OwnCloud: your private, shareable file storage cloud
Cloud access to your files, like Google Drive, Box, One Drive, Dropbox... there are more... has become big business recently. It's something which allows us to access our documents wherever we are, on almost any platform. While I believe they still have a place for most home users (and also businesses) I'd like to offer an alternative.
For those of us with the time and inclination, there's a good range of self-hosted options to choose from, allowing us to create and manage our own cloud storage without needing to rely on the big boys.
There are some criteria we require in choosing our self-hosted cloud storage:
- It's available as a docker image, and still has active support from the developers
- It allows for multiple users, both admin and regular
- It can be self-hosted, and can be accessed via reverse proxy
- It has good security options, such as 2FA
- It offers file encryption
- It has a supported phone app
- It supports public, shareable links (for when you just have to share that funny photo with someone who isn't a user)
- At its core, it's a document storage solution
In my mind, there are two applications which cover all of the above: ownCloud, and Nextcloud. The latter is an offshoot of the former, and supposedly more developed. It definitely provides more options for integrations, plugins and varied functionality. However it's also (in my experience) a bigger resource hog, and did not play well during a container migration. Feel free to try Nextcloud, I know those who swear by it. Try ownCloud, see how they compare. Personally, I don't need all the bells and whistles which Nextcloud tries to add, so today I'll talk you through ownCloud.
We will cover: the server installation via docker; initial setup steps once you've accessed your ownCloud instance; installing the Windows sync tool; installing ownCloud for Android (which is practically the same as for iPhone).
Prepping your system
This process will install three containers - ownCloud, MariaDB, and Redis. Let's prep our file system:
- Navigate to the directory where you store your container config and persistent folders, and create one called
owncloud(lowercase is important, and will continue to be so throughout this walkthrough) - Inside your
owncloudfolder, create three more calleddb,filesandredis - Still inside the
owncloudfolder, create a file calleddocker-compose.yml - Make sure you know the IP address of your host machine (NAS, Raspberry Pi, whatever it is). On linux based systems you can do this from the command line by typing in
ifconfigand finding the correct network adapter. On windows machines, open up a command prompt or terminal and the command isipconfig - SSH into your machine, and create a docker network for your ownCloud instance by typing
sudo docker network create owncloud. Again, the letters are case sensitive
Creating your containers
We can now get on with the business of creating the containers.
- Navigate to and open the
docker-compose.ymlfile we created in step 2 above (use whichever method you're most comfortable with, SSH and vim, SMB via windows, whatever) - Copy paste the following, and then make sure to pay attention to the parts that need to be changed:
#########NETWORKS#########
networks:
owncloud:
external: true
#########NETWORKS#########
services:
owncloud:
image: owncloud/server:latest
container_name: owncloud
restart: unless-stopped
ports:
- 8080:8080 #change before the ':' if necessary
depends_on:
- oc-db #makes sure the database is up before running owncloud
- oc-redis #same as above
environment:
- OWNCLOUD_DOMAIN=123.456.789.9:8080 #change to your host IP and port above
- OWNCLOUD_TRUSTED_DOMAINS=123.456.789.9,owncloud.yourdomain.com #change to match the IP ONLY above (do not include the port) and add the domain you will use to access it externally. If you don't plan to access it externally, delete the domain and the comma
- OWNCLOUD_DB_TYPE=mysql
- OWNCLOUD_DB_NAME=owncloudDB
- OWNCLOUD_DB_USERNAME=#choose a username (1)
- OWNCLOUD_DB_PASSWORD=#enter a strong password (1)
- OWNCLOUD_DB_HOST=oc-db
- OWNCLOUD_ADMIN_USERNAME=#choose a username (2)
- OWNCLOUD_ADMIN_PASSWORD=#choose a strong password (2)
- OWNCLOUD_MYSQL_UTF8MB4=true
- OWNCLOUD_REDIS_ENABLED=true
- OWNCLOUD_REDIS_HOST=oc-redis
healthcheck:
test: ["CMD", "/usr/bin/healthcheck"]
interval: 30s
timeout: 10s
retries: 5
volumes:
- ./files:/mnt/data
networks:
- owncloud
oc-db:
image: mariadb:10.5
container_name: owncloud_db
restart: unless-stopped
environment:
- MYSQL_ROOT_PASSWORD=#choose a strong password (3)
- MYSQL_USER=#the same as username (1) above
- MYSQL_PASSWORD=#the same as password (1) above
- MYSQL_DATABASE=owncloudDB
command: ["--max-allowed-packet=128M", "--innodb-log-file-size=64M"]
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-u", "root", "--password=#the same as password (3) above"]
interval: 10s
timeout: 5s
retries: 5
volumes:
- ./db:/var/lib/mysql
networks:
- owncloud
oc-redis:
image: redis:6
container_name: owncloud_redis
