Owncloud on EC2 (Linux Micro) + OS X Address Book and iCal + iPhone iOS 7

This discussion demonstrates how to install the ownCloud platform on Linux residing in an AWS Free Tier (Amazon Web Services) environment. ownCloud is an open source application that allows for the synchronization of personal data (contacts, calendars, bookmarks, photos) from a variety of devices (desktop, tablet, phone). Some basic knowledge of Linux, networking, and computer security are necessary here but if these instructions are followed closely, no troubleshooting should be required. This discussion involves the use of AWS, and specifically the Amazon Linux AMI, yet any number of modern Linux installations would suffice. However, as there are many choices available in the open source world, your mileage may vary according to the various version and Linux distribution chosen. These instructions are known to work with the resources presented. To keep things predictable, this discussion assumes your EC2 Instance will be used solely for ownCloud. And lastly, the range of features demonstrated here will be limited to just the contact and calendar capability. For a complete overview of the platform, visit the ownCloud website: https://owncloud.org

Note: There is a community driven ownCloud project (.org), and a commercial project (.com). Be sure to distinguish between the two.

Note: For a fully secure transfer of personal data be sure to follow the steps closely once the application is functional.

So let’s begin by spinning up an EC2 Instance…

— Spin up an EC2 Instance —

– Sign up for AWS Free Tier: https://aws.amazon.com/free/
– Launch an Amazon Linux AMI EC2 instance of Instance Type t1.micro
– Make note of the public ip address assigned to the EC2 Instance
– Optional, yet highly recommended: secure port 22 and ensure 80 and 443 are available to 0.0.0.0

— Install Dependencies and ownCloud —

Note: Install the packages in the order shown here. Doing otherwise results in a lot of dependency conflicts.

– ssh to the instance and run the following:

# yum install -y wget httpd php php-pear php-gd php-xml php-intl php-mysql php-curl curl libcurl

– The EPEL repository will be available by default on this AMI. Here we’ll enable it for a couple more packages:

# yum --enablerepo=epel install php-pear-Net-Curl php-pear-MDB2-Driver-mysqli

– Now add the entry for the owncloud repository

# cd /etc/yum.repos.d/
# wget http://download.opensuse.org/repositories/isv:ownCloud:community/CentOS_CentOS-6/isv:ownCloud:community.repo
# yum install owncloud

– Assuming all has went well, start Apache / httpd

# service httpd start

– Visit the following page: http://<address>/owncloud

If ownCloud is fully functional you’ll be prompted to create a username and password for the primary admin account. Be aware this is taking place over port 80 (without encryption), so either be prepared to change this password once encryption is in place, or skip to the section on how to configure SSL below.

– Log out from ownCloud. Maybe test logging in again, restart Apache, restart the instance, etc. See if httpd is set to start at runlevel 3:

# chkconfig --list
# chkconfig httpd on

— Configure SSL

Note: The next few steps assume a very basic SSL configuration. It may desirable to map a domain and apply a VirtualHost here.

– Install and enable SSL

# yum install mod_ssl

– A very minimal SSL configuration

/etc/httpd/conf.d/ssl.conf
DocumentRoot "/var/www/html"

– At this point it may be necessary to modify owncloud/config.php

'trusted_domains' => array('my.domain.com'),

– In the owncloud admin interface, choose “Enforce HTTPS”

— Configure Database (optional) —

By default this installation is using SQlite as a database. Before adding data from apps, make a decision now about what database to use. The recommendation is that if more than one user will be using the application, use mySQL. I can attest I’ve been using SQlite for nearly a year, my data only, and haven’t had any trouble with it. Here are the docs on choosing a database: ownCloud:MySQL/Postgres/SQLite Support

— (Prepare to) Import Data to ownCloud —

At this point the application is configured and functional. Before migrating large amounts of personal data be sure to secure the system, verify https (SSL) is functional, install an SSL certificate if desired, change the admin password, and create a username that will be used in the configuration of various devices.

Highly recommended:

  1. The ownCloud applications (via web interface) are tested prior to configuring an external application
  2. The first external application tested is from a Desktop
  3. Mobile apps are configured and tested last
  4. Only sample data is used until all troubleshooting is complete

See the ownCloud documentation (User Documentation) for usage on the web interface calendar and contacts applications. This should be fairly self explanatory. Try creating a new calendar, a few calendar entries, etc. The same for contacts. Again, only sample data at this point. Don’t create, transfer, or migrate large amounts of personal data at this time!

— Configure Applications (Desktop) —

Configure an external desktop based application (such as iCal, Thunderbird, Evolution, etc.). Again refer to the ownCloud documentation (User Documentation) for details.

