Raspberry Pi OwnCloud: Your Own Personal Cloud Storage

In this project, we’re going to make a Raspberry Pi Owncloud server this can act as your very own personal cloud storage.

Raspberry Pi Owncloud

As the protection of your privacy becomes harder and harder, you may be thinking of moving your files to a private cloud storage. If this is the case, then this tutorial is perfect for you.

It is important to remember that since your data will be stored on your local network, you will end up with using more bandwidth if uploading and downloading files from outside your network.

This tutorial will take you through everything you need to know to get Owncloud setup and accessible.

If you’re curious and want to learn more about the Owncloud software, then be sure to check out their website over at Owncloud.org.

Equipment

I made use of the following equipment for this personal cloud storage setup.

Recommended

Raspberry Pi

SD Card (8GB+ Recommended) or Micro SD Card if you’re using a Raspberry Pi 2 or B+

Ethernet Cord or Wifi dongle

External Hard drive or USB Drive

Optional

Raspberry Pi Case

USB Keyboard

USB Mouse

Note: It is highly likely that the USB ports on the Raspberry Pi will be unable to power an external hard drive so you may need to invest in a powered USB hub.

Video

If you’re a visual person and would like to see our video on how to put this tutorial together, then check out the video below.

It will take you through everything you need to know get your Raspberry Pi Owncloud server up and running.

Setting up The Raspberry Pi Owncloud Server

Firstly, you will need to have a Raspberry Pi with Raspbian installed. If you haven’t installed Raspbian, then check out our guide on how to install Raspbian via NOOBS (New Out of the Box Software).

There are quite a few ways you’re able to install Owncloud onto your Raspberry Pi. In this particular tutorial, we’re going to be downloading a web server (Nginx) and Owncloud.

Installing NGINX and PHP

The first thing we need to do is install both NGINX and PHP to our Raspberry Pi. We will need both of these pieces of software to run the Owncloud software.

1. Firstly, in either The Pi’s command line or via SSH, we will need to update the Raspberry Pi and its packages, do this by entering:

sudo apt-get update
sudo apt-get upgrade

2. Next, we need to add the www-data user to the www-data group.

sudo usermod -a -G www-data www-data

These instructions have been updated to work with Raspbian Buster. If you’re on an earlier version, then I highly recommend you upgrade to Raspbian Buster before continuing.

You can follow our guide on upgrading from Raspbian Stretch to Buster.

3. Once you are running Raspbian Buster, you can safely continue with this tutorial.

In this step, we will be installing all the packages that we require to run Owncloud. This includes php7.3 and its numerous modules that OwnCloud relies upon.

Run the following command to install everything we need.

sudo apt-get install nginx openssl ssl-cert php7.3-xml php7.3-dev php7.3-curl php7.3-gd php7.3-fpm php7.3-zip php7.3-intl php7.3-mbstring php7.3-cli php7.3-mysql php7.3-common php7.3-cgi php7.3-apcu php7.3-redis redis-server php-pear curl libapr1 libtool libcurl4-openssl-dev

Setting up NGINX for Owncloud and HTTPS

Our next step is to now set up and configure NGINX for it to work with the Owncloud software. We will also be setting NGINX up so that it can support HTTPS connections as well.
1. Now we need to create an SSL certificate you can do this by running the following command:

sudo openssl req $@ -new -x509 -days 730 -nodes -out /etc/nginx/cert.pem -keyout /etc/nginx/cert.key

Just enter the relevant data for each of the questions it asks you.

2. In addition to the SSL certificate, we also need to generate a custom dhparam file. This file helps ensure that our SSL connections are kept secure. By default, this would use a default one that isn’t nearly as secure.

To generate a 2048 byte long dhparam file, run the following command on your Raspberry Pi. This process will take quite a long time, up to 2 hours.