restart: unless-stopped
command: ["--databases", "1"]
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 5s
retries: 5
volumes:
- ./redis:/data
networks:
- owncloudSome things to change above:
- If you change the owncloud port mapping, make sure you reflect this in the
OWNCLOUD_DOMAIN - Set your host machine's IP address as the
OWNCLOUD_DOMAIN, followed by the owncloud published port (the number before the:specified in theportsblock) - If you plan on using multiple domains to access your OwnCloud instance (such as locally via IP, but also via a personal domain such as
owncloud.yourcooldomain.comwith a reverse proxy) then you must add each trusted domain as comma separated without whitespace, i.e.- OWNCLOUD_TRUSTED_DOMAINS=123.456.789.9,owncloud.mycooldomain.com - Make sure to set usernames and strong passwords where specified
owncloud container and the oc-db containerOnce you're happy you have the right information included, it's time to create the containers:
- Log in to your host machine via SSH
- Navigate to the directory which holds your
docker-compose.ymlfile - Type the following command:
sudo docker-compose -p "owncloud" up -d-p flag allows us to name our stack- Watch the CLI window as it downloads the images and creates the containers - the actual owncloud container will be created last
or copy/paste the above stack to Portainer and hit the blue 'Deploy the stack' button after making the relevant changes
All being well, you should now have the three containers created.
Accessing OwnCloud
In your browser's address bar, enter serverIP:8080 (if you changed the port mapping in the compose above, you need to use whatever port you specified here as well).
You should be shown the following screen:
Enter the the username and password you set above for OWNCLOUD_ADMIN_USERNAME and OWNCLOUD_ADMIN_PASSWORD and you should be logged in, with the screen changing to something similar to this:
- This button opens a small drop-down menu where you can select things like admin settings
- This hamburger/3-line menu button is where you will access the different apps or add-ons you may integrate, such as a calendar or a music player. It's also where you will be able to find the 'Market' app, which is where you can browse the official integrations available to you
- Clicking
+allows you to add files or folders, or upload
Initial recommended steps
The following can all be done from the Settings page using your admin user
Enable 2-factor authentication (2FA)
2-Factor Authentication and install it (see image below)
In Settings, click on the 'Apps' menu in the left hand navigation panel, and then search for 2-Factor Authentication. Click the 'Enable' button. The next time you or another user logs in, you will be required to set up 2FA on your device (like a mobile). This is extremely useful (and important) for safety when exposing your ownCloud instance to the web.
Take some time to explore the other apps which are already listed here, and in the Market, such as Duo, Music, Media Viewer, etc. You can install/enable/disable from these screens, but be aware that disabling certain inbuilt services may cause breaking changes to occur to your setup.
Set up your mail-server credentials
If you have your own mail server, you can set up an admin email account which will mail users on certain events, such as when they change their emails, if a document is shared with them, etc.
Head over to the 'General' menu in the left-hand navigation pane, and input your mail-server credentials at the top of the screen:
This page also offers mail templates if you create a theme, and general logs options.
Enabling Encryption
Click the 'Encryption' menu in the left-hand navigation pane. At the top of the screen you'll see a checkbox to enable server-side encryption.
Once you click it, a red text box will appear which explains various need-to-know information. Once you've read it and are satisfied, click the button labeled 'Enable encryption'
Add users
Hit the button top right, then select Users from the drop-down box. The screen you're shown will initially be pretty empty, and will only include your admin user.
There are 3 main areas to this page. The main one is where your users are listed. Here, as the admin, you can change any user's password, the group(s) they're part of, assign whether or not a user can be an admin for a particular group, and set a storage quota for them (1GB, 5GB, Unlimited, etc.).
The far left panel allows you to create and quickly view your groups.
Finally, at the top of the screen under the ownCloud bar you will be able to add a user. If you've set up your mail-server correctly following the steps above, enter their email address as well. Once you hit the 'Create' button, your new user will be emailed with a temporary password to access ownCloud, and will then be asked to change it on their first login. If you've enabled 2FA already, they will also be asked to set that up.
Setting up your apps (windows and mobile)
Coming soon...
Related Articles
PTS
PTS