Elektroda.pl
Elektroda.pl
X
Relpol
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Serwer OwnCloud - instalacja na Ubuntu Server 14.04.

bundy81 26 Sie 2016 10:47 1416 7
  • #1 26 Sie 2016 10:47
    bundy81
    Poziom 11  

    Witam.

    Próbuję postawić server Owncloud na Ubuntu Server 14.04. Aktualnie korzystam z tego poradnika: https://www.techandme.se/installation/
    ale utknąłem na punkcie 26. Ściągnąłem skrypt i go uruchomiłem, nie wiem czy miałem coś w nim zmieniać czy nie? I co dalej? :(

    Wpisuję w konsoli: nano /path-to-script/setup_secure_permissions_owncloud.sh
    ale plik jest pusty.

    0 7
  • Relpol
  • #2 27 Sie 2016 19:28
    Epic
    Poziom 27  

    1. Czytamy ze zrozumieniem. Fakt, że w autor tutoriala mógł to inaczej napisać to /path-to-scripts/ jest zmienną i zależną od instalacji lokalizacją skryptu. Ów skrypt powinien się znajdować w katalogu /var/scripts/
    Więc:

    Kod: bash
    Zaloguj się, aby zobaczyć kod

    2.
    bundy81 napisał:
    Sciągnąłem skrypt i go uruchomiłe, nie wiem czy miałem coś w nim zmieniać czy nie. I co dalej

    Wedle tutorialu masz zmienić użytkownika 'htuser' i 'ocpath'. Domyślnie mają one wartość odpowiednio 'www-data' i '/var/www/owncloud/', musisz sprawdzić czy na pewno sa poprawne wówczas nie musisz nic zmieniać.

    3. Tutoriale są dobre jak nie zawierają błędów i pomagają zrozumieć co się robi. Wg mnie ten podlinkowany dobry nie jest. Równie dobrze możesz korzystać z oficjalnej dokumentacji i też wklejać komendy:
    https://doc.owncloud.com/server/9.0/admin_manual/installation/command_line_installation.html

    0
  • Relpol
  • #3 28 Sie 2016 16:00
    bundy81
    Poziom 11  

    Porzuciłem owncloud na rzecz Nextcloud wkonałem wszystko w.g. tego poradnika https://www.youtube.com/watch?v=nXr_muYB6xI
    i wszystko działa.

    Cytat:

    Step 1: Login in Root
    #su -
    password:

    Step 2: Update the System
    #apt-get update

    Step 3: Install LAMP Server + PHP Extension
    #apt-get install lamp-server^
    #apt-get install libapache2-mod-php7.0 php7.0-mbstring php7.0-curl php7.0-zip php7.0-gd php7.0-mysql php7.0-mcrypt
    #apt-get install php-xml

    Step 4: Download NextCloud
    #wget https://download.nextcloud.com/server/releases/nextcloud-9.0.52.zip

    Step 5: Unzip + Permissions
    #apt-get install unzip
    #unzip nextcloud-9.0.52.zip
    #mv nextcloud /var/www/html
    #chown -R www-data:www-data /var/www/html/nextcloud

    Step 6: Configuring MariaDB for NextCloud
    #mysql_secure_installation

    Type Y for all except root password

    #mysql -u -root -p

    CREATE DATABASE nextcloud;
    GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'localhost' IDENTIFIED BY 'anand';
    FLUSH PRIVILEGES;
    exit;

    Step 7: Disable MariaDB binary logging
    #nano /etc/mysql/my.cnf
    Add the following three lines at the end:
    log-bin = /var/log/mysql/mariadb-bin
    log-bin-index = /var/log/mysql/mariadb-bin.index
    binlog_format = mixed

    Step 8: Configuring Apache Web Server
    #sudo a2enmod rewrite
    #sudo service apache2 restart
    #touch /etc/apache2/sites-available/nextcloud.conf
    #ln -s /etc/apache2/sites-available/nextcloud.conf /etc/apache2/sites-enabled/nextcloud.conf
    #nano /etc/apache2/sites-available/nextcloud.conf

    Add the following:

