Installing ownCloud on CentOS via Ansible.md

Installing ownCloud on CentOS via Ansible

We will learn how to install from scratch, ownCloud using Let's Encrypt certificates on this how-to into a Centos 8 box.

Prerequisites

• One CentOS 8 box.
• Linux knowledge
• One pubic address or public IP address
• Public opened ports:
  • 443: for ownCloud
  • 13281: for OnlyOffice

Replace the address owncloud.mycompany.com with your ownCloud public address

NOTE: We assume that you will follow these steps in a blank ubuntu box

Other considerations

If the CentOS box is behind a corporate firewall as PFSense, CiscoASA, PulseSecure, etc., consider creating the rules in your appliance for the 2 services, 443 and 13281 / TCP. Because there are many firewall appliances products and services, the rules configuration is out of this document's scope.

So, let's get started!

Installing ownCloud.

First of all, we proceed to Install ownCloud, and the easiest way is via Ansible.

Installing Ansible

Ansible is available in the EPEL repository of CentOS 8. So, you can easily install Ansible on CentOS 8.

First, update the DNF package repository cache with the following command:

dnf makecache && dnf install epel-release -y && dnf makecache &&  dnf install ansible -y

At this point, Ansible should be installed. Run the following command ansible --version

[root@centos8 ~]# ansible --version
ansible 2.9.18
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.6/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.6.8 (default, Aug 24 2020, 17:57:11) [GCC 8.3.1 20191121 (Red Hat 8.3.1-5)]
[root@centos-nbg1-epalma ~]# 

Installing git

To install "git" just run the following command

 yum install git -y

Updating pip and ansible.

Update pip and phyton Ansible using the following commands.

python3 -m venv ~/ansible && source ~/ansible/bin/activate 
pip install --upgrade pip
pip3 install ansible

Installing ownCloud

Clone the playground repository

Clone the playground repository

git clone https://github.com/owncloud-ansible/playground.git

Configuring the Playground

And let's install the requirements.

cd playground
ansible-galaxy install -r roles/requirements.yml

Edit the file inventories/centos8/hosts using your favorite editor and add the following

FILE="inventories/centos8/hosts"
/bin/cat <<EOM >>$FILE

[all:vars]
ansible_connection=local
ansible_user=root
EOM

Edit the file nano inventories/centos8/group_vars/owncloud.yml and adjust the following:

owncloud_version: "10.6.0"
owncloud_fqdn: owncloud.mycompany.com

owncloud_web_default_language: "es_ES" # <-- Adjust the language

php_default_version: "7.4" # <-- Line 44

Setting up the credentials for the services.

Into the same file, inventories/centos8/group_vars/owncloud.yml type your desired credentials for the services.

Replace the string <secure_password> for your own secure password.

# Adjust these variable to the same values defined in
# group_vars/database.yml
owncloud_db_name: owncloud    # <can stay the same>
owncloud_db_user: owncloud    # <can stay the same>
owncloud_db_password: <secure_owncloud_db_password>

# You can also adjust the default ownCloud user.
# For security reasons you should set a strong password!
owncloud_admin_username: admin
owncloud_admin_password: <secure_owncloud_admin_password>

Edit the file inventories/centos8/group_vars/database.yml and adjust:

mariadb_root_password: <secure_mariadb_root_password>
mariadb_users:
  password: <secure_owncloud_db_password>  # Use the same from owncloud.yml file, variable owncloud_db_password

Running the installation program

And then run the following command

ansible-playbook playbooks/setup.yml -i inventories/centos8/hosts

Testing the installation.

Just open the site https://owncloud.mycompany.com; if everything is ok, you will see the ownCloud login page. Access into the ownCloud using the credentials that you have established before.

Installing the certificates

I have based this guide using the instruction from ubuntufocal-apache

Install snapd

You'll need to install snapd and make sure you follow any instructions to enable classic snap support.

yum install snapd && systemctl enable --now snapd.socket && ln -s /var/lib/snapd/snap /snap && systemctl start snapd

Install Certbot

Run this command on the command line on the machine to install Certbot.

sudo snap install --classic certbot && sudo ln -s /snap/bin/certbot /usr/bin/certbot

Get and install your certificates...

Run this command to get a certificate and have Certbot edit your Apache configuration automatically to serve it, turning on HTTPS access in a single step.

sudo certbot --apache

Note: This will work in a test installation, but if you need to automatically renew the certificates, you will have to do this step every time you are renewing the certificate (at least every 3 months).

Confirm that Certbot worked

Restart the apache web server.

service apache2 restart

To confirm that your site is set up properly, visit https://owncloud.mycompany.com/ in your browser and look for the lock icon in the URL bar.

Bibliography

• Certbot - Ubuntufocal Apache. (n.d.). Certbot.Eff.Org. Retrieved March 4, 2021, from https://certbot.eff.org/lets-encrypt/ubuntufocal-apache
• Installing snap on CentOS. (n.d.). Snapcraft. Retrieved March 4, 2021, from https://snapcraft.io/docs/installing-snap-on-centos
• Shovon, B. S. (n.d.). Install Ansible on CentOS 8. Linuxhint. Retrieved March 4, 2021, from https://linuxhint.com/install_ansible_centos8/

s