Adding the dhparam flag to the command will help speed up the process, but arguably is less secure.

sudo openssl dhparam -out /etc/nginx/dh2048.pem 2048

3. Now we need to chmod the three cert files we just generated.

sudo chmod 600 /etc/nginx/cert.pem
sudo chmod 600 /etc/nginx/cert.key
sudo chmod 600 /etc/nginx/dh2048.pem

4. Let’s clear the server config file since we will be copying and pasting our own version in it.

sudo sh -c "echo '' > /etc/nginx/sites-available/default"

5. Now let’s configure the web server configuration so that it runs Owncloud correctly.

sudo nano /etc/nginx/sites-available/default

6. Now simply copy and paste the following code into the file.

upstream php-handler {
    server unix:/var/run/php/php7.3-fpm.sock;
}

server {
    listen 80;
    server_name _;

    #Allow letsencrypt through
    location /.well-known/acme-challenge/ {
        root /var/www/owncloud;
    }

    # enforce https
    location / {
        return 301 https://$host$request_uri;
    }
}
  
server {
    listen 443 ssl http2;
    server_name _;
  
    ssl_certificate /etc/nginx/cert.pem;
    ssl_certificate_key /etc/nginx/cert.key;

    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:AES256+EDH';
    ssl_dhparam /etc/nginx/dh2048.pem;
    ssl_prefer_server_ciphers on;
    keepalive_timeout    70;
    ssl_stapling on;
    ssl_stapling_verify on;
  
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
  
    root /var/www/owncloud/;
  
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }
  
    # The following 2 rules are only needed for the user_webfinger app.
    # Uncomment it if you're planning to use this app.
    #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
  
    location = /.well-known/carddav {
        return 301 $scheme://$host/remote.php/dav;
    }
    location = /.well-known/caldav {
        return 301 $scheme://$host/remote.php/dav;
    }
  
    # set max upload size
    client_max_body_size 512M;
    fastcgi_buffers 8 4K;
    fastcgi_ignore_headers X-Accel-Buffering;
  
    gzip off;
  
    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;
  
    location / {
        rewrite ^ /index.php$uri;
    }
  
    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
        return 404;
    }

    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
        return 404;
    }
  
    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
        fastcgi_split_path_info ^(.+\.php)(/.*)$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param SCRIPT_NAME $fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param HTTPS on;
        fastcgi_param modHeadersAvailable true;
        fastcgi_param front_controller_active true;
        fastcgi_read_timeout 180;
        fastcgi_pass php-handler;
        fastcgi_intercept_errors on;
        fastcgi_request_buffering off; #Available since NGINX 1.7.11
    }
  
    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
        try_files $uri $uri/ =404;
        index index.php;
    }
  
    location ~ \.(?:css|js)$ {
        try_files $uri /index.php$uri$is_args$args;
        add_header Cache-Control "max-age=15778463";
        add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
        add_header X-Content-Type-Options nosniff;
        add_header X-Frame-Options "SAMEORIGIN";
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Robots-Tag none;
        add_header X-Download-Options noopen;
        add_header X-Permitted-Cross-Domain-Policies none;
        access_log off;
    }

    location ~ \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg|map)$ {
        add_header Cache-Control "public, max-age=7200";
        try_files $uri /index.php$uri$is_args$args;
        access_log off;
    }
}

7. Now save and exit out of the file by pressing CTRL + X, then Y, followed by ENTER.

8. As we have made changes to NGINX’s configuration we need to restart it’s service by running the following command.

sudo systemctl restart nginx

Tweaking PHP for Owncloud

With NGINX now set up, we can now go ahead and prepare PHP to work with our Owncloud installation. As we use php-fpm, there are a few additional things we need to do.

1. Now that is done, there are a few more configurations we will need to update, first open up the PHP config file by entering.

sudo nano /etc/php/7.3/fpm/php.ini

2. In this file, we want to find and update the following lines. (CTRL + W allows you to search)

Find

upload_max_filesize = 2M

Replace With

upload_max_filesize = 2000M

Find

post_max_size = 8M

Replace With

post_max_size = 2000M

3. Once done, save and then exit by pressing CTRL + X, followed by Y, then ENTER.

4. Our next step is to make some changes to the php-fpm pool configuration. The reason for this is that php-fpm can’t access environment variables.

Run the following command to begin modifying the configuration file.

sudo nano /etc/php/7.3/fpm/pool.d/www.conf

5. Within this file, find the following block of code and replace it with what we have below.

You can use CTRL + W to find this block of code faster. Typically its located near the bottom of the file.

Find

;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp

Replace With

env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp

6. With these changes made, go ahead and save the file by pressing CTRL + X, followed by Y, then ENTER.

Adding Swap Memory

Our next step is to add some swap memory to our system.

