Nginx ownCloud Configuration

Install and configure ownCloud on Centmin Mod Nginx with MariaDB, PHP-FPM, and SSL/TLS encryption.

ownCloud Install and Configuration on Nginx

This guide shows you how to install ownCloud on an Nginx web server set up through Centmin Mod LEMP web stack. The installation method follows the ownCloud Admin Manual’s manual installation guide.

This guide is provided as-is. For ownCloud-specific issues or questions, post them to the official forums at forum.owncloud.org.

Prerequisites: This guide assumes you have already installed Centmin Mod and followed the Getting Started Guide.

Steps Overview

1 MySQL Database & User Setup

Create MySQL database, MySQL username and password, and grant privileges to the created MySQL database.

Where:

  • MySQL database name = owncloud1db
  • MySQL username = owncloud1username
  • MySQL password = yourmysqlpass
mysqladmin -u root -p create owncloud1db
mysql -u root -p -e "CREATE USER 'owncloud1username'@'localhost' IDENTIFIED BY 'yourmysqlpass';"
mysql -u root -p -e "GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, LOCK TABLES, CREATE TEMPORARY TABLES ON owncloud1db.* TO 'owncloud1username'@'localhost'; FLUSH PRIVILEGES;"

2 Add Nginx Vhost for Your Domain

Run centmin.sh menu option #2 to create your domain’s Nginx vhost. For example, creating the owncloud1.com domain creates the Nginx vhost file at /usr/local/nginx/conf/conf.d/owncloud1.com.conf and web root at /home/nginx/domains/owncloud1.com/public.

3 Download and Setup ownCloud Files 

cd /usr/local/nginx/html/
mkdir owncloud
cd owncloud/
wget http://download.owncloud.org/community/owncloud-6.0.3.tar.bz2
tar xjf owncloud-6.0.3.tar.bz2
cd owncloud
cp -Rpf * /home/nginx/domains/owncloud1.com/public
cd /home/nginx/domains/owncloud1.com/public
chown -R nginx:nginx *
rm -rf /usr/local/nginx/html/owncloud

Note: Centmin Mod installed PHP-FPM already sets max upload size to 15M out of the box.

4 Install and Setup SSL Certificate

Install and setup your SSL certificate for Nginx server as per instructions at Let's Encrypt Free SSL.

5 Setup Nginx Vhost for ownCloud

Edit /usr/local/nginx/conf/conf.d/owncloud1.com.conf to the following:

server {
    listen   80;
    server_name owncloud1.com www.owncloud1.com;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    server_name owncloud1.com;

    ssl_certificate      /usr/local/nginx/conf/ssl/domaincom/ssl-unified.crt;
    ssl_certificate_key  /usr/local/nginx/conf/ssl/domaincom/ssl.key;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    ssl_prefer_server_ciphers on;
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";

    # enable ocsp stapling
    resolver 8.8.8.8;
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /usr/local/nginx/conf/ssl/domaincom/ssl-trusted.crt;

    access_log /home/nginx/domains/owncloud1.com/log/access.log combined buffer=32k;
    error_log /home/nginx/domains/owncloud1.com/log/error.log;

    root /home/nginx/domains/owncloud1.com/public;

    include /usr/local/nginx/conf/owncloud.conf;
    include /usr/local/nginx/conf/phpowncloud.conf;
    include /usr/local/nginx/conf/staticfiles.conf;
    include /usr/local/nginx/conf/drop.conf;
}

Create /usr/local/nginx/conf/owncloud.conf:

client_max_body_size 10G; # set max upload size
fastcgi_buffers 64 4K;

rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;

index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;

location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
    deny all;
}

location / {
    rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
    rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
    rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
    rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
    try_files $uri $uri/ index.php;
}

Create /usr/local/nginx/conf/phpowncloud.conf:

location ~ ^(.+?\.php)(/.*)?$ {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    try_files $1 = 404;
    fastcgi_pass   127.0.0.1:9000;
    fastcgi_index  index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$1;
    fastcgi_param PATH_INFO $2;
    fastcgi_connect_timeout 60;
    fastcgi_send_timeout 180;
    fastcgi_read_timeout 180;
    fastcgi_buffer_size 512k;
    fastcgi_buffers 512 16k;
    fastcgi_busy_buffers_size 512k;
    fastcgi_temp_file_write_size 512k;
    fastcgi_intercept_errors on;
    fastcgi_param HTTPS $server_https;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param QUERY_STRING $query_string;
    fastcgi_param REQUEST_METHOD $request_method;
    fastcgi_param CONTENT_TYPE $content_type;
    fastcgi_param CONTENT_LENGTH $content_length;
    fastcgi_param SCRIPT_NAME $fastcgi_script_name;
    fastcgi_param REQUEST_URI $request_uri;
    fastcgi_param DOCUMENT_URI $document_uri;
    fastcgi_param DOCUMENT_ROOT $document_root;
    fastcgi_param SERVER_PROTOCOL $server_protocol;
    fastcgi_param GATEWAY_INTERFACE CGI/1.1;
    fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
    fastcgi_param REMOTE_ADDR $remote_addr;
    fastcgi_param REMOTE_PORT $remote_port;
    fastcgi_param SERVER_ADDR $server_addr;
    fastcgi_param SERVER_PORT $server_port;
    fastcgi_param SERVER_NAME $server_name;
    fastcgi_param REDIRECT_STATUS 200;
}

Optional: Nginx X-Accel-Redirect

To enable Nginx X-Accel-Redirect, add fastcgi_param MOD_X_ACCEL_REDIRECT_ENABLED on; after PATH_INFO in phpowncloud.conf, and add these location blocks to owncloud.conf:

location ~ ^/home/nginx/domains/owncloud1.com/public/data/.+$ {
    internal;
    root /;
}

location ~ ^/tmp/oc-noclean/.+$ {
    internal;
    root /;
}

location ~ "^/tmp/owncloud-oc[a-zA-Z0-9]{10}/.+$" {
    internal;
    root /;
}

6 Restart Nginx and PHP-FPM 

nprestart

7 ownCloud Web Browser Setup

Open your domain in the browser (e.g. https://owncloud1.com) and click the Advanced setup button. Fill in the MySQL username, password, database name, and set database server/host to localhost, then proceed to finish setup.

PHP LDAP Extension Support

By default, Centmin Mod’s PHP-FPM install has PHP LDAP Extension disabled if the CentOS YUM package openldap-clients is not detected. Install it and recompile PHP via menu option #5 to enable LDAP support:

yum -y install openldap-clients
cd /usr/local/src/centminmod
./centmin.sh
# Select menu option #5 to recompile PHP with LDAP support

Notes

  • You may see a cancelled request for scan.php in developer tools. The server error log shows a 200 status code. Other ownCloud users on Apache or Nginx also observe this but report everything works fine.
  • The tools.php file check from the ownCloud forums can be used for additional server diagnostics.

Need help?

Join the community forums for Nginx configuration help and optimization tips.

Community Forums Getting Started Guide