Configure ownCloud on Raspberry Pi

NOTE: this guide is updated to November 2019

So, you just got yourself a brand new raspberry pi and want to make a good use of it, right?
Some weeks ago I had to send the holiday pictures to some of my friends, and this means you have to upload them on some messaging app like Whatsapp or Messenger, which is ok but usually those services are not the best chiose to upload a lot of multimedia content: they might have size limitation, aggressive compression or performance issues because they were not design to send a huge amount of photos at once. So you might think you can upload them on Google Drive, but you have no storage left. What else can you do?
Let me introduce you ownCloud.

Now, first of all, if you are reading this there is an high chance you already know that, your rasperry pi, being a linux machine, can be accessed by the network using SSH, and you can access the files from the windows file manager by connecting to its SFTP server. However, this is not something very user friendly and — most importantly — it is quite hard it you only want some users to access only some files or directories, as you have to deal with folder permissions and so on. OwnCloud works just like Drive, Dropbox, Box, those ones, but uses YOUR storage instead. You can use your raspberry pi as your cloud server; it comes with a user-friendly interface and an app for your smartphone as well if you are into it. Please, READ THE GUIDE CAREFULLY, as we are also going to open some ports at the end, which means your stuff could be exposed on the internet.

FIRST STEPS

some dependencies first

sudo apt install apache2 mariadb-server libapache2-mod-php7.0 php7.0-gd php7.0-json php7.0-mysql php7.0-curl php7.0-intl php7.0-mcrypt php-imagick php7.0-zip php7.0-xml php7.0-mbstring fail2ban redis-server -y

First of course you will have to properly set up you raspberry, SSH, also VNC if you want to, connect to a network and so on, this stuff is for n00bs so I will skip it :) There is no need to say that in order to make your server faster you will need to use the Ethernet connection and not wifi.
Now go here: https://download.owncloud.org/download/community/ and download the latest tar package
## UPDATE ## it looks like you can now easily wget the latest version with:

wget https://download.owncloud.org/download/community/owncloud-latest.tar.bz2
## do an ls to show the full name of the tarball you just downloaded ##
ls
##copy the package name and unpack it ##
tar -xvf owncloud-version_number_here_.tar.bz2
chown -R www-data:www-data owncloud
mv owncloud /var/www/html/

basically we have just moved owncloud into a folder that apache2 will later load as a website. Let’s move on.

sudo nano /etc/apache2/sites-available/owncloud.conf

paste this stuff into the file you have just created

Alias /owncloud “/var/www/html/owncloud/”

<Directory /var/www/html/owncloud/>
Options +FollowSymlinks
AllowOverride All

<IfModule mod_dav.c>
Dav off
</IfModule>

SetEnv HOME /var/www/html/owncloud
SetEnv HTTP_HOME /var/www/html/owncloud

</Directory>

now let’s enable apache2 (the web server) with:

sudo ln -s /etc/apache2/sites-available/owncloud.conf /etc/apache2/sites-enabled/owncloud.conf
##this will create a symbolic link of the file you have just created into the sites-enabled folder, to tell apache2 we want to load this website ##
systemctl start apache2 && systemctl enable apache2

CREATE THE MYSQL DATABASE

In order to use OwnCloud we wil need to create an SQL database, apparently MySql provides the best performances, so we can go ahead; there are alternatives if you want, like MariaDB or SQLite

mysql -u root -p
CREATE DATABASE IF NOT EXISTS owncloud;
create user
user@localhost identified by ‘password’;
GRANT ALL PRIVILEGES ON owncloud.* TO ‘
user’@’localhost’ IDENTIFIED BY ‘password’;

We are creating a new database called owncloud, and a new user who will have access to the database. You need to replace the highlighted parts with what you want, where user being your username and password **guesswhat** your password. USE A STRONG PASSWORD HERE.

GENERATE AN SSL CERTIFICATE

We are now going to generate an SSL certificate to use encrypted connection between our server and the clients; we will use openssl which will generate a new certificate for free. I must say for free because, as we will find out later, this certificate will be seen as untrusted and the browser will show a warning; there are ways to generate “trusted” SSL certificates for free, but most of them expire after a while and you have to generate new onces. I will deal with the browser warnings a the end.

sudo -i
cd /root ##in this way we will create the server.key in a folder only the root user can access##
openssl genrsa -out server.key 4096
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 1825 -in server.csr -signkey server.key -out server.crt -sha256
chmod 400 server.key
a2ensite default-ssl.conf
systemctl reload apache2
a2enmod ssl
systemctl restart apache2

it will ask you some information to generate the SSL certificate, that is because this is supposed to identify you as a trusted identity for the final user. Feel free to fill them as you want, it will not matter. It will generate two files on your /root (or whetever you where when you run the commands)

nano /etc/apache2/sites-available/default-ssl.conf

look for this section and add the path where the ssl keys are

<VirtualHost _default_:443>
ServerAdmin webmaster@localhost
ServerName IP-SERVER:443
DocumentRoot /var/www/html/owncloud
SSLCertificateFile /root/server.crt
SSLCertificateKeyFile /root/server.key

now edit /etc/apache2/sites-available/000-default.conf

DocumentRoot /var/www/html/owncloud

sudo sed -i ‘s/AllowOverride None/AllowOverride All/’ /etc/apache2/apache2.conf
sudo systemctl restart apache2

Now, here comes the easy ( kind of ) part. If you open the web browser at the local_IP_address_of_your_pi/owncloud you should be able to see the website as been loaded but it is complaining. Edit /var/www/html/owncloud/config/config.php
(save the path of this file as we will need it many times later)

trusted_domains’ =>
array (
0 => ‘192.X.X.X’,
),

where XXXX is the local IP address of your PI. Where is asks about the database, enter the username and password you created before and the database name is “owncloud”. Leave data folder as it is for now. Click on “finish setup” and now you should be able to login for the first time into your OwnCloud server.

CONFIGURE OWNCLOUD and LOCAL STORAGE
Let’s add some additional configuration to our ownCloud server and configure the storage. Right now, this the default configuration owncloud creates a new user folder under /var/www/html/owncloud/data/username, you can change this path in the config file, however this means it will always use the SD card of your raspberry pi as storage, which is probably not what you want to do; you can obviously set the user data folder on an external drive, like an USB HDD for example, however this means that the owncloud server won’t start if the HDD is unpluged or powered off; there is a way however to mount any folder on your system as an owncloud directory. Edit the config file (/var/www/html/owncloud/config/config.php) and add this line

‘files_external_allow_create_new_local’ => true,

mind the comma at the end, it is required. This will enable the option to mount any folder from the filesystem. Now you can manage them from the settings in the website. Open the website and click on the username in the top right corner, then click setting>storage and create a new custom folder that points to a system directory. Under “folder name” you must enter the name of the folder as it will be shown in owncloud, and under config you must type the actually path in your system where the folder is located. For example, probably the most useful in my opinion, if you want to have access from owncloud to every USB storage that will be plugged into your raspberry, just create a new folder called “USB storage” and under configuration type “/media/pi”. Under the admin tab, you can also easily control access per-user easier than ever, you can create new users and give them access just to some specific folders. For ex. you could create a new user just to give access to some friends to your holiday pics or your university docs located in the USB stick you just plugged into your Pi.