Adding swap memory allows the Raspberry Pi to work further beyond its memory by making use of space on the storage device. While a lot slower then RAM it is better then the program crashing

1. To increase the amount of swap memory, we need to modify a file called dphys-swapfile.

To modify this file, make use of the following command:

sudo nano /etc/dphys-swapfile

2. Within this file, find the following line and change it to what we have below.
Find

CONF_SWAPSIZE=100

Replace With

CONF_SWAPSIZE = 512

3. Once done, save and then quit by pressing CTRL + X, followed by Y, then ENTER.

4. For our changes to take effect, we will need to now restart the Raspberry Pi by running the command below.

sudo reboot

Setting up a MySQL Database & User for Owncloud

Before beginning this section, you must have already set up a MySQL server on your Raspberry Pi.

1. To be able to create our database, we will need to make use of the MySQL command-line interface.

We can load up the tool by running the following command.

sudo mysql -u root -p

2. Once logged in, you can begin interacting with your MySQL server.

The database we will be creating is called ownclouddb. We can create this database by running the following command.

CREATE DATABASE ownclouddb;

3. With the database created, let’s now create a user that can interact with it.

We can create a user called ownclouduser by running the command below. Make sure that you replace [PASSWORD] with a secure password and make a note of it for later.

CREATE USER 'ownclouduser'@'localhost' IDENTIFIED BY '[PASSWORD]';

4. Our next step is to give access permissions to our new user.

We can grant these privileges by running the following command.

GRANT ALL PRIVILEGES ON ownclouddb.* TO 'ownclouduser'@'localhost';

5. The final task is to flush the privileges. If we don’t do this, then our changes won’t be utilized by the server.

To flush the privileges, all we need to do is run the following command.

FLUSH PRIVILEGES;

Once the privilege table has been flushed, we can proceed to install and set up the Owncloud software.

Downloading & Extracting Owncloud

Now in this section, we will be installing the actual Owncloud software on to our Raspberry Pi. Installing Owncloud requires a couple of straightforward steps.

1. Once the Pi has restarted, you will need to install Owncloud onto the Raspberry Pi.

Do this by entering the following commands:

sudo mkdir -p /var/www/owncloud
cd /var/www/
curl -L https://download.owncloud.org/community/owncloud-latest.tar.bz2 | sudo tar -jxv
sudo chown -R www-data:www-data /var/www

These commands will create a folder for Owncloud to be stored in as well as downloading and extracting the latest version of the software to it.

2. Now we need to open up the .user.ini file to enforce some of the changes we made earlier in the tutorial

sudo nano /var/www/owncloud/.user.ini

3. In here update the following values, so they are 2000M:

upload_max_filesize=2000M
post_max_size=2000M
memory_limit=2000M

4. Now that is done, we should be able to connect to Owncloud at your PI’s IP address.

Before you set up the admin account, you might want to mount an external drive, so you have lots of disk space for your Raspberry Pi Owncloud server. Just follow the instructions in the next section.

Mounting & Setting up a drive

Setting up an external drive while should be relatively straightforward but sometimes things don’t work as correctly as they should.

These instructions are for mounting and allowing Owncloud to store files onto an external hard drive.

1. Firstly if you have an NTFS drive we will need to install an NTFS package by entering the following:

sudo apt-get install ntfs-3g

2. Now let’s make a directory we can mount.

sudo mkdir /media/ownclouddrive

3. Now we need to get the GID, UID, and the UUID as we will need to use these soon. Enter the following command for the GID:

id -g www-data

4. Now for the UID enter the following command:

id -u www-data

5. Also if we get the UUID of the hard drive, the Pi will remember this drive even if you plug it into a different USB port.

ls -l /dev/disk/by-uuid

UUID Hard Drive

Copy the light blue letters and numbers of the last entry (Should have something like -> ../../sda1 at the end of it).

6. Now let’s add your drive into the fstab file so that it will boot with the correct permissions.

sudo nano /etc/fstab

7. Now add the following line to the bottom of the file, updating UID, GUID and the UUID with the values we got above. (The following should all be on a single line)

UUID=DC72-0315 /media/ownclouddrive auto nofail,uid=33,gid=33,umask=0027,dmask=0027,noatime 0 0

8. Reboot the Raspberry Pi, and the drives should automatically be mounted. If they are mounted, we’re all good to go.

Note: If you get an error stating the Pi is in emergency mode at boot up then this likely means a problem with the fstab entry. Just edit the fstab file (sudo nano /etc/fstab) and remove the added line or look for a mistake and fix it.

