Schlagwort-Archive: php

Raspberry Pi: Owncloud setup revisited

The Raspberry and owncloud ran for a few months now and I really enjoyed my own personal cloud. But I was really annoyed by the poor performance. One possible solution was to switch the sd card, which I did. I replaced the Transcend 16GB SDHC card with a 4GB one. Performance is much better now. Since setting up the system is a pretty simple and fast process, I didn’t bother about cloning the card etc. I reinstalled raspbian and followed my own guide on how to setup nginx and php and oriented on my other tutorial on how to install owncloud 6 beta. Of course I needed to change some links etc.

Some more things (I) changed:

  1. owncloud added security for trusted domains
  2. moved owncloud storage to an external usb drive
  3. changed the nginx webserver configuration: restrict to https only and …
  4. accessing php-fpm through network socket

 

1. If you access the webinterface of your owncloud instance using different ips, names etc., you need to add them to the „trusted_domains“ parameter.

pi@raspberrypi ~ $ sudo vi /var/www/owncloud/config/config.php

‚trusted_domains‘ =>
array (
0 => ‚192.168.12.34′,
1 => ‚your.dyndns.org‚,
),

2. Connect the usb drive and use lsblk and blkid to find the needed UUID.

pi@raspberrypi ~ $ lsblk && blkid
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 2,7T 0 disk
└─sda1 8:1 0 2,7T 0 part /media/usb
mmcblk0 179:0 0 3,7G 0 disk
├─mmcblk0p1 179:1 0 56M 0 part /boot
└─mmcblk0p2 179:2 0 3,7G 0 part /
/dev/mmcblk0p1: SEC_TYPE=“msdos“ LABEL=“boot“ UUID=“7D5C-A285″ TYPE=“vfat“
/dev/mmcblk0p2: UUID=“5d18be51-3217-4679-9c72-a54e0fc53d6b“ TYPE=“ext4″
/dev/sda1: LABEL=“Backup3TB“ UUID=“1D3F163D4EEC069E“ TYPE=“ntfs“

Create the mountpoint /media/usb and edit /etc/fstab to mount the drive on startup.

pi@raspberrypi ~ $ sudo mkdir /media/usb

pi@raspberrypi ~ $ sudo vi /etc/fstab
proc /proc proc defaults 0 0
/dev/mmcblk0p1 /boot vfat defaults 0 2
/dev/mmcblk0p2 / ext4 defaults,noatime 0 1
UUID=1D3F163D4EEC069E /media/usb ntfs-3g defaults,auto, uid=pi,gid=wwwdata,umask=007,users 0 0

While setting up your owncloud, you can now define /media/usb as your data storage. Not sure if there is a way to change this on a already running owncloud setup.

 

3. Change the nginx configuration (/etc/nginx/sites-availabe/default) according to the owncloud 6 documentation

upstream php-handler {
server 127.0.0.1:9000;
}

server {
listen 80;
return 301 https://your.dyndns.org$request_uri; # enforce https
}

# HTTPS server
#
server {
listen 443 ssl;
server_name your.dyndns.org localhost;

root /var/www;

autoindex off;
index index.php index.html index.htm;

ssl on;
ssl_certificate /etc/nginx/conf.d/ssl/server.crt;
ssl_certificate_key /etc/nginx/conf.d/ssl/server.key;

client_max_body_size 10G; # set max upload size
fastcgi_buffers 64 4K;

rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;

index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;

location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}

location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}

location / {
# The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;

rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;

rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;

try_files $uri $uri/ index.php;
}

location ~ ^(.+?\.php)(/.*)?$ {
try_files $1 =404;

include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$1;
fastcgi_param PATH_INFO $2;
fastcgi_param HTTPS on;
fastcgi_pass php-handler;
}

# Optional: set long EXPIRES header on static assets
location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
# Optional: Don’t log access to assets
access_log off;
}
}

4. Modify the php5-fpm config to listen on a netsocket.

 pi@raspberrypi ~ $ sudo vi /etc/php5/fpm/pool.d/www.conf

;listen = /var/run/php5-fpm.sock
listen = 127.0.0.1:9000

Restart the services.

pi@raspberrypi ~ $ sudo service php5-fpm restart
pi@raspberrypi ~ $ sudo service nginx restart