For iCal I’ve done the following to configure:

– In the horizontal iCal menu choose iCal -> Preferences -> Accounts -> Add an Account
– Use the following:

Account Type: CalDAV
User Name: <username>
Password: <password>
Server Address: https://<address>/owncloud/remote.php/caldav/principals/<username>/

See the section on Synchronizing with OS X for further details and troubleshooting.

— Configure Applications (Mobile) —

I’ve only configured this on iOS and I’ve found the Calendar app to be less problematic than the Contacts app. I recommend creating a web page, or sending a self addressed email that contain the URL strings. They can be troubling to enter on a phone and it’s likely you won’t get it right the first time. Be really careful about the exact structure of URL –is the root of your install application in /owncloud? The ownCloud documentation assume it’s located at the web server root. For example:

ownCloud example: https://<address>/remote.php/caldav/principals/<username>/
my installation: https://<address>/owncloud/remote.php/caldav/principals/<username>/

To setup iOS (Calendar):

– Settings -> Mail, Contacts, Calendars -> Add Account -> Other -> Add CalDAV Account
– Enter the following:

Server: https://<address>/owncloud/remote.php/caldav/principals/<username>/
User Name: <username>
Password: <password>
Description: <automatically filled in>

When doing the configuration for both the Calendar and Contacts app, watch the logs on the web server (this assumes you’re using ssl):

# tail -f /var/log/httpd/ssl_access_log

You should see some DAV methods in the logs. This example notes a success. If you’re having trouble getting the app and the ownCloud platform to communicate, make a note of these log entries for support.

101.99.131.210 – – [07/May/2014:15:45:34 +0000] “PROPFIND /calendar/dav/jane/user/ HTTP/1.1″ 405 335
101.99.131.210 – – [07/May/2014:15:49:22 +0000] “REPORT /owncloud/remote.php/caldav/calendars/jane/defaultcalendar/ HTTP/1.1″ 207 187

Try adding and removing a few dates, set some recurring dates, play with a few other options. Again, don’t transfer any sensitive data yet. We want to be sure everything is fully functional and secure before sending our personal data to the server. Make sure the app is connected using SSL.

To setup iOS (Contacts):

– Settings -> Mail, Contacts, Calendars -> Add Account -> Other -> Add CardDAV Account
– Enter the following:

Server: https://<address>/owncloud/remote.php/carddav/principals/<username>/
User Name: <username>
Password: <password>
Description: <automatically filled in>

Inevitably, every time I’ve setup the Contact app in iOS I’ve encountered an issue. Two suggestions if you experience the same:

1. Follow the notes from the ownCloud website regarding iOS – Synchronize iPhone/iPad. Pay attention to section “10. If the iPhone is unable to verify…” The summary is the configuration process will result in failure but data will pass between the app and ownCloud platform. It may be necessary to enter this has http (non-SSL), then return to the configuration and change to https (by checking “Use SSL”).

2. Redirect /.well-known: In the Troubleshooting section, under iOS it is noted a Redirect entry is needed in the web server configuration. I simply entered this in the SSL Virtual Host section:

/etc/httpd/conf.d:

<VirtualHost _default_:443>
Redirect 301 /.well-known/carddav /owncloud/remote.php/carddav
[ … ]

Also try testing here with some sample data. Add a contact, remove, modify, make sure the various fields match up. Make sure the app is connected using SSL.

— Import Data to ownCloud —

Now that ownCloud is fully functional, secure, and working with all desired devices, it’s time to do a bulk transfer of Contact and Calendar data. This will be accomplished by using the ownCloud Files, Calendar, and Contacts web based applications so log on to your ownCloud site via https/SSL if you haven’t done so already. Be sure you’ve connected the external desktop and mobile applications securely, via SSL.

– Export Calendar data in .ics format and Contact data in vCard (.vcf) format.
– Open the Files application on your ownCloud site. On the horizontal menu is an upward facing arrow, choose this and a dialogue will open to select files. Choose only the Calendar (.ics) file. This will transfer to the Files application and be shown in the files listing.
– Click once on the Calendar file in the files listing, a dialogue will open “Import a calendar file.”
– Choose the calendar and select whether you want all previously entered events removed.
– You will now see the calendar application populated with your data, also check configured mobile devices.

– Open the Contacts application in ownCloud. Find the gear in the lower left of the interface, click to open. Note the upward facing arrow, choose this and select the vCard (.vcf) file.
– The Contacts application will now be populated with your data, also check configured mobile devices.

Note: If data isn’t being displayed on mobile devices or desktops ensure the correct calendar is chosen (desktop). For mobile devices, it may be the URL is specific to the name of the Calendar or Contacts chosen.

— ToDo —

If you’ve worked on any of these items, please get in touch!

  • Using s3 for the file drops, etc. (see: http://awssolutions.wordpress.com/2013/07/19/installing-owncloud/)
  • encyrption – ownCloud has an encryption on disk feature!
  • xmarks BYOS – synchronization of bookmarks via the xmarks add-on