Setting up Owncloud

I will briefly go through the basics of setting up Owncloud Raspberry Pi here. If you want more information, I highly recommend checkout out the manuals on their website. You can find them at the Owncloud manual site here.

1. In your favorite web browser, you need to go to your Raspberry Pi’s IP address.

If you don’t know your Pi’s local IP, you can run the following command.

hostname -I

2. Once you go to the IP you’re like to get a certificate error, add this to your exception list as it will be safe to proceed.

On Chrome, you click the Show advanced button (1.).

Then clickProceed to [YOURPISIPADDRESS] (unsafe)” (2.).

Raspberry Pi Owncloud Server Chrome Security Warning

3. When you first open up Owncloud, you will need to do some initial setup steps.

The first thing you need to do is specify a username and password for your Owncloud admin account. (1.)

Next, we need to bring up the storage and database settings. You can do this by clicking the “Storage & database” dropdown (2.).

If you are using a different data folder, you can specify it now by using the Data folder textbox (3.)

We then need to bring up the MySQL database options. You can find these by clicking the MySQL/MariaDB toggle (4.).

Next, we need to fill out three bits of information, the database user, the password for that user, and the database name.

  1. First, you need to specify the “Database user” (A.). If you are following this guide, this should be ownclouduser.
  2. The second option you will need to specify the password you set for the above user. (B.)
  3. Finally, we need to set the database name. (C.) If you have used the ones from this tutorial, you should set this to ownclouddb.

Once you have finished with all the settings, click the Finish setup button (4.).

Owncloud Server Setup Configuration Screen

If you ever need to update and you find the internal updater is not working, this likely means you will need to do it manually.

You can find a detailed process on how to update over at Owncloud’s update manual page.

The next two sections will show you how to improve your Owncloud software even further.

Setting up Memory Caching for Owncloud

In this section, we will be showing you how to configure Owncloud to make use of APCu and Redis. APCu is used as an object memory cache, and Redis is used to deal with transactional file locking.

Using both of these will help improve the performance of Owncloud on your Raspberry Pi.

1. To be able to enable these, we ill need to make a change to the Owncloud configuration file.

Begin editing this file by running the following command.

sudo nano /var/www/owncloud/config/config.php

2. Within this file, find the following line and add the block of text below it.

Find

'installed' => true,

Add Below

  'memcache.local' => '\OC\Memcache\APCu',
  'memcache.locking' => '\OC\Memcache\Redis',
  'redis' => [
    'host' => 'localhost',
    'port' => 6379,
  ],

3. Once done, save the file by pressing CTRL + X, then Y, followed by ENTER.

Using System Cron with Owncloud

The Owncloud team recommends that you should set it up so that the operating system runs the scripts cron jobs instead of Ajax.

1. To be able to set up a cron job for Owncloud, we will need to make use of the www-data user’s crontab.

Begin modifying the user’s cron by running the following command.

sudo crontab -u www-data -e

If you are asked what editor you should use to modify the crontab, we highly recommend that you use nano.

2. Add the following line to the bottom of this file.

*  *  *  *  * /usr/bin/php /var/www/owncloud/occ system:cron

This line will run Owncloud’s cron job every minute.

3. Once done, save the file by pressing CTRL + X, followed by Y, then ENTER.

You should now have Owncloud set up correctly on your Raspberry Pi.

Port Forwarding & External Access

If you want to have access to your cloud drive outside your local network, then you will need to setup port forwarding and make a few changes to our config files.

Firstly, we need to go back to the default file and change the server_name values (There is 2 of them). Update these to your external IP address. You can get your IP at what is my IP.

If you have a dynamic IP you may want to set up a dynamic DNS and use that as your address. You can find information on this in my guide to port forwarding.

Enter the following to bring up our default server file:

sudo nano /etc/nginx/sites-available/default

Once you have updated the IP’s in the server file, you will need to add the external IP to your trusted IP list and make sure Owncloud doesn’t overwrite it. To do this open up the Owncloud config file and enter:

sudo nano /var/www/owncloud/config/config.php

In here add a new item to the trusted domains array (This will be your external IP address). Your new entry should look something like this (x are just placeholders).

1 => 'xxx.xxx.xxx.xxx',

Finally update the URL of the overwrite.cli.url line to your IP Address. It should look something like this.

