' or 'mnt/files'

also I heard 9.2.1.6 had a bug where mountpoints weren't being created. you may want to check this

I had to manually create the /mnt/files folder. Thanks for your help.

 

[unknownuser]

Follow up issue: I cannot connect to my server from my owncloud client while on the LAN. I have not forwarded any ports, but I did not think I had to while inside my router. Is it possible that the jail's network is improperly configured?

 

[MuneebMufti]

excellent guide .. i upgraded for Owncloud 7 using this and didnt have any hiccups ... thumbs up to Joshua for this guide and updating it so quickly for OC7.

I have one question though. can you tell me how exactly to implement HTTP to HTTPS redirect in the nginx config file so that when i write my "routerIP/owncloud" it automatically redirects the page to HTTPS url . I have setup HTTPS using using the cyberjocks guide on page 3 of this thread.

I found this on the nginx config page on OC documentation but i am confused about few things.

"server_name"
"cloud.example.com"
"https://$server_name$request_uri"

and finally if indeed its supposed to redirect from http port 80 request to 443 HTTPS page or not and its something else. thank you.

Code:

server {
listen 80;
server_name cloud.example.com;
return 301 https://$server_name$request_uri; # enforce https
}

 

[SmallGuy]

This more relate to Nginx than FreeNAS but what you can do is the following, assuming you use the nginx configuration described in this thread, and you want redirect all the traffic. In this case server_name directive can be omitted.

Code:

server {
listen 80;
return 301 https://$server_name$request_uri; # enforce https
}

Or with server_name directive (empty string):

Code:

server {
listen 80;
Server_name "";
return 301 https://$server_name$request_uri; # enforce https
}

Following Nginx documentation both are correct.

 

[MuneebMufti]

This more relate to Nginx than FreeNAS but what you can do is the following, assuming you use the nginx configuration described in this thread, and you want redirect all the traffic. In this case server_name directive can be omitted.

Code:

server {
listen 80;
return 301 https://$server_name$request_uri; # enforce https
}

Or with server_name directive (empty string):

Code:

server {
listen 80;
Server_name "";
return 301 https://$server_name$request_uri; # enforce https
}

Following Nginx documentation both are correct.

Thank you for clearing that up ..... and may i suggest for Joshua to correct a mistake in first page post . The destination for storage in jail, pathway should be /var/db/mysql and not /var/db/myql

Can anyone comment on the config.php setting for libreoffice previews in OC7. I did install libreoffice following the guide on first page but its not linked in config file and no directions were provided for it. Pressing edit button doesn't do anything . according to owncloud documentation

You can set a custom path for the LibreOffice binary. If LibreOffice is not yet available on your system, you can also use OpenOffice instead.

<?php
'preview_libreoffice_path' => '/usr/bin/libreoffice',

 

[BanditBBS]

What am I missing here? When I do this:

Code:

make install clean -C /usr/ports/devel/pecl-APCu

I get a prompt asking if I want to use some debugger and then regardless of what I choose it comes back to the cli and I get prompted for a file to patch.

Others are doing this fine, so I am sure I'm screwing something up, but just can see what. Any hints?

 

[MuneebMufti]

What am I missing here? When I do this:

Code:

make install clean -C /usr/ports/devel/pecl-APCu

I get a prompt asking if I want to use some debugger and then regardless of what I choose it comes back to the cli and I get prompted for a file to patch.

Others are doing this fine, so I am sure I'm screwing something up, but just can see what. Any hints?

I got the exact same thing. it want to patch a package m4 asks where the file is.... then fails ... just do it once and move on to rest of the steps. owncloud works just fine even with this error

 

[Joshua Parker Ruehlig]

you can also just force HTTPS from the admin page in owncloud (no nginx changes needed) but you need to make sure php is being passed the HTTPS variable correctly.

thanks, I'll fix the mistype.

as for the compilation errors, the ports tree doesn't always work 100% for everything so you may need to just 'pkg install m4' or whatever dependency is not compiling

 

[MuneebMufti]

you can also just force HTTPS from the admin page in owncloud (no nginx changes needed) but you need to make sure php is being passed the HTTPS variable correctly.

thanks, I'll fix the mistype.

as for the compilation errors, the ports tree doesn't always work 100% for everything so you may need to just 'pkg install m4' or whatever dependency is not compiling

Thank you for the reply. Yes i have enforce HTTPS checked in owncloud settings. What I wanted to do was to make a redirect of http to https when just "jailip/owncloud" is written in URL bar.

