Public Repository

Last pushed: 8 months ago
Short Description
OwnCloud Installation for Raspberry Pi
Full Description

Based on this image you can create a ready-to-be-used owncloud-installation on your RaspberryPi (backed by a MySQL-Database).

I did a lot of rework to the original images, to ensure support for letsencrypt-certificates as well as the self-signed default-certificates this setup will come with initially. So, you can consider this a version 2.

You can find the Dockerfile, all companion scripts as well as the docker-compose.yml-file in this BitBucket-Repo

For a cut'n'paste able Screencast see the sections below.

How's it all setup

In order to keep things separated and to support a smooth update-process for future owncloud releases the whole installation consists of three different container.

rpi-owncloud  --+                            // actual installation
                 |
                 +---> rpi-owncloud-db        // mysql database-backend
                 |
                 +---> rpi-owncloud-data    // volumes for uploaded files, configs 
                                            // and tls-certificates

This installation uses a mysql database as backend. The database is encapsulated in a dedicated container (rpi-owncloud-db) which in turn is linked to the actual owncloud-container (rpi-owncloud).

I also thought it would be benificial to separate the uploaded data, the configuration as well as the used tls-certificates from the actual owncloud installation to make upgrades much easier. That's the reason for the rpi-owncloud-data container which just provides volumes to store these data (so it's not a running container but just acts as data-store - it will immediately stop after starting, don't be confused).

Usage / Installation

Use docker-compose - (recommended)

To get the complete setup up and running with one command you should use docker-compose which pulls, creates and starts all necessary things.


NOTICE: Don't be confuesed! The screencast above demonstrates the setup using a nextcloud-image - not the owncloud-image which is described here! Since the setup-process is exactly the same I spared recording a redundant screencast.

So check out the repo, adjust the settings defined in docker-compose.yml to suit your needs and run sudo docker-compose up -d - that's it.

Notice: don't forget to change the passwords in the YAML-file

Or ... you could start everything by hand

So, how to get started. If you'd like to start everything manually you can do it this way:


NOTICE: Don't be confuesed! The screencast above demonstrates the setup using a nextcloud-image - not the owncloud-image which is described here! Since the setup-process is exactly the same I spared recording a redundant screencast.

1. create a dedicated network

To make sure that the owncloud-container can access your mysql-container you should link 'em via a dedicated network

sudo docker network create owncloud-network

This makes communication between (and only between the attached container) possible.

2. create a data-container

sudo docker run -d --name data schoeffm/rpi-owncloud-data

After the containers creation it will immediately stop running since its only purpose is to provide a bunch of volumes for our actual owncloud-container - and for that it mustn't be running. As mentioned before, this should make updates of your owncloud-container much easier since you don't have to worry about your uploaded files, your config.php or your tls-certificates.

3. start a MySQL-container

sudo docker run -d -p 3306:3306 --name mysql \
    --net=owncloud-network \
    -e OWNCLOUD_DB_USER=owncloud \
    -e OWNCLOUD_DB_PASSWORD=mycloud \
    -e MYSQL_ROOT_PASSWORD=foo \
    schoeffm/rpi-owncloud-mysql

This will start a mysql deamonized container. In order to be useful for our purposes we have to provide a password for the root-user as well as a username and password for the technical owncloud user. The running container provides a owncloud-schema which is accessible by the given user.

4. combine everything

sudo docker run -d --name owncloud -p 80:80 -p 443:443 \
    --net=owncloud-network \
    --volumes-from data \
    -e OWNCLOUD_DB_USER=owncloud \
    -e OWNCLOUD_DB_PASSWORD=mycloud \
    -e OWNCLOUD_SERVERNAME=tmp.hopto.org \
    schoeffm/rpi-owncloud

This starts the acutal owncloud container which is accessible via port 80 and 443 (whereas 80 just redirects to 443 - we won't accept unsecured communication).

Notice: don't forget to change the passwords to match those of your mysql-setup
Notice: be sure to provide a valid domain-name your installation will be accessible through

Configuration and means to adjust it

The overall setup is based on the very good tutorials of Jan Karres. Some of the more important things include:

  • nginx as web-server (smaller footprint, good performance)
  • only secured communication over SSL (port 80 will be redirected to 443)
  • thus, on first start a self-signed certificate will be created (be sure you provide a valid OWNCLOUD_SERVERNAME)
  • extended file-upload limits in your php.ini (2048M)
  • preconfigured UTF-8 support
  • ... (see here and here for more details)

Environment-Variables

The Dockerfile defines/uses the following environment variables to control the behaviour of our installation:

variable used during default description
OWNCLOUD_VERION build depends on version Determines the owncloud version to be used during image build
OWNCLOUD_CERT_DIR runtime /srv/http/ssl This is the location nginx will expect tls-certificates. The start-script will place it's self-signed certs in this location as well.
OWNCLOUD_DATA_DIR runtime /srv/http/owncloud/data Specifies the directory where all uploaded data will be placed (also the log-files and other stuff are placed here). This directory should match one of the exported volumes of rpi-owncloud-data.
OWNCLOUD_CONFIG_DIR runtime /var/www/owncloud/config During installation the autoconfig.php is placed here - afterwards this is the location where owncloud stores its config.php. Again, this directory should match a volume of rpi-owncloud-data
OWNCLOUD_SERVERNAME runtime dockerpi This is the domain-name which is used during certificate creationas well as during owncloud-setup (redirections etc.).<br/> Notice: has to be changed!!
OWNCLOUD_DIFFIE_HELLMAN runtime on During first startup a PEM-file will be generated (along with the self-signed certificate) which is used to configure nginx to use Diffie-Hellman for key exchange. Since this generation can take a significant amount of time (depending on your RaspberryPi Version), you can deactivate it.
OWNCLOUD_DB_USER runtime owncloud Well, should be clear what this is<br/>Notice: has to be changed!!
OWNCLOUD_DB_PASSWORD runtime mycloud dto.

