This is the step 2.1 of: http://julien.coubronne.net/a-self-hosted-free-opensource-cloud. This will allow to share files located on your local server over the internet.
In this article, we will:
- Install Nginx & php5, create a MySQL database
- Install Pydio
- Use Letsencrypt to create an https certificate
- Tweak Nginx
Install Nginx & php5
So I started with this command found on a tutorial to install Pydio.
sudo aptitude install nginx php5 php5-fm php5-gd php5-cli php5-mcrypt
The probem with this command is that it pulls some dependencies such as Apache…
This is where the command “apt-cache depends” is usefull
apt-cache depends php5
php5 |Depends: libapache2-mod-php5 |Depends: libapache2-mod-php5filter |Depends: php5-cgi Depends: php5-fpm Depends: php5-common
I recommend these useful articles on understanding the output of apt-cache depends. So it shows that php5 depends either on libapache2-mod-php5, or libapache2-mod-php5filter, or php5-cgi, or php5-fpm. The problem here is that the preferred option (the first) is libapache2, which itself pulls apache2 from its dependencies.
So you need to fulfill first the php5-fpm dependance before installing php5.
sudo aptitude install php5-fpm php5
You need to change the permissions of the /var/www directory to allow the web server user (www-data) to access it:
sudo chown -R www-data:www-data /var/www/
Then you need to dive into the different configuration files:
- /etc/php5/fpm/php.ini
- /etc/nginx/nginx.conf
- /etc/nginx/sites-available/
You can copy the default profile in the sites-available directory to a new name, then modify it.
sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/lan
Restart the processes:
sudo service php5-fpm restart sudo service nginx restart
Create a MySQL database
I did not fully document this step, except for the dump from my command line:
sudo mysql --defaults-file=/etc/mysql/debian.cnf CREATE DATABASE pydio; CREATE USER pydio@localhost IDENTIFIED BY 'secretpassword'; GRANT ALL PRIVILEGES ON pydio.* TO pydio@localhost; flush privileges; exit
Install Pydio
Pydio install
I followed the very well written tutorial on Pydio’s website: https://pydio.com/en/docs/kb/system/installing-debiannginx
Please note that this tutorial is more recent than my notes (which were written in September 2016).
Explanation on some parameters:
- Application Title = which is what’s seen in the browser’s title bar
- Welcome Message = which is seen on the login screen
- Administrator Login = the admin username
- Admin Display Name = the name that will be displayed for the admin account
- Adminstrator Password = the admin password
Pydio diagnostic page
I had some missing dependencies that I resolved with the following command:
sudo aptitude install php5-mcrypt php5-gd php5-intl php5-apcu
You should disable php output_buffering parameter for better performances with Pydio.
Edit /etc/php5/fpm/php.ini
At this point, I had the following error message: PHP mysql extension not loaded
I resolved this error with:
sudo aptitude install php5-mysql
Install a Letsencrypt certificate
There are different ways to create an SSL certificate with Let’s Encrypt, which are detailled on their website. I used the recommended approach of using Certbot.
Detailled tutorial here: https://certbot.eff.org/#debianjessie-nginx
Prepare Nginx
sudo nano /etc/nginx/sites-available/pydio
# Allow access to the ACME Challenge for Let’s Encrypt location ~ /\.well-known\/acme-challenge { allow all; }
sudo mkdir /var/www/pydio/.well-known/acme-challenge sudo nano /var/www/pydio/.well-known/acme-challenge/test.txt sudo chown www-data:www-data -R /var/www/pydio/.well-known/ sudo service nginx restart
The above commands do:
- Create a directory for the ACME challenge
- Create an empty txt file to check that I can access it
- Change the rights on the directory
- Restart nginx
Get the certificate
sudo aptitude install certbot
sudo certbot certonly --webroot -w /var/www/pydio -d my.domain.com
IMPORTANT NOTES: Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/my.domain.com/fullchain.pem.
Install the certificate
- Your private key is: /etc/letsencrypt/live/example.com/privkey.pem
- Your certificate is: /etc/letsencrypt/live/example.com/cert.pem
- The intermediate certificates are: /etc/letsencrypt/live/example.com/chain.pem
- Your certificate and intermediate certificates concatenated in the correct order are: /etc/letsencrypt/live/example.com/fullchain.pem
Faster Nginx
https://varvy.com/pagespeed/ can be a great ressource to analyse the speed of your web server. It also provide interesting ressources to address some bottlenecks.
After running a test, I had a look at enabling gzip compression and “browser caching”.
Ressources for this article:
- https://www.howtoforge.com/install-pydio-6-on-ubuntu-14.10-utopic-unicorn
- https://www.digitalocean.com/community/tutorials/how-to-host-a-file-sharing-server-with-pydio-on-ubuntu-14-04
- https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
- bjornjohansen.no/lets-encrypt-for-nginx
- https://loune.net/2016/01/https-with-lets-encrypt-ssl-and-nginx/
Leave a Reply