Secondly do we need to provide path in the owncloud config file to libreoffice as written in its documentation or just installing it, it should work out of the box ? I am confused about this.

 

[Joshua Parker Ruehlig]

Thank you for the reply. Yes i have enforce HTTPS checked in owncloud settings. What I wanted to do was to make a redirect of http to https when just "jailip/owncloud" is written in URL bar.

Secondly do we need to provide path in the owncloud config file to libreoffice as written in its documentation or just installing it, it should work out of the box ? I am confused about this.

you don't need to do anything in addition to my guide. if you follow my guide you set php-fpm's path in it's config.

 

[MuneebMufti]

you don't need to do anything in addition to my guide. if you follow my guide you set php-fpm's path in it's config.

okay thank you for the quick response

 

[dasti]

Hi Joshua !
do you have any interesting readings/links about your choices for performance NGINX, PHP-FPM, and MySQL ? (I'd like to improve my knowledge a bit on that)

And by the way, I'm very new to freenas and even more to owncloud but, using your guide, I managed to install it on the first try without any problem (and the official plugin doesn't want to start)
thank you, great job !

 

[cyberjock]

dasti,

The Owncloud forums, IRC, and documentation may have some info on that.

 

[norskman]

The commands worked well.

I wish this Owncloud setup was a sticky.
It has become a bit dis-jointed -
It would be better if this was a single set of instructions. Then comments could be made elsewhere and the document updated as we move along.

 

[norskman]

I keep getting an Error 504 - Gatewy timeout when trying to access the 'apps' when logged in as admin.

This seems to be a known error, I followed the instructions here on how to install Owncloud V7.00 so can't really see why I am getting this error.
I do have proper Internet access - I loaded all of the sw into the jail correctly to make Owncloud V7 work so I know it has full access to the internet.
I did not add SSL access yet - for fear of screwing up something else.

Not sure how to go about debugging this though.

 

[Cosmo_Kramer]

Thanks for the guide Joshua. I tweaked the nginx config to:
Work with SSL
Use Owncloud's error pages
Have /usr/local/www/owncloud be the server root (I changed the location statements to reflect this change)

Here it is:

Code:

## Change the following line to match the number of threads you have ###
worker_processes 4;

events {
    worker_connections  1024;
}

http {
    include      mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    access_log  logs/access.log  main;
    sendfile        off;
    #keepalive_timeout  0;
    keepalive_timeout  65;
    gzip off;

    #SSL
    ssl_session_cache    shared:SSL:10m;
    ssl_session_timeout  10m;
    ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
    ssl_prefer_server_ciphers   on;
    ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;

    server {
        listen 80;
        ### Change the following two lines to match your environment ###
        server_name example.com;
        return 301 https://example.com$request_uri;
        add_header X-Frame-Options "SAMEORIGIN"; # Prevent Clickjacking
    }

    server {
        listen 443 ssl;
        ## Change the following line to match your environment ###
        server_name example.com;
        root /usr/local/www/owncloud;
        add_header X-Frame-Options "SAMEORIGIN"; # Prevent Clickacking

        ## Change the following lines to match your environment ###
        # SSL Settings
        ssl_certificate /usr/local/etc/nginx/certs/example.com.pem;
        ssl_certificate_key /usr/local/etc/nginx/certs/server.key;
        add_header Strict-Transport-Security "max-age=16070400; includeSubdomains"; # Force the use of SSL

        error_page 403 = /core/templates/403.php;
        error_page 404 = /core/templates/404.php;

        rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
        rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
        rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;

        location = /robots.txt { allow all; access_log off; log_not_found off; }
        location = /favicon.ico { access_log off; log_not_found off; }

        location ^~ / {
            index index.php;
            try_files $uri $uri/ /index.php?$args;
            client_max_body_size 2048M;

            location ~ ^/(?:\.|data|config|db_structure\.xml|README) {
                deny all;
            }

            location ~ \.php(?:$|/) {
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass unix:/var/run/php-fpm.sock;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param PATH_INFO $fastcgi_path_info;
                include fastcgi_params;
                fastcgi_param MOD_X_ACCEL_REDIRECT_ENABLED on;
            }

            location ~* \.(?:jpg|gif|ico|png|css|js|svg)$ {
                expires max; add_header Cache-Control public;
            }

            location ^~ /data {
                internal;
                ## Change the following line to match your environment ###
                alias /mnt/owncloudstorage;
            }
        }
    }
}