Installing OwnCloud 9 on CentOS 7 with REMI\EPEL, PHP 5.6, Apache 2.4, MariaDB and SSL

Alex Sage

THIS IS A WORK IN PROGRESS

The goal of this guide is to install OwnCloud 9 using OwnCloud's best practices, and recommended software.

I will do my best to make sure it's secure as possible.

Credit goes to @JaredBusch and @scottalanmiller for there guides provided me a roadmap.

First, we will update our fresh install

yum -y update

Now install packages:

yum -y install wget mariadb-server php-mysql httpd epel-release wget

Install REMI Repository

wget http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
rpm -Uvh remi-release-7.rpm

Enable REMI repository

Edit file remi.repo,

vi /etc/yum.repos.d/remi.repo

Find the line enabled =0 and change it to 1 to enable REMI repository and PHP 5.6 for CentOS7

[...]
enabled=1
[...]

Save and close the file.

Install owncloud

rpm --import https://download.owncloud.org/download/repositories/stable/CentOS_7/repodata/repomd.xml.key
wget http://download.owncloud.org/download/repositories/stable/CentOS_7/ce:stable.repo -O /etc/yum.repos.d/ce:stable.repo
setenforce permissive #is this needed?
yum clean expire-cache
yum -y install owncloud

Now enable the services:

systemctl start httpd
systemctl enable httpd
systemctl start mariadb
systemctl enable mariadb

Placeholder

chown -R apache:apache /var/www/html/owncloud
chown -R apache:apache /data

Firewall Rules
firewall-cmd --zone=public --add-port=http/tcp --permanent
firewall-cmd --zone=public --add-port=https/tcp --permanent
firewall-cmd --reload

Make a data dir

mkdir /data

mysql_secure_installation

<output>

Sign in to the database and create the ownCloud instance and user.

mysql -uroot -p

You will then be prompted to enter your database root password.

Now you will run 4 SQL commands, please note the ; at the end of each. It is a required part of the SQL syntax . These are simplified defaults, I would generally recommend you set them to something a little less obvious just to help with security.

create database ownclouddb;
create user 'ownclouduser'@'localhost' identified by 'ownclouduserpassword';
grant all on ownclouddb.* to 'ownclouduse'@'localhost';
flush privileges;
quit

Alex Sage

Here is the script I am working on:

#!/bin/bash
#OwnCloud 9 Install on CentOS7
echo "MySQL Root Password?"
read mysqlroot
echo "Database Name?"
read ownclouddb
echo "Database User?"
read ownclouduser
echo "Database User Password?"
read ownclouduserpassword
echo "Domain Name?"
read domainname
echo Running Updates..
yum -y update
echo Installing and Setting Up REMI Repository...
wget http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
rpm -Uvh remi-release-7.rpm
sed -i '9s/./enabled=1/' /etc/yum.repos.d/remi.repo
sed -i '27s/./enabled=1/' /etc/yum.repos.d/remi.repo
rpm --import https://download.owncloud.org/download/repositories/stable/CentOS_7/repodata/repomd.xml.key
wget http://download.owncloud.org/download/repositories/stable/CentOS_7/ce:stable.repo -O /etc/yum.repos.d/ce:stable.repo
echo Installing Needed Packages...
yum -y install wget mariadb-server php php-mysql httpd epel-release wget
setenforce permissive
mkdir /data
yum clean expire-cache
yum -y install owncloud
systemctl start httpd
systemctl enable httpd
systemctl start mariadb
systemctl enable mariadb
chown -R apache:apache /var/www/html/owncloud
chown -R apache:apache /data
firewall-cmd --zone=public --add-port=http/tcp --permanent
firewall-cmd --zone=public --add-port=https/tcp --permanent
firewall-cmd --reload
echo Securing MySQL...
#Make sure that NOBODY can access the server without a password
mysql -e "UPDATE mysql.user SET Password = PASSWORD('$mysqlroot') WHERE User = 'root'"
#Kill the anonymous users
mysql -e "DROP USER ''@'localhost'"
#Because our hostname varies we'll use some Bash magic here.
mysql -e "DROP USER ''@'$(hostname)'"
#Kill off the demo database
mysql -e "DROP DATABASE test"
#Make our changes take effect
mysql -e "FLUSH PRIVILEGES"
#Any subsequent tries to run queries this way will get access denied because lack of usr/pwd param
echo Setting Up MySQL

#!/bin/bash

echo -n "Enter the MySQL root password: "
read -s rootpw
echo -n "Enter database name: "
read dbname
echo -n "Enter database username: "
read dbuser
echo -n "Enter database user password: "
read dbpw

db="create database $dbname;GRANT ALL PRIVILEGES ON $dbname.* TO $dbuser@localhost IDENTIFIED BY '$dbpw';FLUSH PRIVILEGES;"
mysql -u root -p$rootpw -e "$db"

if [ $? != "0" ]; then
echo "[Error]: Database creation failed"
exit 1
else
echo "------------------------------------------"
echo " Database has been created successfully "
echo "------------------------------------------"
echo " DB Info: "
echo ""
echo " DB Name: $dbname"
echo " DB User: $dbuser"
echo " DB Pass: $dbpw"
echo ""
echo "------------------------------------------"
fi

Alex Sage

It almost all works. Any suggestions welcome

The SQL isn't working yet.....

scottalanmiller

What database error are you getting?

Alex Sage

@scottalanmiller No errors.

The commands to secure MySQL and create the database with proper permissions don't work right yet. The last 17 lines.

Alex Sage

Do I need to encapsulate the variables in quotes?

scottalanmiller

@aaronstuder said:

Do I need to encapsulate the variables in quotes?

I think that the command needs to be in quotes. I don't script MySQL commands that way often so am not familiar with the syntax. I use SQL inside MySQL regularly, but not this way. But that looks like a case where quotes would be needed.

Alex Sage

I take it back, it seems the securing MySQL part works fine.....

The problem is here:

echo Setting Up MySQL
mysql -u root -p $mysqlroot -e create database $ownclouddb;
mysql -u root -p $mysqlroot -e create user '$ownclouduser'@'localhost' identified by '$ownclouduserpassword';
mysql -u root -p $mysqlroot -e grant all on $ownclouddb.* to '$ownclouduser'@'localhost';
mysql -u root -p $mysqlroot -e flush privileges;

Alex Sage

@scottalanmiller

So you mean:

mysql -u root -p $mysqlroot -e create database $ownclouddb;

Becomes:

mysql -u root -p $mysqlroot -e "create database $ownclouddb;"

?

scottalanmiller

@aaronstuder Correct

dsc81

Hi,
I would like to thank you for your guide. It works great. Can you provide additional information e.g how to upload a big file, or how to upload a lot of file maybe 2000 files, 3000 files at once?
Thanks

scottalanmiller

@dsc81 said:

Hi,
I would like to thank you for your guide. It works great. Can you provide additional information e.g how to upload a big file, or how to upload a lot of file maybe 2000 files, 3000 files at once?
Thanks

What kind of info do you want about that? The sync tool will handle that for you. There isn't any magic answer, a large upload will take quite some time.

dsc81

@scottalanmiller
What I mean is I only can upload one file at a time, I heard that we can setting so we can upload many file at once and also the limit is only 2mb, can we upload file 5GB?

JaredBusch

@dsc81 said:

@scottalanmiller
What I mean is I only can upload one file at a time, I heard that we can setting so we can upload many file at once and also the limit is only 2mb, can we upload file 5GB?

You need to configure your system to fix the PHP issue restricting filesize.

You have multiple options for connectivity. if you are using the web browser, the basic setup is single file uplaods.