    <VirtualHost *:80>
    ServerAdmin admin@ubuntu
    DocumentRoot "/var/www/html/nextcloud/"
    ServerName 10.0.0.24
    ServerAlias ubuntu
    <Directory "/var/www/html/nextcloud/">
    Options FollowSymLinks
    AllowOverride All
    Order allow,deny
    allow from all
    </Directory>
    ErrorLog /var/log/apache2/your-domain.com-error_log
    CustomLog /var/log/apache2/your-domain.com-access_log common
    </VirtualHost>

    Restart the Apache web server
    #systemctl restart apache2.service



    potem w.g tego poradnika chciałem włączyć SSL aby łączyć się po https, niestety po wpisaniu w przeglądarce https://10.0.0.24 wyskakuje mi Apache2 Ubuntu Default Page

    Co jeszcze mam zmienić aby to zaskoczyło. Proszę o instrukcje :)

    Oto poradnik właczenia SSL
    Cytat:

    Enable ssl

    sudo a2enmod ssl

    Create new directory for the self signed certificate

    sudo mkdir /etc/apache2/ssl

    Create the self signed certificate and the server key that protects it, and placing both of them into the new directory

    sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/nextcloud.key -out /etc/apache2/ssl/nextcloud.crt

    Now we setup the certificate

    sudo nano /etc/apache2/sites-available/default-ssl.conf

    The lines that need changing are the following

    ServerName 10.0.0.24:443
    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/nextcloud.crt
    SSLCertificateKeyFile /etc/apache2/ssl/nextcloud.key

    Activate the new vhost

    sudo a2ensite default-ssl

    Restart apache

    0
  • #4 28 Sie 2016 16:57
    Epic
    Poziom 27  

    1. Pokaż końcową konfiguracje VirtualHost. Najpewniej musisz zmienić jeszcze wartość "DocumentRoot" w default-ssl.conf
    2. Próbowałeś wchodzić poprzez http://10.0.0.24:443 ?

    0
  • #5 28 Sie 2016 17:33
    bundy81
    Poziom 11  

    Cytat:
    <VirtualHost *:80>
    ServerAdmin admin@ubuntu
    DocumentRoot "/var/www/html/nextcloud/"
    ServerName 10.0.0.24
    ServerAlias ubuntu
    <Directory "/var/www/html/nextcloud/">
    Options FollowSymLinks
    AllowOverride All
    Order allow,deny
    allow from all
    </Directory>
    ErrorLog /var/log/apache2/your-domain.com-error_log
    ErrorLog /var/log/apache2/your-domain.com-error_log
    CustomLog /var/log/apache2/your-domain.com-access_log common

    </VirtualHost>


    Cytat:

    <IfModule mod_ssl.c>
    <VirtualHost _default_:443>
    ServerAdmin webmaster@localhost
    ServerName 10.0.0.24:443

    DocumentRoot /var/www/html

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf

    # SSL Engine Switch:
    # Enable/Disable SSL for this virtual host.
    SSLEngine on

    # A self-signed (snakeoil) certificate can be created by installing
    # the ssl-cert package. See
    # /usr/share/doc/apache2/README.Debian.gz for more info.
    # If both key and certificate are stored in the same file, only the
    # SSLCertificateFile directive is needed.
    SSLCertificateFile /etc/apache2/ssl/nextcloud.crt
    SSLCertificateKeyFile /etc/apache2/ssl/nextcloud.key

    # Server Certificate Chain:
    # Point SSLCertificateChainFile at a file containing the
    # concatenation of PEM encoded CA certificates which form the
    # certificate chain for the server certificate. Alternatively
    # the referenced file can be the same as SSLCertificateFile
    # when the CA certificates are directly appended to the server
    # certificate for convinience.




