diff --git a/admin_manual/configuration_files/big_file_upload_configuration.rst b/admin_manual/configuration_files/big_file_upload_configuration.rst index 81d78039a..e06a9414e 100644 --- a/admin_manual/configuration_files/big_file_upload_configuration.rst +++ b/admin_manual/configuration_files/big_file_upload_configuration.rst @@ -75,7 +75,7 @@ Apache with mod_fcgid Setting ``FcgidMaxRequestInMem`` significantly higher than normal may no longer be necessary, once bug #51747 is fixed. -nginx +NGINX ^^^^^ * `client_max_body_size `_ * `fastcgi_read_timeout `_ diff --git a/admin_manual/configuration_server/performance_tuning/oc_server_tuning.rst b/admin_manual/configuration_server/performance_tuning/oc_server_tuning.rst index a17eaad30..ecde60cd3 100644 --- a/admin_manual/configuration_server/performance_tuning/oc_server_tuning.rst +++ b/admin_manual/configuration_server/performance_tuning/oc_server_tuning.rst @@ -22,4 +22,4 @@ Caching Caching improves performance by storing data, code, and other objects in memory. Memory cache configuration for the ownCloud server is no longer automatic in ownCloud 8.1 and up, but must be installed and configured. See -:doc:`../caching_configuration`. \ No newline at end of file +:doc:`../caching_configuration`. diff --git a/admin_manual/configuration_server/performance_tuning/ssl_encryption_app.rst b/admin_manual/configuration_server/performance_tuning/ssl_encryption_app.rst index 84783adbf..52e44dfbe 100644 --- a/admin_manual/configuration_server/performance_tuning/ssl_encryption_app.rst +++ b/admin_manual/configuration_server/performance_tuning/ssl_encryption_app.rst @@ -37,4 +37,5 @@ AES-NI extension: coreinfo, it is maybe disabled in the BIOS. * If your environment runs virtualized, check the virtualization vendor for - support. \ No newline at end of file + support. + \ No newline at end of file diff --git a/admin_manual/configuration_server/performance_tuning/webserver_tips.rst b/admin_manual/configuration_server/performance_tuning/webserver_tips.rst index cd5d74031..202dabe8b 100644 --- a/admin_manual/configuration_server/performance_tuning/webserver_tips.rst +++ b/admin_manual/configuration_server/performance_tuning/webserver_tips.rst @@ -16,33 +16,11 @@ on/off``. If it is on, then add this line to ``php.ini`` to turn it off:: Enable the SPDY / http_v2 protocol ---------------------------------- -Your Web server can be configured to use the SPDY / http_v2 protocol which could improve -the overall performance of ownCloud. Please have a look at the documentation of -your Web servers module for more information: +If you want to enable SPDY for Apache please note the `Known Issues +`_ of this module to avoid +problems after enabling it. -==================== ================== -Web server Module Name / Link -==================== ================== -Apache `mod-spdy `_ -nginx (<1.9.5) `ngx_http_spdy_module `_ -nginx (+1.9.5) `ngx_http_http2_module `_ -==================== ================== - -.. note:: If you want to enable SPDY for Apache please note the `Known Issues - `_ - of this module to avoid problems after enabling it. - -.. note:: If you want to use http_v2 for nginx you have to check two things: - - 1.) be aware that this module is not built in by default due to a dependency - to the openssl version used on your system. It will be enabled with the - ``--with-http_v2_module`` configuration parameter during compilation. The - dependency should be checked automatically. You can check the presence of http_v2 - with ``nginx -V 2>&1 | grep http_v2 -o``. An example how to compile nginx can - be found in section "Configure Nginx with the ``nginx-cache-purge`` module" below. - - 2.) When you have used SPDY before, the nginx config has to be changed from - ``listen 443 ssl spdy;`` to ``listen 443 ssl http2;`` +``_ Apache Tuning ------------- @@ -118,235 +96,3 @@ down errors. .. Options Indexes SymLinksIfOwnerMatch AllowOverride All .. -Nginx: caching ownCloud gallery thumbnails ------------------------------------------- - -One