Replace self-signed certs with letsencrypt certs

By default, when started for the first time, the rpi-owncloud-container will generate a self-signed certificate (places it in a mounted volume and checks on every subsequent restart for its existance to ensure it's done only once). Because it's self-signed, browsers will consider this certificate as non-trustworthy.

Therefore, you should consider to provide a trustworthy certificate - like the ones letsencrypt will issue. As luck would have it, we also have a proper dehydrated-image right at your disposal.


NOTICE: Don't be confuesed! The screencast above demonstrates the setup using a nextcloud-image - not the owncloud-image which is described here! Since the setup-process is exactly the same I spared recording a redundant screencast.

Provided with a proper config-file you should be able to generate (and keep up to date) a set of valid certificates (the rpi-owncloud-repo already contains a suitable configuration as well as a trigger-shell script).
It should be easy to define a cron-job repeatedly updating these certs for you.

In combination with the nginx configuration contained in this image you should get a level A rating for your setup.

How does an upgrade look like

owncloud provide different ways to upgrade an installation. Our approach is pretty much compareable with the maunal upgrade - which you still should read through!

  1. it is always wise to backup your data before you start to change your current setup

    • dump the database-content (i.e. by using the mysql-workbench)
    • dump the data contained in our volume

        sudo docker run --rm --volumes-from owncloud-data \
            -v $(pwd):/backup resin/rpi-raspbian \
            tar cvf /backup/owncloud-data-backup.tar /srv
      
  2. now, turn on maintenance mode

     sudo docker exec -u www-data -d owncloud \
         php /var/www/owncloud/occ maintenance:mode --on
    
  3. stop the currently running instance:

     sudo docker stop owncloud
    
  4. start the new version by creating a new container (as we've described above - don't forget to give it a new name or remove the old one first)
  5. now, execute the upgrade script (within the new, running container)

     sudo docker exec -u www-data -d owncloud \
         php /var/www/owncloud/occ upgrade
    
  6. finally, turn off the maintenance mode again

     sudo docker exec -u www-data -d owncloud \
         php /var/www/owncloud/occ maintenance:mode --off
    

That's it!

Docker Pull Command
Owner
schoeffm

Comments (8)
schoeffm
8 months ago

Hi wrzecion,

there was a bug in the Diffie-Hellman setup procedure (just a small typo but with disastrous consequences, as always). I've fixed it and uploaded all images again (as you can see at the timestamps of the available image-tags). I know it's annoying but I just figured it out by myself (the DH-generation is not test-friendly).

So just pull the latest image again and you should be fine (you should be able to reuse your existing container-instances of mysql and data - just remove the owncloud-instance and recreate this one, it should be much faster since DH-setup will be skipped).

For the second question - I use a ddns service by myself. For all initialization scripts you should use the external hostname (i.e. fancy.dyndns.org). It's important since services like letsencrypt will use this way to reach and challange your installation when creating a certificate.
In my setup there's no big difference between calling the installation with its ddns hostname or just via IP-address (from within the internal network).

Hope that helps

wrzecion
8 months ago

Hi, I have a problem, probably I don't understand something...
After "sudo docker run -d --name owncloud...." command, when I check logs (after about 30 minutes), rpi show:
"....Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
......(I shortened it)..........++++
/bin/sh: 1: service: not found"

Is it accurate?

BTW what server name should i choose when I whant to access cloud from ddns and local net?

wd5gnr
a year ago

The access denied problem seems to stem from the mysql database forgetting the owncloud user. To fix you have to attach a shell to the db container and readd the user manually. I'm not sure what causes it to happen in the first place, though.

schoeffm
a year ago

Yes - I'll have a look into lets encrypt ...

mzivk
a year ago

It would be great to integrate let's encrypt. This would be an easy way to avoid the browser error messages when trying to connect to a site with a self signed certificate

pewpsockemz
a year ago

Hello,

I get all of this working fine but when I reboot the raspberry pi going to the owncloud login page gives me an internal server error.

schoeffm
a year ago

Hi,

I know it's quite late for an answer - but I was poked again (thx Oliver) and well, finally I've found some time to investigate.

Yes - I've recognized that there's a bug in the setup of the companion container rpi-owncloud-data.
Well, I've fixed that (it worked for me at least), pushed a new version of rpi-owncloud-data and now you should be able to change the DB-password as you'd like. You can use the compose-file or start every container manually (as described in the README).

Hope that helps.

owlabs
2 years ago

This is a great set-up and I have got it mostly running easily using docker-compose. Thank you.

I'm coming across one issue that you may have an idea on, which is that when I get to the first owncloud screen and try to set up the admin user, it repeatedly fails with an access denied for user 'owncloud'@'172.17.0.3' error. I've triple checked that I've got the password and other details right, have cleared everything out and rerun it again, but I can't get past this.

Do you have any ideas what the underlying issue might be? Have you seen this yourself?

Many thanks for any help you can offer.