Install ownCloud 7 on CentOS 6 with Nginx w/ SSL, PHP-FPM, and PGSQL (Automated Startup Script)

Published on: Thu, Sep 18, 2014 at 4:32 pm EST
CentOS Linux Guides Web Servers

You can copy and paste the following bash script into the startup script area of the Vultr Control Panel.

This startup script will install the current version of ownCloud, including all necessary packages to run the server upon deployment.

#/bin/sh
#####Generate Database Credentials
db_name="oc`date +%s`"
sleep 1
db_user="oc`date +%s`"
sleep 1
db_password=`date |md5sum |cut -c '1-12'`
ip_addr=$(ifconfig | grep -v '127.0.0.1' | sed -n 's/.*inet addr:\([0-9.]\+\)\s.*//p')
##### Open firewall for http and SSL
iptables -F
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
/etc/init.d/iptables save
/etc/init.d/iptables restart
#### Remove any installed versions on mysql and enable proper php repo
yum -y remove mysql* mysql-server mysql-devel mysql-libs
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
rpm -ivh http://yum.postgresql.org/9.3/redhat/rhel-6-i386/pgdg-centos93-9.3-1.noarch.rpm
sed -i '/\[remi\]/,/^ *\[/ s/enabled=0/enabled=1/' /etc/yum.repos.d/remi.repo
sed -i '/\[remi-php56\]/,/^ *\[/ s/enabled=0/enabled=1/' /etc/yum.repos.d/remi.repo
#### Enable latest nginx repo
touch /etc/yum.repos.d/nginx.repo
cat <<EOF > /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/"$releasever"/"$basearch"/
gpgcheck=0
enabled=1
EOF
#### Install Nginx and pgsql
yum -y update
yum -y install nginx postgresql93 postgresql93-libs postgresql93-server wget php-fpm php-gd php-ldap     php-pear php-xml php-xmlrpc php-magickwand php-magpierss php-mbstring php-mcrypt php-shout php-snmp php-soap php-tidy php-pgsql php-pdo
service postgresql-9.3 initdb
service postgresql-9.3 start
chkconfig postgresql-9.3 on
/etc/init.d/nginx start
chkconfig nginx on
/etc/init.d/nginx stop
#### Set Database Credentials and Create Database
su - -c "psql" postgres << EOF
CREATE USER $db_user WITH PASSWORD '$db_password';
CREATE DATABASE $db_name OWNER $db_user ENCODING 'UTF8';
GRANT ALL PRIVILEGES ON DATABASE $db_name TO $db_user;
EOF
#### Apply PHP settings
sed -i '/post_max_size/c\post_max_size = 2G' /etc/php.ini
sed -i '/cgi.fix_pathinfo/c\cgi.fix_pathinfo = 0' /etc/php.ini
sed -i '/upload_max_filesize/c\upload_max_filesize = 2G' /etc/php.ini
sed -i '/date.timezone/c\date.timezone = "UTC"' /etc/php.ini
#### Set NGINX and PGSQL settings
chkconfig php-fpm on
/etc/init.d/php-fpm start
sed -i '0,/ident/! {0,/ident/ s/ident/md5/}' /var/lib/pgsql/9.3/data/pg_hba.conf
sed -i '0,/ident/! {0,/ident/ s/ident/md5/}' /var/lib/pgsql/9.3/data/pg_hba.conf
cd /etc/nginx
mkdir -p cert
cd conf.d
touch oc.conf
cat <<EOF >oc.conf
upstream php-handler {
server 127.0.0.1:9000;
#server unix:/var/run/php5-fpm.sock;
}
server {
listen 80;
server_name $ip_addr;
return 301 https://$server_name$request_uri; # enforce https
}
server {
listen 443 ssl;
server_name $ip_addr;
ssl_certificate /etc/nginx/cert/server.crt;
ssl_certificate_key /etc/nginx/cert/server.key;
# Path to the root of your installation
root /var/www/owncloud/;
client_max_body_size 10G; # set max upload size
fastcgi_buffers 64 4K;
rewrite ^/caldav(.*)$ /remote.php/caldav\ redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav\ redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav\ redirect;
index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
location / {
# The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ \/index.html;
try_files $uri $uri/ index.php;
}
location ~ ^(.+?\.php)(/.*)?$ {
try_files \ = 404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root\;
fastcgi_param PATH_INFO \;
fastcgi_param HTTPS on;
fastcgi_pass php-handler;
}
# Optional: set long EXPIRES header on static assets
location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
# Optional: Do not log access to assets
access_log off;
}
}
EOF
####Generate Self-signed SSl cert
cd ..
cd cert
openssl req -x509 -nodes -sha384 -days 3650 -newkey rsa:4096 -keyout server.key -out server.crt -subj "/"
chmod 600 server.key
chmod 600 server.crt
####Download and extract ownCloud software
cd /var/www
wget --no-check-certificate https://download.owncloud.org/community/owncloud-7.0.2.tar.bz2
tar xjf owncloud-7.0.2.tar.bz2
mkdir -p owncloud/data
touch owncloud/config/autoconfig.php
cat << EOF >> owncloud/config/autoconfig.php
<?php
$AUTOCONFIG = array(
"dbtype" => "pgsql",
"dbname" => "$db_name",
"dbuser" => "$db_user",
"dbpass" => "$db_password",
"dbhost" => "localhost",
"dbtableprefix" => "",
"directory" => "/var/www/owncloud/data",
);
EOF
chmod 770 owncloud/data
chmod 777 owncloud/config/
chown -R root:apache owncloud
rm -rf owncloud-7.0.2.tar.bz2
/etc/init.d/postgresql-9.3 restart
/etc/init.d/nginx start
######Display generated passwords to log file.
echo "Database Name: " $db_name
echo "Database User: " $db_user
echo "Database Password: " $db_password
echo "Visit your ownCloud at https://"$ip_addr

After running the script, you will be able to access your ownCloud and create your admin account at https://youripaddress. The initial page will say you are using SQLite, but the server is already configured to properly use PGSQL. This is tested and working on a VM with 512MB of RAM, but you may want something slightly bigger or create a swap file for slightly better performance. The SSL certificate is self-signed, but can be replaced if you are so inclined. Do not forget to retrieve your database credentials ( tail /tmp/firstboot.log ) and to remove that file once you have deployed.

Want to contribute ?

You could earn up to $300 by adding new articles