of the optimizations for ownCloud when using Nginx as the Web server is to -combine FastCGI caching with "Cache Purge", a `3rdparty Nginx module -`_ that adds the ability to purge -content from `FastCGI`, `proxy`, `SCGI` and `uWSGI` caches. This mechanism -speeds up thumbnail presentation as it shifts requests to Nginx and minimizes -php invocations which otherwise would take place for every thumbnail presented -every -time. - -The following procedure is based on an Ubuntu 14.04 system. You may need to -adapt it according your OS type and release. - -.. note:: - Unlike Apache, Nginx does not dynamically load modules. All modules needed - must be compiled into Nginx. This is one of the reasons for Nginx´s - performance. It is expected to have an already running Nginx installation - with a working configuration set up as described in the ownCloud - documentation. - -Nginx module check -^^^^^^^^^^^^^^^^^^ - -As a first step, it is necessary to check if your Nginx installation has the -``nginx cache purge`` module compiled in:: - - nginx -V 2>&1 | grep ngx_cache_purge -o - -If your output contains ``ngx_cache_purge``, you can continue with the -configuration, otherwise you need to manually compile Nginx with the module -needed. - -Compile Nginx with the ``nginx-cache-purge`` module -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -1. **Preparation:** - -:: - - cd /opt - wget http://nginx.org/keys/nginx_signing.key - sudo apt-key add nginx_signing.key - sudo vi /etc/apt/sources.list.d/nginx.list - -Add the following lines (if different, replace ``{trusty}`` by your distribution - -name):: - - deb http://nginx.org/packages/mainline/ubuntu/ trusty nginx - deb -src http://nginx.org/packages/mainline/ubuntu/ trusty nginx - -Then run ``sudo apt-get update`` - -.. note:: If you're not overly cautious and wish to install the latest and - greatest Nginx packages and features, you may have to install Nginx from its - mainline repository. From the Nginx homepage: "In general, you should - deploy Nginx from its mainline branch at all times." If you would like to - use standard Nginx from the latest mainline branch but without compiling in - any additional modules, just run ``sudo apt-get install nginx``. - -2. **Download the Nginx source from the ppa repository** - -:: - - cd /opt - sudo apt-get build-dep nginx - sudo apt-get source nginx - -3. **Download module(s) to be compiled in and configure compiler arguments** - -:: - - ls -la - -Please replace ``{release}`` with the release downloaded:: - - cd /opt/nginx-{release}/debian - -If folder "modules" is not present, do: - -:: - - sudo mkdir modules - cd modules - sudo git clone https://github.com/FRiCKLE/ngx_cache_purge.git - sudo vi /opt/nginx-{release}/debian/rules - -If not present, add the following line at the top under:: - - #export DH_VERBOSE=1: - MODULESDIR = $(CURDIR)/debian/modules - -And at the end of every ``configure`` command add:: - - --add-module=$(MODULESDIR)/ngx_cache_purge - -Don't forget to escape preceeding lines with a backslash ``\``. -The parameters may now look like:: - - --with-cc-opt="$(CFLAGS)" \ - --with-ld-opt="$(LDFLAGS)" \ - --with-ipv6 \ - --add-module=$(MODULESDIR)/ngx_cache_purge - -4. **Compile and install Nginx** - -:: - - cd /opt/nginx-{release} - sudo dpkg-buildpackage -uc -b - ls -la /opt - sudo dpkg --install /opt/nginx_{release}~{distribution}_amd64.deb - -5. **Check if the compilation and installation of the ngx_cache_purge module - was successful** - -:: - - nginx -V 2>&1 | grep ngx_cache_purge -o - -It should now show: ``ngx_cache_purge`` - -Show Nginx version including all features compiled and installed:: - - nginx -V 2>&1 | sed s/" --"/"\n\t--"/g - -6. **Mark Nginx to be blocked from further updates via apt-get** - -:: - - sudo dpkg --get-selections | grep nginx - -For every nginx component listed run ``sudo apt-mark hold `` - -7. **Regular checks for nginx updates** - -Do a regular visit on the `Nginx news page `_ and proceed -in case