Learn How To Install ownCloud 7 on CentOS 6 with Nginx w/ SSL, PHP-FPM, and PGSQL (Automated Startup Script)

March 16, 2020

Table of Contents

    You can copy and paste the following bash script into the startup script area of the IT Web Services Control Panel.

    This startup script will install the current version of ownCloud, including all necessary packages to run the server upon deployment.

    #/bin/sh
    #####Generate Database Credentials
    db_name="oc`date +%s`"
    sleep 1
    db_user="oc`date +%s`"
    sleep 1
    db_password=`date |md5sum |cut -c '1-12'`
    ip_addr=$(ifconfig | grep -v '127.0.0.1' | sed -n 's/.*inet addr:([0-9.]+)s.*//p')
    ##### Open firewall for http and SSL
    iptables -F
    iptables -A INPUT -i lo -j ACCEPT
    iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
    iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
    iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
    /etc/init.d/iptables save
    /etc/init.d/iptables restart
    #### Remove any installed versions on mysql and enable proper php repo
    yum -y remove mysql* mysql-server mysql-devel mysql-libs
    rpm -ivh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
    rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
    rpm -ivh http://yum.postgresql.org/9.3/redhat/rhel-6-i386/pgdg-centos93-9.3-1.noarch.rpm
    sed -i '/[remi]/,/^ *[/ s/enabled=0/enabled=1/' /etc/yum.repos.d/remi.repo
    sed -i '/[remi-php56]/,/^ *[/ s/enabled=0/enabled=1/' /etc/yum.repos.d/remi.repo
    #### Enable latest nginx repo
    touch /etc/yum.repos.d/nginx.repo
    cat <<EOF > /etc/yum.repos.d/nginx.repo
    [nginx]
    name=nginx repo
    baseurl=http://nginx.org/packages/centos/"$releasever"/"$basearch"/
    gpgcheck=0
    enabled=1
    EOF
    #### Install Nginx and pgsql
    yum -y update
    yum -y install nginx postgresql93 postgresql93-libs postgresql93-server wget php-fpm php-gd php-ldap     php-pear php-xml php-xmlrpc php-magickwand php-magpierss php-mbstring php-mcrypt php-shout php-snmp php-soap php-tidy php-pgsql php-pdo
    service postgresql-9.3 initdb
    service postgresql-9.3 start
    chkconfig postgresql-9.3 on
    /etc/init.d/nginx start
    chkconfig nginx on
    /etc/init.d/nginx stop
    #### Set Database Credentials and Create Database
    su - -c "psql" postgres << EOF
    CREATE USER $db_user WITH PASSWORD '$db_password';
    CREATE DATABASE $db_name OWNER $db_user ENCODING 'UTF8';
    GRANT ALL PRIVILEGES ON DATABASE $db_name TO $db_user;
    EOF
    #### Apply PHP settings
    sed -i '/post_max_size/cpost_max_size = 2G' /etc/php.ini
    sed -i '/cgi.fix_pathinfo/ccgi.fix_pathinfo = 0' /etc/php.ini
    sed -i '/upload_max_filesize/cupload_max_filesize = 2G' /etc/php.ini
    sed -i '/date.timezone/cdate.timezone = "UTC"' /etc/php.ini
    #### Set NGINX and PGSQL settings
    chkconfig php-fpm on
    /etc/init.d/php-fpm start
    sed -i '0,/ident/! {0,/ident/ s/ident/md5/}' /var/lib/pgsql/9.3/data/pg_hba.conf
    sed -i '0,/ident/! {0,/ident/ s/ident/md5/}' /var/lib/pgsql/9.3/data/pg_hba.conf
    cd /etc/nginx
    mkdir -p cert
    cd conf.d
    touch oc.conf
    cat <<EOF >oc.conf
    upstream php-handler {
    server 127.0.0.1:9000;
    #server unix:/var/run/php5-fpm.sock;
    }
    server {
    listen 80;
    server_name $ip_addr;
    return 301 https://$server_name$request_uri; # enforce https
    }
    server {
    listen 443 ssl;
    server_name $ip_addr;
    ssl_certificate /etc/nginx/cert/server.crt;
    ssl_certificate_key /etc/nginx/cert/server.key;
    # Path to the root of your installation
    root /var/www/owncloud/;
    client_max_body_size 10G; # set max upload size
    fastcgi_buffers 64 4K;
    rewrite ^/caldav(.*)$ /remote.php/caldav redirect;
    rewrite ^/carddav(.*)$ /remote.php/carddav redirect;
    rewrite ^/webdav(.*)$ /remote.php/webdav redirect;
    index index.php;
    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;
    location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
    }
    location ~ ^/(data|config|.ht|db_structure.xml|README) {
    deny all;
    }
    location / {
    # The following 2 rules are only needed with webfinger
    rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
    rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
    rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
    rewrite ^(/core/doc/[^/]+/)$ /index.html;
    try_files $uri $uri/ index.php;
    }
    location ~ ^(.+?.php)(/.*)?$ {
    try_files  = 404;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root;
    fastcgi_param PATH_INFO ;
    fastcgi_param HTTPS on;
    fastcgi_pass php-handler;
    }
    # Optional: set long EXPIRES header on static assets
    location ~* ^.+.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
    expires 30d;
    # Optional: Do not log access to assets
    access_log off;
    }
    }
    EOF
    ####Generate Self-signed SSl cert
    cd ..
    cd cert
    openssl req -x509 -nodes -sha384 -days 3650 -newkey rsa:4096 -keyout server.key -out server.crt -subj "/"
    chmod 600 server.key
    chmod 600 server.crt
    ####Download and extract ownCloud software
    cd /var/www
    wget --no-check-certificate https://download.owncloud.org/community/owncloud-7.0.2.tar.bz2
    tar xjf owncloud-7.0.2.tar.bz2
    mkdir -p owncloud/data
    touch owncloud/config/autoconfig.php
    cat << EOF >> owncloud/config/autoconfig.php
    <?php
    $AUTOCONFIG = array(
    "dbtype" => "pgsql",
    "dbname" => "$db_name",
    "dbuser" => "$db_user",
    "dbpass" => "$db_password",
    "dbhost" => "localhost",
    "dbtableprefix" => "",
    "directory" => "/var/www/owncloud/data",
    );
    EOF
    chmod 770 owncloud/data
    chmod 777 owncloud/config/
    chown -R root:apache owncloud
    rm -rf owncloud-7.0.2.tar.bz2
    /etc/init.d/postgresql-9.3 restart
    /etc/init.d/nginx start
    ######Display generated passwords to log file.
    echo "Database Name: " $db_name
    echo "Database User: " $db_user
    echo "Database Password: " $db_password
    echo "Visit your ownCloud at https://"$ip_addr
    

    After running the script, you will be able to access your ownCloud and create your admin account at https://youripaddress. The initial page will say you are using SQLite, but the server is already configured to properly use PGSQL. This is tested and working on a VM with 512MB of RAM, but you may want something slightly bigger or create a swap file for slightly better performance. The SSL certificate is self-signed, but can be replaced if you are so inclined. Do not forget to retrieve your database credentials ( tail /tmp/firstboot.log ) and to remove that file once you have deployed.

    Need help?

    Do you need help setting up this on your own service?
    Please contact us and we’ll provide you the best possible quote!