Install Owncloud on Centos 6 with Nginx w/ SSL, PHP-FPM, and PGSQL (Automated Startup Script)

edited September 2014 in Proposed How-Tos
You can copy and paste the following bash script into the Vultr Startup Script area: https://my.vultr.com/startup/
This startup script will install the current version of Owncloud, including all necessary packages to run the server upon deployment.
#/bin/sh #####Generate Database Credentials db_name="oc`date +%s`" sleep 1 db_user="oc`date +%s`" sleep 1 db_password=`date |md5sum |cut -c '1-12'` ip_addr=$(ifconfig | grep -v '127.0.0.1' | sed -n 's/.*inet addr:\([0-9.]\+\)\s.*/\1/p') ##### Open firewall for http and SSL iptables -F iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT /etc/init.d/iptables save /etc/init.d/iptables restart #### Remove any installed versions on mysql and enable proper php repo yum -y remove mysql* mysql-server mysql-devel mysql-libs rpm -ivh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm rpm -ivh http://yum.postgresql.org/9.3/redhat/rhel-6-i386/pgdg-centos93-9.3-1.noarch.rpm sed -i '/\[remi\]/,/^ *\[/ s/enabled=0/enabled=1/' /etc/yum.repos.d/remi.repo sed -i '/\[remi-php56\]/,/^ *\[/ s/enabled=0/enabled=1/' /etc/yum.repos.d/remi.repo #### Enable latest nginx repo touch /etc/yum.repos.d/nginx.repo cat <<EOF > /etc/yum.repos.d/nginx.repo [nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/"\$releasever"/"\$basearch"/ gpgcheck=0 enabled=1 EOF #### Install Nginx and pgsql yum -y update yum -y install nginx postgresql93 postgresql93-libs postgresql93-server wget php-fpm php-gd php-ldap php-pear php-xml php-xmlrpc php-magickwand php-magpierss php-mbstring php-mcrypt php-shout php-snmp php-soap php-tidy php-pgsql php-pdo service postgresql-9.3 initdb service postgresql-9.3 start chkconfig postgresql-9.3 on /etc/init.d/nginx start chkconfig nginx on /etc/init.d/nginx stop #### Set Database Credentials and Create Database su - -c "psql" postgres << EOF CREATE USER $db_user WITH PASSWORD '$db_password'; CREATE DATABASE $db_name OWNER $db_user ENCODING 'UTF8'; GRANT ALL PRIVILEGES ON DATABASE $db_name TO $db_user; EOF #### Apply PHP settings sed -i '/post_max_size/c\post_max_size = 2G' /etc/php.ini sed -i '/cgi.fix_pathinfo/c\cgi.fix_pathinfo = 0' /etc/php.ini sed -i '/upload_max_filesize/c\upload_max_filesize = 2G' /etc/php.ini sed -i '/date.timezone/c\date.timezone = "UTC"' /etc/php.ini #### Set NGINX and PGSQL settings chkconfig php-fpm on /etc/init.d/php-fpm start sed -i '0,/ident/! {0,/ident/ s/ident/md5/}' /var/lib/pgsql/9.3/data/pg_hba.conf sed -i '0,/ident/! {0,/ident/ s/ident/md5/}' /var/lib/pgsql/9.3/data/pg_hba.conf cd /etc/nginx mkdir -p cert cd conf.d touch oc.conf cat <<EOF >oc.conf upstream php-handler { server 127.0.0.1:9000; #server unix:/var/run/php5-fpm.sock; } server { listen 80; server_name $ip_addr; return 301 https://$server_name$request_uri; # enforce https } server { listen 443 ssl; server_name $ip_addr; ssl_certificate /etc/nginx/cert/server.crt; ssl_certificate_key /etc/nginx/cert/server.key; # Path to the root of your installation root /var/www/owncloud/; client_max_body_size 10G; # set max upload size fastcgi_buffers 64 4K; rewrite ^/caldav(.*)$ /remote.php/caldav\$1 redirect; rewrite ^/carddav(.*)$ /remote.php/carddav\$1 redirect; rewrite ^/webdav(.*)$ /remote.php/webdav\$1 redirect; index index.php; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(data|config|\.ht|db_structure\.xml|README) { deny all; } location / { # The following 2 rules are only needed with webfinger rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; rewrite ^(/core/doc/[^\/]+/)$ \$1/index.html; try_files \$uri \$uri/ index.php; } location ~ ^(.+?\.php)(/.*)?$ { try_files \$1 = 404; include fastcgi_params; fastcgi_param SCRIPT_FILENAME \$document_root\$1; fastcgi_param PATH_INFO \$2; fastcgi_param HTTPS on; fastcgi_pass php-handler; } # Optional: set long EXPIRES header on static assets location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ { expires 30d; # Optional: Do not log access to assets access_log off; } } EOF ####Generate Self-signed SSl cert cd .. cd cert openssl req -x509 -nodes -sha384 -days 3650 -newkey rsa:4096 -keyout server.key -out server.crt -subj "/" chmod 600 server.key chmod 600 server.crt ####Download and extract Owncloud software cd /var/www wget --no-check-certificate https://download.owncloud.org/community/owncloud-7.0.2.tar.bz2 tar xjf owncloud-7.0.2.tar.bz2 mkdir -p owncloud/data touch owncloud/config/autoconfig.php cat << EOF >> owncloud/config/autoconfig.php <?php \$AUTOCONFIG = array( "dbtype" => "pgsql", "dbname" => "$db_name", "dbuser" => "$db_user", "dbpass" => "$db_password", "dbhost" => "localhost", "dbtableprefix" => "", "directory" => "/var/www/owncloud/data", ); EOF chmod 770 owncloud/data chmod 777 owncloud/config/ chown -R root:apache owncloud rm -rf owncloud-7.0.2.tar.bz2 /etc/init.d/postgresql-9.3 restart /etc/init.d/nginx start ######Display generated passwords to log file. echo "Database Name: " $db_name echo "Database User: " $db_user echo "Database Password: " $db_password echo "Visit your OwnCloud at https://"$ip_addr

You will be able to access your Owncloud and create your admin account at https://youripaddress
The initial page will say you are using SQLite, but the server is already configured to properly use PGSQL. This is tested and working on a VM with 512MB of Ram, but you may want something slightly bigger or create a swap file for slightly better performance. The SSL certificate is Self-signed, but can be replaced if you are so inclined. Do not forget to retrieve your database credentials ( tail /tmp/firstboot.log ) and to remove that file once you have deployed.

Comments

  • edited September 2014
    Nice....

    Not personally something I would use (I don't use Linux for one thing) but creating a 'how-to' as an automated vultr setup script is a neat idea

    *thumbs up*

    Actually, @DaveA - maybe you'd consider a 'user contributed script' section on the 'deploy' page, seeing as you'd presumably have to vet any proposed 'how-tos' before adding them to the main site anyway
  • edited September 2014
    @jamie we will be adding a custom scripts library to our startup scripts feature - stay tuned!
  • @mike it's like you keep reading my mind!

    Cheers!!
  • @mike that would be great to have a custom scripts library - I have a nice one for CentOS Nginx, PHP-FPM, MariaDB + CSF Firewall :)
Sign In or Register to comment.