of updates with items 2 to 5. - -Configure Nginx with the ``nginx-cache-purge`` module -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -1. **Preparation** - Create a directory where Nginx will save the cached thumbnails. Use any - path that fits to your environment. Replace ``{path}`` in this example with - your path created: - -:: - - sudo mkdir -p /usr/local/tmp/cache - -2. **Configuration** - -:: - - sudo vi /etc/nginx/sites-enabled/{your-ownCloud-nginx-config-file} - -Add at the *beginning*, but *outside* the ``server{}`` block:: - - # cache_purge - fastcgi_cache_path {path} levels=1:2 keys_zone=OWNCLOUD:100m inactive=60m; - map $request_uri $skip_cache { - default 1; - ~*/thumbnail.php 0; - ~*/apps/galleryplus/ 0; - ~*/apps/gallery/ 0; - } - -.. note:: Please adopt or delete any regex line in the ``map`` block according - your needs and the ownCloud version used. -.. note:: As an alternative to mapping, you can use as many ``if`` statements in - your server block as necessary:: - - set $skip_cache 1; - if ($request_uri ~* "thumbnail.php") { set $skip_cache 0; } - if ($request_uri ~* "/apps/galleryplus/") { set $skip_cache 0; } - if ($request_uri ~* "/apps/gallery/") { set $skip_cache 0; } - -Add *inside* the ``server{}`` block, as an example of a configuration:: - - - # cache_purge (with $http_cookies we have unique keys for the user) - fastcgi_cache_key $http_cookie$request_method$host$request_uri; - fastcgi_cache_use_stale error timeout invalid_header http_500; - fastcgi_ignore_headers Cache-Control Expires Set-Cookie; - - location ~ \.php(?:$/) { - fastcgi_split_path_info ^(.+\.php)(/.+)$; - - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param HTTPS on; - fastcgi_pass php-handler; - - # cache_purge - fastcgi_cache_bypass $skip_cache; - fastcgi_no_cache $skip_cache; - fastcgi_cache OWNCLOUD; - fastcgi_cache_valid 60m; - fastcgi_cache_methods GET HEAD; - } - -.. note:: Note regarding the ``fastcgi_pass`` parameter: - Use whatever fits your configuration. In the example above, an ``upstream`` - was defined in an Nginx global configuration file. - This may look like:: - - upstream php-handler { - server unix:/var/run/php5-fpm.sock; - # or - # server 127.0.0.1:9000; - } - -3. **Test the configuration** - -:: - - sudo nginx -s reload - -* Open your browser and clear your cache. -* Logon to your ownCloud instance, open the gallery app, move thru your - folders and watch while the thumbnails are generated for the first time. -* You may also watch with eg. ``htop`` your system load while the - thumbnails are processed. -* Go to another app or logout and relogon. -* Open the gallery app again and browse to the folders you accessed before. - Your thumbnails should appear more or less immediately. -* ``htop`` will not show up additional load while processing, compared to - the high load before. diff --git a/admin_manual/configuration_server/security_setup_warnings.rst b/admin_manual/configuration_server/security_setup_warnings.rst index 8ece9e3dc..ee7343c3a 100644 --- a/admin_manual/configuration_server/security_setup_warnings.rst +++ b/admin_manual/configuration_server/security_setup_warnings.rst @@ -50,14 +50,15 @@ You are accessing this site via HTTP server to require using HTTPS instead." Please take this warning seriously; using HTTPS is a fundamental security measure. You must configure your Web server to support it, and then there are some settings in the **Security** -section of your ownCloud Admin page to enable. The following manual pages +section of your ownCloud Admin page to enable. The following pages describe how to enable HTTPS on the Apache and Nginx Web servers. :ref:`enabling_ssl_label` (on Apache) :ref:`use_https_label` -:ref:`nginx_configuration_example` +`NGINX configuration +`_ The test with getenv(\"PATH\") only returns an empty response ------------------------------------------------------------- @@ -84,7 +85,7 @@ Further information can be found in our documentation." This message is another one which needs to be taken seriously. Please have a look at the :ref:`dev-urandom-label` documentation. -Your web server is not yet set up properly to allow file synchronization +Your Web server is not yet set up properly to allow file synchronization ------------------------------------------------------------------------ "Your web server is not yet set up properly to allow file synchronization because @@ -112,8 +113,9 @@ and an heuristic is running the test which actually reproduces the bug. There are distributions such as RHEL/CentOS which have this backport still `pending `_. -Your web server is not set up properly to resolve /.well-known/caldav/ or /.well-known/carddav/ +Your Web server is not set up properly to resolve /.well-known/caldav/ or +/.well-known/carddav/ ----------------------------------------------------------------------------------------------- Both URLs needs to be correctly redirected to the DAV endpoint of ownCloud. Please -refer to :ref:`service-discovery-label` for more info. \ No newline at end of file +refer to :ref:`service-discovery-label` for more info. diff --git a/admin_manual/installation/hiawatha_configuration.rst b/admin_manual/installation/hiawatha_configuration.rst deleted file mode 100644 index c32cbfe63..000000000 --- a/admin_manual/installation/hiawatha_configuration.rst +++ /dev/null @@ -1,12 +0,0 @@ -Hiawatha Configuration -====================== - -Add ``WebDAVapp = yes`` to the ownCloud virtual host. Users accessing -WebDAV from MacOS will also need to add ``AllowDotFiles = yes``. - -Disable access to data folder:: - - UrlToolkit { - ToolkitID = denyData - Match ^/data DenyAccess - } diff --git a/admin_manual/installation/index.rst b/admin_manual/installation/index.rst index 2d5e01e45..1c07f3a1e 100644 --- a/admin_manual/installation/index.rst +++ b/admin_manual/installation/index.rst @@ -16,8 +16,3 @@ Installation php_54_installation php_55_installation selinux_configuration - nginx_configuration - ucs_installation - hiawatha_configuration - yaws_configuration - macos_installation diff --git a/admin_manual/installation/macos_installation.rst b/admin_manual/installation/macos_installation.rst deleted file mode 100644 index 42ef1346b..000000000 --- a/admin_manual/installation/macos_installation.rst +++ /dev/null @@ -1,7 +0,0 @@ -Mac OS X --------- - -.. note:: Due to an issue_ with Mac OS Unicode support, installing ownCloud Server |version| on - Mac OS is currently not supported. - -.. _issue: https://github.com/owncloud/core/issues/2377 diff --git a/admin_manual/installation/nginx_configuration.rst b/admin_manual/installation/nginx_configuration.rst deleted file mode 100644 index 3c3018706..000000000 --- a/admin_manual/installation/nginx_configuration.rst +++ /dev/null @@ -1,177 +0,0 @@ -.. _nginx_configuration_example: - -=================== -Nginx Configuration -=================== - -- You need to insert the following code into **your nginx config file.** -- The config assumes that ownCloud is installed in /var/www/owncloud and - that it is accessed via http(s)://cloud.example.com. -- Adjust **server_name**, **root**, **ssl_certificate** and - **ssl_certificate_key** to suit your needs. -- Make sure your SSL certificates are readable by the server (see `Nginx HTTP - SSL Module documentation `_). -- ``add_header`` statements are only taken from the current level and are not cascaded - from or to a different level. All necessary ``add_header`` statements must be defined - in each level needed. For better readability it is possible to move *common* add - header statements into a separate file and include that file wherever necessary. - However, each ``add_header`` statement must be written in a single line to prevent - connection problems with sync clients. - -.. note:: The following example assumes that your ownCloud is installed in - your webroot. If you're using a subfolder you need to adjust the configuration - accordingly. - -:: - - upstream php-handler { - server 127.0.0.1:9000; - #server