What is this?
OwnCloud is a free personal alternative to Dropbox. You run your own server so storage is limited to whatever storage your server has. It has much of the same features (and some more) that Dropbox has, and after a few days use it seems “so far so good”.
About this guide
This guide is intended to help anyone who wants to set up OwnCloud on Windows. It didn’t work perfectly “out of the box” so I thought I’d share my findings. (WARNING!) It was however written a few days after I installed OwnCloud, and a few months after installing the server. I may have missed a detail here and there. If you have any problems please leave a comment below, then refer to OwnCloud documentation at http://doc.owncloud.org/server/5.0/admin_manual/installation/installation_windows.html. This guide does however contain elements that the OwnCloud instructions lack.
I will come back to this guide and update it when I reinstall OwnCloud on a different server. Its currently running on my dev/testserver while I’m testing it.
On your server install the “Web Server (IIS)” role:
- Under “Web Server (IIS)” role you can select anything you need.
- Do not select “WebDav” (under “Common HTTP Features”).
- Under “Application Development” select “CGI” and both ISAPI-options.
- Under “Management Tools” check whatever you need, minimum “IIS Management Console”
On your server start “Web Platform Installer”. Choose “Products”, then “All”. Install the following:
- Latest version of PHP.
- Latest version of MySQL. (Note that you can use MSSQL if that is preferred, OwnCloud supports this.)
- Windows Cache Extensions (for same version as PHP you installed.)
Installing through Web Platform Installer is not required, but it makes things much easier if you don’t know how to handle PHP on Windows/IIS. It will configure PHP for use with FastCGI, and trhe Cache Extension will set up opcode caching of PHP-scripts. This will give you fairly good performance on the PHP-scripts.
Create a database and user for OwnBox in MySQL:
* mysqladmin -uroot -p CREATE OwnBoxDb
* mysql -uroot -p
In MySQL type: GRANT ALL ON OwnBoxDb.* TO ‘OwnBoxUser’@’127.0.0.1’ IDENTIFIED BY ‘YourDbPass’;
MySSQL will ask you for root password, this is the one you set during “Web Platform Installer” installation of MySQL.
Now you need a functioning website on your server. I won’t go into the details for this as its very well covered elsewhere, for example here. If in doubt, Google it. Once set up you test your newly set up website to ensure its working. A good way to do this would be to add a file to the root named “SomeRandomName.php” that contains “<?php phpinfo(); ?>”. Execute this file from the browser and you should see the PHP info screen.
Note1: Since OwnCloud stores files and folders directly to filesystem you should consider using a folder with few characters for server installation. There is a limit to how long a directory+filename can be, if the server has already used some of this limit as the root folder for OwnCloud then some files simply can’t be synced. I.e. if your website folder is “C:\Inetpub\MyDomains\www.mydomainname.com” then the root for files is “C:\Inetpub\MyDomains\www.mydomainname.com\data\user\files”.
I used “C:\OwnCloud” which I then linked into “C:\Inetpub\mydomain\OwnCloud” by command: mklink /d C:\Inetpub\mydomain\OwnCloud C:\OwnCloud. The directory link was simply to make it straightforward to configure IIS, its not really required.
Note2: I highly recommend using SSL for OwnCloud even if you don’t have an official SSL certificate. First off OwnCloud client will ask you to accept the certificate and remember that choice, so if its tampered with later you will be notified – this makes it almost as good as the real thing. Second, from what I can see the password is transferred using basic authentication (which is very insecure.)
Note3: Not only should you use SSL, but try to put the files under a folder – and name the folder something else than “OwnCloud”. Why? Well… if/when someone finds a security hole they can simply probe the internet for a specific file. This probe is usually limited to http(s)://ip/file.php or http(s)://ip/productname/file.php. If you have put your app in a very default folder chances are they will find it.
Note4: And after all of the above, consider adding authentication in IIS (not relying only on OwnClouds login screen, but instead securing the whole site).
Now assuming you have a working website with PHP-support:
- Download server software from http://owncloud.org/install/ (Tar or Zip file).
- Extract the files directly into the website folder.
- Give IIS user “full access” to the website folder.
- Now open the website in a browser. The OwnCloud installation wizard should pop up and ask you for SQL credentials, to create the first admin user, etc..
Important: During configuration do not specify “localhost” as database, instead use “127.0.0.1”. The reason being a very old and still existing “bug” in MySQL for Windows which causes about 1 second timeout in resolving/DNS lookup of “localhost”.
Configure IIS … again
Ok, so far so good. We have a working OwnCloud with a few problems here and there.
First: Many of your files are publicly available. If you can navigate to http://yourserver/data/ and see a blank page then thats a bad thing (really). To block direct access to this folder simply add a file named “Web.Config” that contains:
<?xml version="1.0" encoding="UTF-8"?>
<remove users="*" roles="" verbs="" />
<add accessType="Deny" users="*" />
Second: IIS will by default be blocking a few things that will cause some files to not be synced:
- maxAllowedContentLength: Max size of any file sent to server.
maxUrl/maxQueryString: Max size in URL parameter. (length of filename+metadata)
allowDoubleEscaping: Special characters in filename.
To allow these, add a file named “Web.Config” to the root folder of OwnCloud:
<?xml version="1.0" encoding="UTF-8"?>
<requestLimits maxAllowedContentLength="41000000" maxUrl="16384" maxQueryString="8192" />
Important: You need to configure PHP.INI to allow large uploads as well, see “upload_max_filesize” and “post_max_size” in PHP.ini. Ref: http://doc.owncloud.org/server/5.0/admin_manual/installation/installation_windows.html#configuring-owncloud-php-and-iis-for-large-file-uploads
Third: I had WebDAV feature installed in IIS already so I had problems with invalid HTTP VERBS. If you encounter this doublecheck that you do not have WebDAV role installed, if you have – uninstall and reboot the server.
Under “Apps” section on website, remove all apps you don’t really need. Keep “Deleted files”, “Versions” and similar, but disable image galleries, fulltext search and stuff. Once you get everything working you can enable apps and test them.
Installing OwnCloud Client
Configuring cron / scheduled task
A scheduled task (called “Cron” on other platforms) is required for regular maintenance of your files/database. This can be run in 3 different ways: “AJAX”, “Webcron” and “Cron”. AJAX sounds like it requires a webbrowser to visit the page, it also only takes one task per visit. Not sure if thats enough when I’m using the client software. “Webcron” is fine, but not required when we have “Cron”. So under “Admin” section on webinterface I chose “Cron”. This means that the server has to execute C:\OwnCloud\Cron.PHP every 1 minute.
Since your server may not have .php extension mapped to php.exe (mine has it mapped to WebMatrix) you may need to provide full path to your PHP.exe as the executable, then full path to “Cron.php” as parameter. I put the directory of “Cron.php” as startup dir just to be sure. Good practice anyhow.
Test your configuration by executing the task and see that it returns 0x0. If it doesn’t, try executing it directly from browser (https://yourdomain.com/OwnCloud/Cron.php) and check out “Issues” below.
Small sidenote. I set the scheduled task to run as the IIS user (IIS_IUSR), rationale being that if anyone (hacker) could modify Cron.php to do something else then Scheduled Tasks should not help them elevate their privelegies further.
Cron-job failed with “Unexpected error”. Clearing the queued tasks table fixed that. In MySQL: