Owncloud

References

• https://owncloud.org/

Tools:

• DAVDroid — paid sync app on Android
• Outlook CalDav Synchronizer — Sync Outlook with Google, SOGo, Horde or any other CalDAV server

Also on GitHub.

• CardDAV-Sync — Another CardDAV sync app for Android (free / paid).

Alternatives:

• Nextcloud, here a complete setup example (with backup, etc).

Install Owncloud Server

Install packages

From Owncloud page, on Ubuntu:

wget -nv https://download.owncloud.org/download/repositories/stable/xUbuntu_14.04/Release.key -O Release.key
apt-key add - < Release.key
sh -c "echo 'deb http://download.owncloud.org/download/repositories/stable/xUbuntu_14.04/ /' >> /etc/apt/sources.list.d/owncloud.list"
apt-get update
apt-get install owncloud

On Debian 8:

wget -nv https://download.owncloud.org/download/repositories/9.0/Debian_8.0/Release.key -O Release.key
apt-key add - < Release.key
sh -c "echo 'deb http://download.owncloud.org/download/repositories/9.0/Debian_8.0/ /' >> /etc/apt/sources.list.d/owncloud.list"
apt-get update
apt-get install owncloud

Note:

• Installing owncloud-files was not enough. Not sure what are the missing dependencies.

Optional:

• Install php5-imagick to get image preview (but beware of recent vulnerabilities. See Linux security).

Configuration

When installed, Owncloud is available at URL http://localhost/owncloud/. This is configured in apache2 file /etc/apache2/conf-available/owncloud.conf:

Alias /owncloud "/var/www/owncloud/"
<Directory "/var/www/owncloud">
Options +FollowSymLinks
AllowOverride All

<IfModule mod_dav.c>
Dav off
</IfModule>

SetEnv HOME /var/www/owncloud
SetEnv HTTP_HOME /var/www/owncloud
</Directory>

<Directory "/var/www/owncloud/data/">
# just in case if .htaccess gets disabled
Require all denied
</Directory>

Note that owncloud files /var/www/owncloud are outside the regular http root (i.e. /var/www/html).

Before completing the installation, we first setup a virtual access to allow accessing Owncloud via HTTPS. This is also recommended for remote installs. For this create the file /etc/apache2/sites-available/owncloud.immie.org.conf, with content:

<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName owncloud.immie.org

DocumentRoot /var/www/html

# Owncloud configuration: see conf-available/owncloud.conf

SSLCertificateFile      /etc/ssl/certs/ssl-cert-owncloud.immie.org.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-owncloud.immie.org.key

# ...

</VirtualHost>
</IfModule>

We only list the most relevant settings. Basically we only setup the server name and give the SSL certificates. For now, we leave File:/owncloud as a global alias.

Enable the site:

a2ensite owncloud.immie.org
service apache2 reload

We also need to create a new MySQL user and database for owncloud. This way owncloud will not use MySQL root access.

MYSQL_HISTFILE=/dev/null mysql --user=root -p mysql          # You'll need MySQL root user password

CREATE DATABASE owncloud_immie;
GRANT ALL PRIVILEGES ON owncloud_immie.* TO owncloud_immie@localhost IDENTIFIED BY '********************';
quit

Of course, replace ******************** with your own password.

Proceed to the URL https://owncloud.immie.org/owncloud:

• Enter a new admin account user name and password.
• Click on Storage & database
• Keep data folder as is (/var/www/owncloud/data). Make sure it is outside web server root.
• Select MySQL / MariaDB.
• Enter MySQL user name, password, database name. Keep localhost for the DB server name.
• Click Finish setup.

Owncloud also requires running a cron job at regular interval [2]:

crontab -u www-data -e
# Add the line:
#
# */15  *  *  *  * php -f /var/www/owncloud/cron.php

In particular this cron job may help fixing file locking issue (error File is locked [3]).