unix:/var/run/php5-fpm.sock; - } - - server { - listen 80; - server_name cloud.example.com; - # enforce https - return 301 https://$server_name$request_uri; - } - - server { - listen 443 ssl; - server_name cloud.example.com; - - ssl_certificate /etc/ssl/nginx/cloud.example.com.crt; - ssl_certificate_key /etc/ssl/nginx/cloud.example.com.key; - - # Add headers to serve security related headers - add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; - add_header X-Content-Type-Options nosniff; - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - - # Path to the root of your installation - root /var/www/owncloud/; - # set max upload size - client_max_body_size 10G; - fastcgi_buffers 64 4K; - - # Disable gzip to avoid the removal of the ETag header - gzip off; - - # Uncomment if your server is build with the ngx_pagespeed module - # This module is currently not supported. - #pagespeed off; - - index index.php; - error_page 403 /core/templates/403.php; - error_page 404 /core/templates/404.php; - - rewrite ^/.well-known/carddav /remote.php/dav/ permanent; - rewrite ^/.well-known/caldav /remote.php/dav/ permanent; - - # The following 2 rules are only needed for the user_webfinger app. - # Uncomment it if you're planning to use this app. - #rewrite ^/.well-known/host-meta /public.php?service=host-meta last; - #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ { - deny all; - } - - location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { - deny all; - } - - location / { - - rewrite ^/remote/(.*) /remote.php last; - - rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; - - try_files $uri $uri/ =404; - } - - location ~ \.php(?:$|/) { - fastcgi_split_path_info ^(.+\.php)(/.+)$; - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param HTTPS on; - fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice - fastcgi_pass php-handler; - fastcgi_intercept_errors on; - } - - # Adding the cache control header for js and css files - # Make sure it is BELOW the location ~ \.php(?:$|/) { block - location ~* \.(?:css|js)$ { - add_header Cache-Control "public, max-age=7200"; - # Add headers to serve security related headers - add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; - add_header X-Content-Type-Options nosniff; - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - # Optional: Don't log access to assets - access_log off; - } - - # Optional: Don't log access to other assets - location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ { - access_log off; - } - } - -.. note:: You can use ownCloud over plain http, but we strongly encourage you to - use SSL/TLS to encrypt all of your server traffic, and to protect - user's logins and data in transit. - -- Remove the server block containing the redirect -- Change **listen 443 ssl** to **listen 80;** -- Remove **ssl_certificate** and **ssl_certificate_key**. -- Remove **fastcgi_params HTTPS on;** - -.. note:: If you are using php-fpm please read :ref:`php_fpm_tips_label` - -Suppressing Log Messages ------------------------- - -If you're seeing meaningless messages in your logfile, for example `client -denied by server configuration: /var/www/data/htaccesstest.txt -`_, add this section to -your Nginx configuration to suppress them:: - - location = /data/htaccesstest.txt { - allow all; - log_not_found off; - access_log off; - } - -JavaScript (.js) or CSS (.css) files not served properly --------------------------------------------------------- - -A common issue with custom nginx configs is that JavaScript (.js) -or CSS (.css) files are not served properly leading to a 404 (File not found) -error on those files and a broken webinterface. - -This could be caused by the:: - - location ~* \.