'overwrite.cli.url' => 'https://xxx.xxx.xxx.xxx',

Below is an example of the completed config.txt file.

External IP Change Example

Once done, restart the Nginx service by entering the following:

sudo service nginx restart

Be sure to check out my guide on port forwarding and use the following port 443 for internal, and I recommended a random port for the external port. Make sure when setting up the external port that it isn’t already reserved for a specific program.

When connecting to the Owncloud server externally, you will need to make sure you use https otherwise you will get an invalid request in your browser.

Setting up port forwarding is super easy to do and allows you to have access to your personal cloud on the go. Also after you have done this, you can still connect via your local IP as well.

I hope this tutorial has helped you make your very own Raspberry Pi OwnCloud. If you have any troubles, want to leave feedback or if I have missed anything feel free to drop us a comment below.

274 Comments

  1. David Ryan on

    Hey pimylifeup!
    I’m so glad that you stay active in your comments section (can’t be said about a lot of other sites)
    I am running into an error when trying to make an admin account on owncloud it says:
    “Error while trying to create admin user: Failed to connect to the database: An exception occurred in driver: SQLSTATE[HY000] [1045] Access denied for user ‘ownclouduser’@’localhost’ (using password: YES)”
    What is confusing is that I have granted all permissions to ownclouduser. And also I am not using password “YES” when making the account….
    Any ideas?

    1. Emmet on

      Hi Ryan,

      Make sure you have entered the correct details to connect to your SQL server.

      That error is indicating that you are trying to connect to the SQL server using the user ownclouduser and that are you are in fact using a password to access the database.

      The password error is not showing your password, just that it is trying to use a password for the database connection.

      Cheers,
      Emmet

  2. Gary on

    I get this error when I attempt to go to page
    Memcache \OC\Memcache\APCu not available for local cache Is the matching PHP module installed and enabled?

    1. Emmet on

      Hi Gary,

      Make sure that you have the APCu module installed by running the following command.

      sudo apt install php-apcu

      Cheers,
      Emmet

  3. Deepak on

    Hi
    are written steps are same if i choose CentOS-8-arm instead Raspbian ?

    1. Emmet on

      Hi Deepak,

      The tutorial will differ slightly as you will need to install packages using yum and not apt.

      Cheers,
      Emmet

  4. Gary on

    MySQL/MariaDB toggle (4.). not showing up under configure the database it says only SQLite is available. install and activate additional modules.

    1. Emmet on

      Hi Gary,

      We have corrected the tutorial, it was missing the mysql php package.

      To fix this all you need to do is run the following command.

      sudo apt install php7.3-mysql

      .

      Cheers,
      Emmet

  5. John B on

    World backup day, so I am giving this a go. 🙂

    Will it really take 16 HOURS to get the openpssl key to generate? 🙁 Guess I am waiting till tomorrow now. lol

    1. Emmet on

      Hi John,

      Typically generating the keys is a lot faster then that.

      Cheers,
      Emmet

    2. Dakota on

      Sometimes it can take hours, sometimes it can take minutes. It’s random, like, really random and that’s why it’s so secure.

  6. Ivo Lourenco on

    Hello,

    I’m trying to set up a Pi 2 with owncloud and I do need external access to it. At minute 4:58 the IP added and the 9000 port is a standard ip or should we add the PI ip instead? Also these step is not on the list only on the movie any specific reason?

    Regards

    Ivo

    1. Emmet on

      Hi Ivo,

      The video is a little out of date and needs redoing.

      Please try following the written guide.

      Cheers,
      Emmet

  7. kony on

    hi there – is this owncloud setup valid also for iOS / Mac users? reason to ask is cause i read about NTFS format …
    thx,
    kony

    1. Emmet on

      Hi Kony,

      This should work fine for people using iOS and Mac. The mention of NTFS is just for those mounting external drives that are formatted in that format.

      Cheers,
      Emmet

  8. Ronald Basil on

    Will this work on Raspberry pi 3?

    1. Gus on

      Yes, it will work on almost every Raspberry Pi. Do make sure you’re running the latest Raspbian (Buster).

    2. Eberhard Stephan on

      I did everything as described without SSL
      When finish and enter my IP – nothing happens, no owncloud mask appear

    3. Gus on

      You must set up SSL; otherwise, it won’t work.

      The NGINX file is set up to enforce HTTPS.

Leave a Reply

Your email address will not be published. Required fields are marked *