Upgrade from 9 to 10 on debian 8.0 Jessie

We mostly follow the procedure in OwnCloud manual [4]. First change repository to v10:

echo "deb http://download.owncloud.org/download/repositories/10.0/Debian_8.0/ /" > /etc/apt/sources.list.d/owncloud.list
apt update

In principle we should first disable 3rd-party app. We don't, just hoping for the best...

# Get a list of installed app...
cd /var/www/owncloud
sudo -u www-data php occ app:list

Enable maintenance mode and disable web server:

sudo -u www-data php occ maintenance:mode --on
service apache2 stop

Backup the old configuration (we must at least keep config/config.php):

mv /var/www/owncloud /var/www/owncloud-old-9.0.11
tar cvzf /root/backup/var_www_owncloud-9.0.11.tgz /var/www/owncloud-old-9.0.11
mysqldump -uowncloud_immie -p owncloud_immie | gzip > /root/backup/owncloud_immie-9.0.11.sql.gz

Upgrade:

# Upgrade package
sudo apt dist-upgrade
sudo chown -R www-data:www-data /var/www/owncloud

# Restore the config and run the upgrade
cd /var/www/owncloud
cp /var/www/owncloud-old-9.0.11/config/config.php /var/www/owncloud/config
# ... AND RESTORE THE DATA!!!
cp /var/www/owncloud-old-9.0.11/data /var/www/owncloud/
sudo -u www-data php occ upgrade

# We have some issues with 3rd-party app, disable and resume:
sudo -u www-data php occ app:disable documents
sudo -u www-data php occ app:disable news
sudo -u www-data php occ upgrade

Everything is fine, restart the server:

sudo -u www-data php occ maintenance:mode --off
sudo service apache2 start

Troubleshoot

• After upgrade, all clients failed sync because of file not found.
• Did a *hard reset* of all clients:

• Delete all clients data and metadata.
• On server, delete all files (had some file locked issue).
• Reinstall the clients.
• Import back the files.

• Whoopsie... Turned out we forgot to restore the files from previous install. Should have done cp /var/www/owncloud-old-9.0.11/data /var/www/owncloud/ before upgrading.

Issues

Download failed

• Suddenly on Owncloud client, any file downloaded says "Download failed".
• Solution: https://central.owncloud.org/t/download-failed-unknown-error/47935/5
• Add SetEnv ap_trust_cgilike_cl to /var/www/owncloud/.htaccess.

Install Owncloud Client

From the repository:

sudo apt install owncloud-client

On Bionic Beaver, there is a missing dependency. Package libgnome-keyring0 must be installed as well:

sudo apt install owncloud-client libgnome-keyring0

However version 2.1.1+dfsg-1ubuntu1.1 in Ubuntu Xenial is broken (fails to reconnect after suspend), and version in Zesty has too many dependencies. We rebuild from the sources:

apt source -t zesty owncloud-client
cd owncloud-client-2.2.4+dfsg/
# We must disable a test (check_vio_ext) because it gives a segfault:
# 
#       Start 18: check_vio_ext
# 18/36 Test #18: check_vio_ext ....................***Exception: SegFault  0.31 sec
# [==========] Running 4 test(s).
# [ RUN      ] check_readdir_shorttree
# Test failed with exception: Segmentation fault
#       C:/tmp/csync_test/alibaba
# [  FAILED  ] check_readdir_shorttree
# ================== Tearing down!
# 
# [ RUN      ] check_readdir_with_content
# 
vi csync/tests/CMakeLists.txt          # COMMENT OUT the line as shown below
# ...
# add_cmocka_test(check_vio_file_stat vio_tests/check_vio_file_stat.c ${TEST_TARGET_LIBRARIES})
# add_cmocka_test(check_vio vio_tests/check_vio.c ${TEST_TARGET_LIBRARIES})
# # add_cmocka_test(check_vio_ext vio_tests/check_vio_ext.c ${TEST_TARGET_LIBRARIES})
# ...
sudo apt build-dep owncloud-client     # WRITE DOWN the list of packages!
dpkg-buildpackage -rfakeroot -b
sudo dpkg -i owncloud-client_2.2.4+dfsg-2ubuntu2_amd64.deb owncloud-client-l10n_2.2.4+dfsg-2ubuntu2_all.deb libowncloudsync0_2.2.4+dfsg-2ubuntu2_amd64.deb
sudo apt install -f
sudo apt remove owncloud-client-cmd owncloud-client-data owncloud-client-doc
sudo apt remove automoc ...            # Remove builddeps (175MB!) - Same list as installed by build-dep
top

Maintenance or Upgrade

When upgrading with apt-get dist-upgrade, we get the message:

Leaving server in maintenance mode. Please run occ upgrade manually.