(?:css|js)$ { - -block shown above not located **below** the:: - - location ~ \.php(?:$|/) { - -block. Other custom configurations like caching JavaScript (.js) -or CSS (.css) files via gzip could also cause such issues. diff --git a/admin_manual/installation/source_installation.rst b/admin_manual/installation/source_installation.rst index 10cacb4e3..1b9e83e02 100644 --- a/admin_manual/installation/source_installation.rst +++ b/admin_manual/installation/source_installation.rst @@ -398,7 +398,7 @@ your ``php-fpm`` configuration and increase the ``upload_max_filesize`` and ``post_max_size`` values. You will need to restart ``php5-fpm`` and your HTTP server in order for these changes to be applied. -**.htaccess notes for Web servers \<> Apache** +**.htaccess notes for Apache** ownCloud comes with its own ``owncloud/.htaccess`` file. Because ``php-fpm`` can't read PHP settings in ``.htaccess`` these settings and permissions must be set @@ -409,14 +409,12 @@ in the ``owncloud/.user.ini`` file. Other Web Servers ----------------- -**Nginx Configuration** +`NGINX configuration +`_ -See :doc:`nginx_configuration` -**Yaws Configuration** +`Other HTTP servers +`_ -See :doc:`yaws_configuration` - -**Hiawatha Configuration** - -See :doc:`hiawatha_configuration` +`Univention Corporate Server installation +`_ diff --git a/admin_manual/installation/ucs_installation.rst b/admin_manual/installation/ucs_installation.rst deleted file mode 100644 index 04e3dfb71..000000000 --- a/admin_manual/installation/ucs_installation.rst +++ /dev/null @@ -1,125 +0,0 @@ -Univention Corporate Server ---------------------------- - -Subscribers to the ownCloud Enterprise edition can also integrate with -:abbr:`UCS (Univention Corporate Server)`. - -.. _preconfig: - -Pre configuration -^^^^^^^^^^^^^^^^^ - -ownCloud makes use of the UCR, the Univention Configuration Registry. The values -are read during installation, most of them can be changed later, too. -Changes done directly via ownCloud are not taken over to UCR. We think we found -sane defaults, nevertheless you might have your own requirements. The -installation script will listen to the UCR keys listed below. If want -to override any default setting, simply add the key in question to the UCR and -assign your required value. - -.. tabularcolumns:: |l|p{5cm}|p{5cm}|l| -.. cssclass:: longtable -.. csv-table:: - :header: Key, Default, Description, Introduced - :widths: 20, 30, 30, 20 - - "owncloud/directory/data", "/var/lib/owncloud", "Specifies where the file storage will be placed", "2012.0.1" - "owncloud/db/name", "owncloud", "Name of the MySQL database. ownCloud will create an own user for it.", 2012.0.1 - "owncloud/user/quota", "(empty)", "The default quota, when a user is being added. Assign values in human readable strings, e.g. “2 GB”. Unlimited if empty.", 2012.0.1 - "owncloud/user/enabled", 0, "Whether a new user is allowed to use ownCloud by default.", 2012.0.1 - "owncloud/group/enabled", "0", "Whether a new group is allowed to be used in ownCloud by default.", 2012.4.0.4 - "owncloud/ldap/base/users", "cn=users,$ldap_base", "The users-subtree in the LDAP directory. If left blank it will fall back to the LDAP base.", 2012.4.0.4 - "owncloud/ldap/base/groups", "cn=groups,$ldap_base", "The groups-subtree in the LDAP directory. If left blank it will fall back to the LDAP base.", 2012.4.0.4 - "owncloud/ldap/groupMemberAssoc", "uniqueMember", "The LDAP attribute showing the group-member relationship. Possible values: uniqueMember, memberUid and member", 2012.4.0.4 - "owncloud/ldap/tls", 1, "Whether to talk to the LDAP server via TLS.", 2012.0.1 - "owncloud/ldap/disableMainServer", 0, "Deactivates the (first) LDAP Configuration", 5.0.9 - "owncloud/ldap/cacheTTL", 600, "Lifetime of the ownCloud LDAP Cache in seconds", 5.0.9 - "owncloud/ldap/UUIDAttribute", "(empty)", "Attribute that provides a unique value for each user and group entry. Empty value for autodetection.", 5.0.9 - "owncloud/ldap/loginFilter", "(&(\|(&(objectClass=posixAccount) (objectClass=shadowAccount)) (objectClass=univentionMail) (objectClass=sambaSamAccount) (objectClass=simpleSecurityObject) (&(objectClass=person) (objectClass=organizationalPerson) (objectClass=inetOrgPerson))) (!(uidNumber=0)) (!