After moving to a new server, I wanted to finally get {{ownCloud}} up and running (over SSL, of course) on it.
And I like subdomains for different services, so I wanted to put it at sub.domain.tld. This turns out to be not as straight-forward as one might otherwise hope, sadly – ownCloud expects to be installed to domain.tld/owncloud (and plops itself into /var/www/owncloud by default (or sometimes /var/www/html/owncloud).
My server is running {{CentOS}} 7, {{Apache}} 2.4, and {{MariaDB}} (a drop-in replacement for {{MySQL}}). This overview is going to presume you’re running the same configuration – feel free to spin one up quickly at Digital Ocean to try this yourself.
Start with the ownCloud installation instructions, which will point you to the {{openSUSE}} build service page, where you’ll follow the steps to add the ownCloud community repo to your yum repo list, and install ownCloud. (In my last how-to, 8.0 was current – 8.2 rolled-out since I installed 8.1 a couple days ago.)
Here is where you need to go “off the reservation” to get it ready to actually install.
Add a VirtualHost directive to redirect http://sub.domain.tld to https://sub.domain.tld (cipher suite list compiled thusly):
<VirtualHost *:80>
ServerName sub.domain.tld
Redirect permanent / https://sub.domain.tld/
</VirtualHost>
Configure an SSL VirtualHost directive to listen for sub.domain.tld:
<VirtualHost *:443>
SSLCertificateFile /etc/letsencrypt/live/sub.domain.tld/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/sub.domain.tld/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/sub.domain.tld/fullchain.pem
DocumentRoot /var/www/subdomain
ServerName sub.domain.tld
ErrorLog logs/subdomain-error_log
CustomLog logs/subdomain-access_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
ServerAdmin user@domain.tld
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
SSLHonorCipherOrder on
SSLOptions +StdEnvVars
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
# allow .htaccess to change things
<Directory "/var/www/subdomain">
Options All +Indexes +FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
Comment-out every line in (or remove) /etc/httpd/conf.d/owncloud.conf.
Move /var/www/html/owncloud/* to /var/www/subdomain.
Make sure permissions are correct on /var/www/subdomain:
chown -R :apache /var/www/subdomain
Run the command-line installer: /var/www/subdomain/occ maintenance:install
Fix ownership of the config file, /var/www/subdomain/config/config.php to root:apache.
In config.php,
- change trusted domains from ‘
localhost‘ to ‘sub.domain.tld‘ - make sure ‘
datadirectory‘ is equal to/var/www/subdomain/data - change ‘
overwrite.cli.url‘ from ‘localhost‘ to ‘https://sub.domain.tld‘
Navigate to http://sub.domain.tld, and follow the prompts – and you should be a happy camper.