WebMail 
LiveChat 
Install ownCloud with SSL and Nginx in CentOS 6.5
Version: 3.0
Author: Aaron
CentOS has upgraded a lot packages, and the post that I’ve wrote 1 year ago no longer works in CentOS 6.5 updated up-to-date.if(typeof __ez_fad_position != ‘undefined’){__ez_fad_position(‘div-gpt-ad-howtoforge_com-medrectangle-3-0’)};
I did a research and it looks like this will be the first tutorial in 2014 how to install owncloud in centos with nginx, postgresql and ssl. You ain’t gonna find CentOS and owncloud installation with nginx nowadays, because most people don’t know how to resolve simple issues.
My server was affected and this is the reason that made me to write this post today.
The packages in the EPEL and CentOS repos are obsolete, while nginx, postgresql and owncloud requires bit newer packages. You’ll just stay at the log-in page without getting access to your files, being left to scratch your head and asking yourself wtf just happened. The log files won’t show you where the issue comes from nor the owncloud itself.
The owncloud requirements are
PostgreSQL >= 9.0, but in EPEL is 8.8, it requires php 5.3.3 as minimum but it does not works with that version, also all of these newer packages will require latest stable nginx version.
The first thing that we should do is to remove all mysql libraries.
yum remove mysql* mysql-server mysql-devel mysql-libs
As usual, we will install 3rd party repos, such as epel, remi and the new one: latest postgresql
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpmif(typeof __ez_fad_position != ‘undefined’){__ez_fad_position(‘div-gpt-ad-howtoforge_com-medrectangle-4-0’)};
rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
rpm -ivh http://yum.postgresql.org/9.3/redhat/rhel-6-i386/pgdg-centos93-9.3-1.noarch.rpm
Edit the epel repository and make sure that the top is enabled=1
vi /etc/yum.repos.d/epel.repo
Do the same with the remi repo, but make sure to enable php version 5.6,
vi /etc/yum.repos.d/remi.repo
Create a nginx repo configuration file
vi /etc/yum.repos.d/nginx.repo
and add:
[nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=0 enabled=1
Update your CentOS server in order to add those 3rd party repos
yum update
Install the following packages in order to satisfy the owncloud requirements:
yum install nginx postgresql93 postgresql93-libs postgresql93-server wget php-fpm php-gd php-ldap php-pear php-xml php-xmlrpc php-magickwand php-magpierss php-mbstring php-mcrypt php-shout php-snmp php-soap php-tidy php-pgsql php-pdo
Start the PostgreSQL, start nginx temporary and add it to system startup services with chkconfig
service postgresql-9.3 initdb
service postgresql-9.3 start
chkconfig postgresql-9.3 on
service nginx start
chkconfig nginx on
service nginx stop
Create new PostgreSQL user and database.
su – -c “psql” postgres
CREATE USER cloud WITH PASSWORD ‘userpass’;
CREATE DATABASE cloudbase OWNER cloud ENCODING ‘UTF8’;
GRANT ALL PRIVILEGES ON DATABASE cloudbase TO cloud;
\q
Check and remember your timezone
cat /etc/sysconfig/clock
Edit the php configuration file
vi /etc/php.ini
# search for post_max_size and make it
post_max_size = 2G
# search for cgi.fix_pathinfo, uncomment it and make it
cgi.fix_pathinfo = 0
# search for upload_max_filesize and make it
upload_max_filesize = 2G
# search for date.timezone, uncomment it and make it
date.timezone = “your/timezone”
Edit the php-fpm configuration file in order to use tcp instead unix socket
vi /etc/php-fpm.d/www.conf
Make sure that listen is not pointing /var/run/php-fpm/php-fpm.sock
listen = 127.0.0.1:9000
Start the php-fpm service
chkconfig php-fpm on
service php-fpm start
Edit the postgresql config file to allow password logins:
vi /var/lib/pgsql/9.3/data/pg_hba.conf
and change ident with password – notice the cursor in the following picture:
Restart the postgresql database service postgresql-9.3 restart
Create empty folder where we will store our SSL certs
cd /etc/nginx
mkdir -p cert
If you are familiar with apache virtual hosts, then the next file that you will have to create is exactly that.
cd conf.d
vi cloud.conf
upstream php-handler {
server 127.0.0.1:9000;
#server unix:/var/run/php5-fpm.sock;
}
server {
listen 80;
server_name 10.10.10.110; # replace with your domain name or internal server ip
return 301 https://$server_name$request_uri; # enforce https
}
server {
listen 443 ssl;
server_name 10.10.10.110; # replace with your domain name or internal server ip
ssl_certificate /etc/nginx/cert/server.crt;
ssl_certificate_key /etc/nginx/cert/server.key;
# Path to the root of your installation
root /var/www/owncloud/;
client_max_body_size 10G; # set max upload size
fastcgi_buffers 64 4K;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
location / {
# The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ index.php;
}
location ~ ^(.+?\.php)(/.*)?$ {
try_files $1 = 404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$1;
fastcgi_param PATH_INFO $2;
fastcgi_param HTTPS on;
fastcgi_pass php-handler;
}
# Optional: set long EXPIRES header on static assets
location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
# Optional: Don't log access to assets
access_log off;
}
}
I’ve uploaded that nginx configuration file to my website, so instead writing it manually just type wget http://linux.sytes.net/img/nginx1-6.conf.txt and rename it to something like cloud.conf
As you specified in the nginx “virtual host” above, our ownCloud server will be using SSL, so let’s create these certificates, shall we ?
cd ..
cd cert
openssl req -x509 -nodes -sha384 -days 3650 -newkey rsa:4096 -keyout server.key -out server.crt
chmod 600 server.key
chmod 600 server.csr
Next, download, extract the owncloud archive and set permissions for the owncloud folder. Please note that we will download the development version of owncloud.
cd /var/www
wget http://download.owncloud.org/community/daily/owncloud-daily-master.tar.bz2
tar xjf owncloud-daily-master.tar.bz2
mkdir -p owncloud/data
chmod 770 owncloud/data
chmod 777 owncloud/config/
chown -R root:apache owncloud
rm -rf owncloud-daily-master.tar.bz2
Allow incomming tcp connections to your server ports: 80 and 443. If you or someone else call your server internal ip it will be redirected to https://yourserverinternalip, because you specified that in the nginx “virtual host” earlier.
iptables -I INPUT 4 -p tcp -d 10.10.10.110 –dport 80 -j ACCEPT
iptables -I INPUT 4 -p tcp -d 10.10.10.110 –dport 443 -j ACCEPT
service iptables save
service iptables restart
Restart PostgreSQL for last time, and start nginx with the newer configuration:
service postgresql-9.3 restart
service nginx start
That’s all, open up your browser and point your server ip. Choose whatever log-in name and password you like.
