Raspberry pi 4B HomeLab (Owncloud)

Objective

Setting up Owncloud on raspberry pi 4B using Docker and enabling its access on the internet.

Owncloud docker setup

docker-compose.yml

version: "3"

volumes:
  files:
    driver: local
  mysql:
    driver: local

services:
  owncloud:
    image: owncloud/server:${OWNCLOUD_VERSION}
    container_name: owncloud_server
    restart: always
    ports:
      - ${HTTP_PORT}:8080
    depends_on:
      - mariadb
    environment:
      - OWNCLOUD_DOMAIN=${OWNCLOUD_DOMAIN}
      - OWNCLOUD_DB_TYPE=mysql
      - OWNCLOUD_DB_NAME=owncloud
      - OWNCLOUD_DB_USERNAME=owncloud
      - OWNCLOUD_DB_PASSWORD=owncloud
      - OWNCLOUD_DB_HOST=mariadb
      - OWNCLOUD_ADMIN_USERNAME=${ADMIN_USERNAME}
      - OWNCLOUD_ADMIN_PASSWORD=${ADMIN_PASSWORD}
      - OWNCLOUD_MYSQL_UTF8MB4=true
      # - OWNCLOUD_REDIS_ENABLED=true
      # - OWNCLOUD_REDIS_HOST=redis
    healthcheck:
      test: ["CMD", "/usr/bin/healthcheck"]
      interval: 30s
      timeout: 10s
      retries: 5
    volumes:
      - files:/mnt/data

  mariadb:
    image: mariadb:10.5
    container_name: owncloud_mariadb
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=owncloud
      - MYSQL_USER=owncloud
      - MYSQL_PASSWORD=owncloud
      - MYSQL_DATABASE=owncloud
    command: ["--max-allowed-packet=128M", "--innodb-log-file-size=64M"]
    healthcheck:
      test: ["CMD", "mysqladmin", "ping", "-u", "root", "--password=owncloud"]
      interval: 10s
      timeout: 5s
      retries: 5
    volumes:
      - mysql:/var/lib/mysql

Add the below .env file in the same directory as below

# (**YOU MIGHT NEED TO CHANGE IP ADDRESS TO YOUR SYSTEMS IP)
OWNCLOUD_VERSION=latest
OWNCLOUD_DOMAIN=192.168.18.13:8080

# Owncloud web login for admin
ADMIN_USERNAME=admin
ADMIN_PASSWORD=some_password

# Owncloud exposed on below port to host system
HTTP_PORT=8080

# Database host config 
DB_HOST=192.168.18.19:3307

Run this command to start the Owncloud
Note: Login to the Owncloud server container shell and update /mnt/data/config/config.conf file. Add a trusted domain and use HTTPS protocol override to run Owncloud on HTTPS

docker-compose up -d

Apache and Lets-Encrypt SSL setup

Enable port forwarding in the router for 80 and 443 ports and run the below commands on the raspberry pi terminal to setup SSL

sudo apt install apache2 -y

sudo apt install python3-certbot-apache -y

sudo usermod -a -G www-data pi

sudo chown -R -f www-data:www-data /var/www/html

sudo certbot –apache (*fill in the domain details asked aftler running the command)

Note: make sure you have the domain name purchased and configured A record (or DNS resolution to your public IP). You can configure DNS resolution from the web console of the domain registrar that you used to purchase the domain name.

Search for “what's my IP” on google to get your public IP

Apache Virtual host setup on raspberry pi

1. cd /etc/apache2/sites-available/ and run below command

sudo cp 000-default-le-ssl.conf owncloud-ssl.conf

Update the new conf file as below and update the new virtual host port (here 8443)

<IfModule mod_ssl.c>
<VirtualHost *:8443>
 # The ServerName directive sets the request scheme, hostname and port that
 # the server uses to identify itself. This is used when creating
 # redirection URLs. In the context of virtual hosts, the ServerName
 # specifies what hostname must appear in the request's Host: header to
 # match this virtual host. For the default virtual host (this file) this
 # value is not decisive as it is used as a last resort host regardless.
 # However, you must set it for any further virtual host explicitly.
 #ServerName www.example.com

 ServerAdmin webmaster@localhost
 DocumentRoot /var/www/html

 # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
 # error, crit, alert, emerg.
 # It is also possible to configure the loglevel for particular
 # modules, e.g.
 #LogLevel info ssl:warn

 ErrorLog ${APACHE_LOG_DIR}/error.log
 CustomLog ${APACHE_LOG_DIR}/access.log combined

 # For most configuration files from conf-available/, which are
 # enabled or disabled at a global level, it is possible to
 # include a line for only one particular virtual host. For example the
 # following line enables the CGI configuration for this host only
 # after it has been globally disabled with "a2disconf".
 #Include conf-available/serve-cgi-bin.conf


ServerName www.javedrpi.com
SSLCertificateFile /etc/letsencrypt/live/www.javedrpi.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.javedrpi.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf

# Added below proxy config to redirect requests received on port 8443 to picloud-Owncloud (192.168.18.13)
ProxyPass / http://192.168.18.13:8080/
ProxyPassReverse / http://192.168.18.13:8080/

</VirtualHost>
</IfModule>

sudo a2ensite owncloud-ssl.conf

2. cd /etc/apache2/

sudo nano ports.conf

3. Add the new port 8443 as below

# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf

Listen 80

<IfModule ssl_module>
 Listen 443
 Listen 8443
</IfModule>

<IfModule mod_gnutls.c>
 Listen 443
 Listen 8443
</IfModule>

4. Restart apache

sudo systemctl restart apache2.service

Now you can open your Owncloud website