 

 

 

 

Raspberry Pi: nginx Webserver with PHP and SSL

Installing the needed packages:

pi@raspberrypi ~ $ sudo aptitude install nginx php5-fpm php5-cgi php5-cli php5-common

There are different version of nginx available. For a comparison take a look at the debian wiki: https://wiki.debian.org/Nginx

Create the needed directory and php test file for later:

pi@raspberrypi ~ $ sudo mkdir /var/www
pi@raspberrypi ~ $ echo „<?php phpinfo(); ?>“ | sudo  tee /var/www/index.php
pi@raspberrypi ~ $ sudo chown -R www-data:www-data /var/www

Setting up SSL:

pi@raspberrypi ~ $ sudo mkdir /etc/nginx/conf.d/ssl && cd /etc/nginx/conf.d/ssl
pi@raspberrypi /etc/nginx/conf.d/ssl $ sudo openssl genrsa -out server.key 2048
pi@raspberrypi /etc/nginx/conf.d/ssl $ sudo openssl req -new -key server.key -out server.csr
pi@raspberrypi /etc/nginx/conf.d/ssl $ sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

And finally configure nginx:

pi@raspberrypi /etc/nginx/conf.d/ssl $ sudo vi /etc/nginx/sites-available/default

server {
listen 80;
root /var/www;
index index.php index.html index.htm;
server_name localhost;
location ~ .php$ {
fastcgi_split_path_info ^(.+.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
try_files $uri $uri/ /index.html;
}
}

# HTTPS server
#
server {
listen 443;
server_name localhost;
root /var/www;
autoindex on;
index index.php index.html index.htm;
ssl on;
ssl_certificate /etc/nginx/conf.d/ssl/server.crt;
ssl_certificate_key /etc/nginx/conf.d/ssl/server.key;
location ~ .php$ {
fastcgi_split_path_info ^(.+.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
try_files $uri $uri/ /index.html;
}
}

Visit http://localhost or https://localhost and you should see your php configuration.

How to use the Twitter API with PHP and OAuth (single user)

Since a few months, applications have to use OAuth to authenticate a Twitter account using the REST API. If you want to write a php application for just one account (like your own small webclient), you don’t have to go the „ping-pong“ way of authentication. You only need this to authenticate different users and as we only need access for one single user, it is possible to simplify the oauth authentication step. Nevertheless I find it much more comfortable to you a finished library. In this example we will use Abraham Williams‘ awesome TwitterOAuth library for PHP, which requires a minimum PHP version of 5.2.x, cURL and OpenSSL.

First you have to visit http://dev.twitter.com/apps an register a new application. Choose „Browser“ as application type and set the default access level to „Read & Write“. You will need the printed „Consumer key“ and „Consumer secret“ in the next step. Also you will need the „Access Token (oauth_token)“ and „Access Token Secret (oauth_token_secret)“, which can be found under „My Access Token“ in the right menu.

Include the library in your PHP script. Change the path accordingly.

require_once(‚twitteroauth/twitteroauth.php‘);

Open your config file and define the 4 needed keys like:

define(‚CONSUMER_KEY‘, ‚aAaAaAaAaAaAaAaAaAaA‘);
define(‚CONSUMER_SECRET‘, ‚bBbBbBbBbBbBbBbBbBbB‘);
define(‚OAUTH_TOKEN‘, ‚cCcCcCcCcCcCcCcCcCcC‘);
define(‚OAUTH_TOKEN_SECRET‘, ‚dDdDdDdDdDdDdDdDdDdD‘);

To connect to Twitter, add in your PHP script:

$twitter = new TwitterOAuth (CONSUMER_KEY, CONSUMER_SECRET, OAUTH_TOKEN, OAUTH_TOKEN_SECRET);

You can now use the $twitter object to interact with the Twitter API. For example fetch your user information or post an update.

$twitter->get(‚account/verify_credentials‘);
$twitter->post(„statuses/update“, array(„status'“=> „First tweet using my own Twitter app!“));

Check out the TwitterOAuth documentation for more options and the Twitter documentation for available ressources.

I hope this small guide helps you getting started and I would love to see some of your results. Questions? Comments!