WIKI Liberasys

Outils pour utilisateurs

Outils du site

Piste : owncloud
infrastructure:owncloud

Ceci est une ancienne révision du document !

Table des matières

Owncloud

# export ADMINMAIL="admin@liberasys.com"
# export ROOTSSLURL="https://owncloud.liberasys.com"
# export SSLCERTFILE="/etc/ssl/certs/STAR_liberasys_com.chain.pem"
# export SSLCERTKEY="/etc/ssl/private/STAR_liberasys_com.key"
# echo 'deb http://download.opensuse.org/repositories/isv:/ownCloud:/community/Debian_8.0/ /' >> /etc/apt/sources.list.d/owncloud.list 
# wget http://download.opensuse.org/repositories/isv:ownCloud:community/Debian_8.0/Release.key
# apt-key add - < Release.key 
# rm Release.key
# apt-get update
# apt-get install owncloud php5-apcu

Nouveau mot de passe du superutilisateur de MySQL : créer un mot de passe dans keepass (mysql/root) et le coller got tu http://FQDI/

owncloud as host http root

Follow apache staging 

# sed -i 's|Alias /owncloud "/var/www/owncloud/"|#Alias /owncloud "/var/www/owncloud/"|g' /etc/apache2/conf-enabled/owncloud.conf

# cat << 'EOF' > /etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
  ServerAdmin _ADMINMAIL_
  DocumentRoot /var/www/apache2-default/
  Options None
  Redirect permanent / _ROOTSSLURL_
</VirtualHost>
EOF

# sed -i "s|_ADMINMAIL_|${ADMINMAIL}|g" /etc/apache2/sites-available/000-default.conf
# sed -i "s|_ROOTSSLURL_|${ROOTSSLURL}|g" /etc/apache2/sites-available/000-default.conf

# cat << 'EOF' > /etc/apache2/sites-available/default-ssl.conf
<IfModule mod_ssl.c>
  # Intermediate configuration, tweak to your needs
  SSLProtocol             all -SSLv2 -SSLv3
  SSLCipherSuite          ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
  SSLHonorCipherOrder     on
  SSLCompression          off

  # OCSP Stapling, only in httpd 2.3.3 and later
  SSLUseStapling On
  SSLStaplingCache shmcb:${APACHE_RUN_DIR}/ssl_stapling(32768)
  SSLStaplingResponderTimeout 5
  SSLStaplingReturnResponderErrors off

  # Enable this if your want HSTS (recommended)
  Header add Strict-Transport-Security "max-age=15768000"

  <VirtualHost _default_:443>
    ServerAdmin _ADMINMAIL_
    DocumentRoot /var/www/owncloud/
    Options None
    ErrorLog ${APACHE_LOG_DIR}/error.log
    LogLevel warn
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    SSLEngine on
    SSLCertificateFile _SSLCERTFILE_
    SSLCertificateKeyFile _SSLCERTKEY_

    <FilesMatch "\.(cgi|shtml|phtml|php)$">
      SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
      SSLOptions +StdEnvVars
    </Directory>
    BrowserMatch "MSIE [2-6]" \
      nokeepalive ssl-unclean-shutdown \
      downgrade-1.0 force-response-1.0
    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

  </VirtualHost>
</IfModule>
EOF

# sed -i "s|_ADMINMAIL_|${ADMINMAIL}|g" /etc/apache2/sites-available/default-ssl.conf
# sed -i "s|_ROOTSSLURL_|${ROOTSSLURL}|g" /etc/apache2/sites-available/default-ssl.conf
# sed -i "s|_SSLCERTFILE_|${SSLCERTFILE}|g" /etc/apache2/sites-available/default-ssl.conf
# sed -i "s|_SSLCERTKEY_|${SSLCERTKEY}|g" /etc/apache2/sites-available/default-ssl.conf

# a2enmod ssl
# a2enmod autoindex
# a2enmod headers
# a2enmod rewrite
# a2ensite default-ssl

Installer les certificats 

# service apache2 stop
# service apache2 start

Créer une nouvelle base de données MySQL 

# vi /var/www/owncloud/config/config.php
'default_language' => 'fr',
'enable_avatars' => false,
'logtimezone' => 'Europe/Paris'

RQ : cache apcu not working in debian jessie, waiting ownCloud team finds solution for easy user cache 

cat << 'EOF' > /etc/cron.d/owncloud
# crontab -u www-data -e
*/15  *  *  *  * www-data php -f /var/www/owncloud/cron.php > /dev/null 2>&1
EOF
# chown root:root /etc/cron.d/owncloud
# chmod 644 /etc/cron.d/owncloud
# service cron stop
# service cron start

Go to http://FQDN/

Configuration française : admin owncloud

  1. cocher “Autoriser les utilisateurs à envoyer des notifications par courriel concernant les partages
  2. décocher “Autoriser les utilisateurs de ce serveur à envoyer des partages vers d'autres serveurs
  3. décocher “Autoriser les utilisateurs de ce serveur à recevoir des partages d'autres serveurs
  4. cron : choisir “cron
  5. décocher “Autoriser le repartage

Bugs/doc : https://forum.owncloud.org/viewtopic.php?f=31&t=26310

Client OwnCloud

Owncloud client version 2.0.0 with debian jessie backports 

# echo "deb http://http.debian.net/debian jessie-backports main" >> /etc/apt/sources.list
# apt-get update
# apt-get -t jessie-backports install "owncloud-client"
infrastructure/owncloud.1536156026.txt.gz · Dernière modification : 2018/09/05 14:00 de ronan