(uid=*$)) (&(uid=%uid) (ownCloudEnabled=1)))", "The LDAP filter that shall be used when a user tries to log in.", 2012.0.1 - "owncloud/ldap/userlistFilter", "(&(\|(&(objectClass=posixAccount) (objectClass=shadowAccount)) (objectClass=univentionMail) (objectClass=sambaSamAccount) (objectClass=simpleSecurityObject) (&(objectClass=person) (objectClass=organizationalPerson) (objectClass=inetOrgPerson))) (!(uidNumber=0))(!(uid=*$)) (&(ownCloudEnabled=1)))", "The LDAP filter that shall be used when the user list is being retrieved (e.g. for sharing)", 2012.0.1 - "owncloud/ldap/groupFilter", "(&(objectClass=posixGroup) (ownCloudEnabled=1))", "The LDAP filter that shall be used when the group list is being retrieved (e.g. for sharing)", 2012.4.0.4 - "owncloud/ldap/internalNameAttribute", "uid", "Attribute that should be used to create the user's owncloud internal name", 5.0.9 - "owncloud/ldap/displayName", "uid", "The LDAP attribute that should be displayed as name in ownCloud", 2012.0.1 - "owncloud/ldap/user/searchAttributes", "uid,givenName,sn,description,employeeNumber,mailPrimaryAddress", "Attributes taken into consideration when searching for users (comma separated)", 5.0.9 - "owncloud/ldap/user/quotaAttribute", "ownCloudQuota", "Name of the quota attribute. The default attribute is provided by owncloud-schema.", 5.0.9 - "owncloud/ldap/user/homeAttribute", "(empty)", "Attribute that should be used to create the user's owncloud internal home folder", 5.0.9 - "owncloud/ldap/group/displayName", "cn", "The LDAP attribute that should be used as groupname in ownCloud", 2012.4.0.4 - "owncloud/ldap/group/searchAttributes", "cn,description, mailPrimaryAddress", "Attributes taken into consideration when searching for groups (comma separated)", 5.0.9 - "owncloud/join/users/update", "yes", "Whether ownCloud LDAP schema should be applied to existing users", 2012.0.1 - "owncloud/group/enableDomainUsers", "1", "Whether the group “Domain Users” shall be enabled for ownCloud on install", 2012.4.0.4 - "owncloud/join/users/filter", "(&(\|(&(objectClass=posixAccount) (objectClass=shadowAccount)) (objectClass=univentionMail) (objectClass=sambaSamAccount) (objectClass=simpleSecurityObject) (&(objectClass=person) (objectClass=organizationalPerson) (objectClass=inetOrgPerson))) (!(uidNumber=0)) (!(\|(uid=*$) (uid=owncloudsystemuser) (uid=join-backup) (uid=join-slave))) (!(objectClass=ownCloudUser)))", "Filters, on which LDAP users the ownCloud schema should be applied to. The default excludes system users and existing ownCloudUsers.", 2012.0.1 - "owncloud/join/groups/filter", "(empty)", "Filters which LDAP groups will be en/disabled for ownCloud when running the script /usr/share/owncloud/update-groups.sh", 2012.4.0.4 - -If you want to override the default settings, simply create the key in -question in the UCR and assign your required value, for example:: - - ucr set owncloud/user/enabled=1 - -or via UMC: - -.. image:: ../images/ucsint2.png - - -Installation -^^^^^^^^^^^^ - -Now, we are ready to install ownCloud. The recommended method is by using the -UCS App Center. - -UCS App Center -"""""""""""""" - -Open the Univention Management Console and choose the App Center module. You -will see a variety of available applications, including ownCloud. You can -install and upgrade ownCloud from the App Center. - -Postconfiguration (optional) -^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -There is only one local admin user “owncloudadmin”, you can find the password in -`/etc/owncloudadmin.secret`. Use this account, if you want to change basic -ownCloud settings. - -In the installation process a virtual host is set up (Apache is required -therefore). If you want to modify the settings, edit -:file:`/etc/apache2/sites-available/owncloud` and restart the Web server. You -might want to do it to enable HTTPS connections. Besides that, you can edit the -**.htaccess-File in /var/www/owncloud/**. In the latter file the -PHP limits for file transfer are also specified. - -Using ownCloud -^^^^^^^^^^^^^^ -If you decided to enable every user by default