See https://doc.owncloud.org/server/9.0/admin_manual/maintenance/upgrade.html

ownCloud or one of the apps require upgrade - only a limited number of commands are available
You may use your browser or the occ upgrade command to do the upgrade
Maintenance mode enabled

To upgrade:

cd /var/www/owncloud
sudo -u www-data php occ upgrade
sudo -u www-data php occ status
sudo -u www-data php occ maintenance:mode --off
sudo -u www-data php occ status                     # Check that server is no longer in maintenance mode

Hardening

See Linux Security.

CalDav applications (contacts / calendar)

Contacts and Calendar are applications that must be installed via the admin account.

To synchronize with other applications, you often require the DAV URL on Owncloud:

• Open your Owncloud account, and go to Contacts application.
• In the bottom left corner, click Settings
• Then click on the chain link icon labelled show URL, and copy the URL.

The URL is something like https://owncloud.immie.org/owncloud/remote.php/dav/addressbooks/users/xyz/default/.

Sync with Thunderbird

Reference: Thunderbird - Synchronize Addressbook

To synchronize with Thunderbird, first install the following extensions:

• SOGO Connector
• Lightning (calendar extension)

Then, in TB,

• click on Address Book to show up the address book window;
• click on File → New → Remote Address Book;
• enter a name;
• enter your DAV URL; and
• select other options as desired (for instance sync period).

Multiple calendars

• TB cannot import multiple calendars from different owncloud accounts. It can only import from a single account.
• To import calendars from different own different owncloud accounts, first share these accounts in Owncloud, then import the shared calendar from your account.

Sync with Android

I use the (non-free) application DAVDroid.

To ease setup of the DAVDroid account with Owncloud [5], I configure the well-known URL in Apache. This require that the server responds to addresses

• https://owncloud.immie.org/.well-known/carddav and
• https://owncloud.immie.org/.well-known/caldav

To setup these addresses, add to /etc/apache2/sites-available/owncloud.immie.org.conf:

Redirect 301 /.well-known/carddav /owncloud/remote.php/dav
Redirect 301 /.well-known/caldav /owncloud/remote.php/dav

Now, in DAVDroid, setup the account with:

• Server: https://owncloud.immie.org
• Owncloud username
• Owncloud password

Troubleshoot

• Samsung Alpha, getting message S Planner has stopped when adding new entry to sync'ed calendar.

Go to Application Manager ← all, and force stop + clear cache + 'clear data for the following applications: Calendar, Calendar storage, DAVdroid, S Planner (2x), Samsung Calendar SyncAdapter.

Sync with Outlook

Use Outlook CalDav Synchronizer to synchronize Outlook contacts and calendars with Owncloud.

• In Outlook, go to People pane, and create a new contact folder, for instance named Owncloud.
• Open menu CalDav Synchronizer → Synchronization profiles.
• Click Add new profile. For Owncloud, we enter the following settings:

• Select profile type Generic CalDAV/CardDAV.
• Enter DAV Url, replace XYZ with user login:

• https://owncloud.immie.org/owncloud/remote.php/dav/addressbooks/users/XYZ/default/ for contacts.
• https://owncloud.immie.org/owncloud/remote.php/dav/calendars/XYZ/default/ for calendars.

• Enter username and password.
• Select Synchronize items immediately after change.

Troubleshoot

• hexadecimal value 0x1E, is an invalid character tickets 517

Fixed by browsing calendar on Owncloud web interface, narrowing down offending month, then week, then day. Delete all entries on that day.