    #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
    # Certificate Authority (CA):
    # Set the CA certificate verification path where to find CA
    # certificates for client authentication or alternatively one
    # huge file containing all of them (file must be PEM encoded)
    # Note: Inside SSLCACertificatePath you need hash symlinks
    # to point to the certificate files. Use the provided
    # Makefile to update the hash symlinks after changes.
    #SSLCACertificatePath /etc/ssl/certs/
    #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt

    # Certificate Revocation Lists (CRL):
    # Set the CA revocation path where to find CA CRLs for client
    # authentication or alternatively one huge file containing all
    # of them (file must be PEM encoded)
    # Note: Inside SSLCARevocationPath you need hash symlinks
    # to point to the certificate files. Use the provided
    # Makefile to update the hash symlinks after changes.
    #SSLCARevocationPath /etc/apache2/ssl.crl/
    #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl

    # Client Authentication (Type):
    # Client certificate verification type and depth. Types are
    # none, optional, require and optional_no_ca. Depth is a
    # number which specifies how deeply to verify the certificate
    # issuer chain before deciding the certificate is not valid.
    #SSLVerifyClient require
    #SSLVerifyDepth 10
    # SSL Engine Options:
    # Set various options for the SSL engine.
    # o FakeBasicAuth:
    # Translate the client X.509 into a Basic Authorisation. This means that
    # the standard Auth/DBMAuth methods can be used for access control. The
    # user name is the `one line' version of the client's X.509 certificate.
    # Note that no password is obtained from the user. Every entry in the user
    # file needs this password: `xxj31ZMTZzkVA'.
    # o ExportCertData:
    # This exports two additional environment variables: SSL_CLIENT_CERT and
    # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
    # server (always existing) and the client (only existing when client
    # authentication is used). This can be used to import the certificates
    # into CGI scripts.
    # o StdEnvVars:
    # This exports the standard SSL/TLS related `SSL_*' environment variables.
    # Per default this exportation is switched off for performance reasons,
    # because the extraction step is an expensive operation and is usually
    # useless for serving static content. So one usually enables the
    # exportation for CGI and SSI requests only.
    # o OptRenegotiate:
    # This enables optimized SSL connection renegotiation handling when SSL
    # directives are used in per-directory context.
    #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
    SSLOptions +StdEnvVars
    </Directory>

    # SSL Protocol Adjustments:
    # The safe and default but still SSL/TLS standard compliant shutdown
    # approach is that mod_ssl sends the close notify alert but doesn't wait for
    # the close notify alert from client. When you need a different shutdown
    # approach you can use one of the following variables:
    # o ssl-unclean-shutdown:
    # This forces an unclean shutdown when the connection is closed, i.e. no
    # SSL close notify alert is send or allowed to received. This violates
    # the SSL/TLS standard but is needed for some brain-dead browsers. Use
    # this when you receive I/O errors because of the standard approach where
    # mod_ssl sends the close notify alert.
    # o ssl-accurate-shutdown:
    # This forces an accurate shutdown when the connection is closed, i.e. a
    # SSL close notify alert is send and mod_ssl waits for the close notify
    # alert of the client. This is 100% SSL/TLS standard compliant, but in
    # practice often causes hanging connections with brain-dead browsers. Use
    # this only for browsers where you know that their SSL implementation
    # works correctly.
    # Notice: Most problems of broken clients are also related to the HTTP
    # keep-alive facility, so you usually additionally want to disable
    # keep-alive for those clients, too. Use variable "nokeepalive" for this.
    # Similarly, one has to force some clients to use HTTP/1.0 to workaround
    # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
    # "force-response-1.0" for this.
    # BrowserMatch "MSIE [2-6]" \
    # nokeepalive ssl-unclean-shutdown \
    # downgrade-1.0 force-response-1.0

    </VirtualHost>
    </IfModule>

    # vim: syntax=apache ts=4 sw=4 sts=4 sr noet


    przez http://10.0.0.24:443 nie wchodzi

    0
  • Pomocny post
    #6 28 Sie 2016 17:51
    Epic
    Poziom 27  

    bundy81 napisał:
    DocumentRoot /var/www/html

    W pliku default-ssl.conf Musisz również zmienić na
    bundy81 napisał:
    DocumentRoot "/var/www/html/nextcloud/"

    I powinno wystarczyć jako że jest to teraz konfiguracja domyślna

    0
  • #7 28 Sie 2016 18:38
    bundy81
    Poziom 11  

    No i super wszystko ruszyło :)

    Teraz zostało mi jeszcze uruchomić memory chaching ale nie mogę znaleźć jakiegoś przejrzystego na jak na moją wiedzę poradnika.

    Może jakaś pomoc ?? :)

    PS.
    Jak już to wszystko się uzbieram to sklecę to całość i wrzucę na forum dla potomnych.

    0