to use ownCloud, simply -open up http://myserver.com/owncloud/ and log in with your LDAP -credentials and enjoy. - -If you did not, go to the UMC and enable the users who shall have access -(see picture below). Then, login at http://myserver.com/owncloud/ with -your LDAP credentials. - -.. image:: ../images/ucsint1.png - -Updating users can also be done by the script -:file:`/usr/share/owncloud/update-users.sh` . It takes the following UCR -variables as parameters: **owncloud/user/enabled** for enabling or disabling, -**owncloud/user/quota** as the Quota value and **owncloud/join/users/filter** as -LDAP filter to select the users to update. - -Groups -"""""" - -Groups can be -enabled and disabled via UCM as shown in the screen shot below. - -.. image:: ../images/ucsint.png - -Another way to enable or disable groups is to use the script -:file:`/usr/share/owncloud/update-groups.sh`. Currently, it takes an argument -which can be 1=enable groups or 0=disable groups. The filter applied is -taken from the UCR variable **owncloud/join/groups/filter**. If it is -empty, a message will be displayed. - - -.. _from our website: https://owncloud.com/download - -w.. _from the UCS App Center: https://www.univention.com/products/univention-app-center/app-catalog/ diff --git a/admin_manual/installation/yaws_configuration.rst b/admin_manual/installation/yaws_configuration.rst deleted file mode 100644 index f254485d1..000000000 --- a/admin_manual/installation/yaws_configuration.rst +++ /dev/null @@ -1,28 +0,0 @@ -Yaws Configuration -================== - -This should be in your **yaws_server.conf**. In the configuration file, the -**dir_listings = false** is important and also the redirect from **data/** -to somewhere else, because files will be saved in this directory and it -should not be accessible from the outside. A configuration file would look -like this:: - - - port = 80 - listen = 0.0.0.0 - docroot = /var/www/owncloud/src - allowed_scripts = php - php_handler = - errormod_404 = yaws_404_to_index_php - access_log = false - dir_listings = false - - /data == / - - - -The Apache :file:`.htaccess` that comes with ownCloud is configured to redirect -requests to non-existent pages. To emulate that behaviour, you need a custom -error handler for yaws. See this `github gist for further instructions -`_ on how to create and compile that error -handler. diff --git a/admin_manual/issues/general_troubleshooting.rst b/admin_manual/issues/general_troubleshooting.rst index bbed4d684..7d321c07e 100644 --- a/admin_manual/issues/general_troubleshooting.rst +++ b/admin_manual/issues/general_troubleshooting.rst @@ -15,8 +15,7 @@ refer to our community support channels: freenode.net, also accessible via `webchat`_ Please understand that all these channels essentially consist of users like you -helping each other out. Consider helping others out where you can, to -contribute +helping each other out. Consider helping others out where you can, to contribute back for the help you get. This is the only way to keep a community like ownCloud healthy and sustainable! @@ -212,12 +211,7 @@ these modules: * HttpDavModule * X-Sendfile (causing broken downloads if not configured correctly) -3. Mac OS X server - -* mod_auth_apple -* com.apple.webapp.webdavsharing - -4. PHP +3. PHP * eAccelerator @@ -280,11 +274,10 @@ and if running in a subfolder like ``owncloud``: For the first case the :file:`.htaccess` file shipped with ownCloud should do this work for your when running Apache. You only need to make sure that your -Web server is using this file. When running nginx please refer to the -:ref:`nginx_configuration_example` example. +Web server is using this file. When running NGINX please refer to +`NGINX configuration +`_ -.. note: The following step is important for users using the linux packages - / repositories provided by ownCloud. If your ownCloud instance is installed in a subfolder called ``owncloud`` and you're running Apache create or edit the :file:`.htaccess` file within the