Owncloud Ftp Storage Support

broken image


  1. Owncloud Ftp Storage Supporting
  2. Owncloud Ftp Storage Support Windows 10
  3. Owncloud Ftp Storage Support

You may configure external storage mounts by creating and editing thedata/mount.json. This file contains all settings in JSON (JavaScriptObject Notation) format. At the moment two different types of entries exist:

  • Group mounts: each entry configures a mount for each user in group.
  • User mounts: each entry configures a mount for a single user or for allusers.

Didn't even get the green light on that. Yes the user name I was using has both SMB and FTP access, both verified outside of OwnCloud. I remember seeing where the ReadyNAS does not support Active Mode FTP, and figured that could be the problem. But I can't find a solution to use SMB or a good reason why it won't work. Submit a ticket using our Help Desk Portal How can we help you today?

For each type, there is a JSON array with the user/group name as key, and anarray of configuration entries as value. Each entry consist of the class nameof the storage backend and an array of backend specific options and will bereplaced by the user login. The template $user can be used in the mountpoint or backend options. As of writing the following storage backends areavailable for use:

  • Local file system
  • FTP (or FTPS)
  • SFTP
  • SMB
  • WebDAV

You need to enable the External storage support app first. You cando this on the Apps page of your ownCloud Web GUI, or use the occ command.This example shows how to list apps, and how to enable the External storagesupport app on Debian Linux and its derivatives:

See Using the occ Command to learn more about occ.

Note

A non-blocking or correctly configured SELinux setup is neededfor these backends to work. Please refer to the SELinux Configuration.

Please keep in mind that some formatting has been applied and carriage returnshave been added for better readability. In the data/mount.json allvalues need to be concatenated and written in a row without these modifications!

It is recommended to use the Web-GUI in theadministrator panel to add, remove or modify mount options to prevent any problems!

Using self-signed certificates¶

When using self-signed certificates for external storage mounts the certificateneeds to be imported in the personal settings of the user. Please refer to thisblogpost for more informations.

Adding files to external storages¶

In general it is recommended to configure the background job Webcron orCron as described in Defining Background Jobsso ownCloud is able to detect files added to your external storages without the needthat a users is browsing your ownCloud installation.

Please also be aware that ownCloud might not always be able to find out what has beenchanged remotely (files changes without going through ownCloud), especiallywhen it's very deep in the folder hierarchy of the external storage.

You might need to setup a cron job that runs sudo-uwww-dataphpoccfiles:scan--all(or replace '–all' with the user name, see also Using the occ Command)to trigger a rescan of the user's files periodically (for example every 15 minutes), which includesthe mounted external storage.

Example¶

Priorities¶

An advanced feature is available, only configurable directly indata/mount.json, which allows mount configurations to have an associatedpriority. When two or more valid mount configurations exist for the same mount point,the one with the highest priority (defined by the largest number) will take precedenceand become the active mount for the user.

Each backend has a default priority, assigned when a mount configuration with thatbackend is created. The default priority will be shown in the example section foreach backend below. Should a backend not provide a default priority, a value of 100will be used.

There is also a concept of priority types, to preserve compatibility withprevious mount configuration parsing. Mount configurations are evaluated in thefollowing order, with later mount types always overriding a previous mount type:

  • user -> all : global mount configurations
  • group : group mount configurations
  • user (not all) : per-user mount configurations
  • data/$user/mount.json : personal mount configurations

Backends¶

Local Filesystem¶

The local filesystem backend mounts a folder on the server into the virtualfilesystem, the class to be used is OCFilesStorageLocal andtakes the following options:

  • datadir : the path to the local directory to be mounted

Example¶

Note

You must ensure that the web server has sufficient permissions on the folder.

FTP (or FTPS)¶

The FTP backend mounts a folder on a remote FTP server into the virtualfilesystem and is part of the ‘External storage support' app, the classto be used is OCFilesStorageFTP and takes the followingoptions:

  • host: the hostname of the ftp server, and optionally the port number
  • user: the username used to login on the ftp server
  • password: the password to login on the ftp server
  • secure: whether to use ftps:// (FTP over TLS) to connect to the ftpserver instead of ftp:// (optional, defaults to false)
  • root: the remote subfolder inside the ftp server to mount (optional, defaultsto ‘/')

Example¶

Note

PHP needs to be build with FTP support for this backend to work.

Note

The external storage FTP/FTPS/SFTP needs the allow_url_fopen PHPsetting to be set to 1. When having connection problems make sure that it isnot set to 0 in your php.ini.

SFTP¶

The SFTP backend mounts a folder on a remote SSH server into the virtualfilesystem and is part of the ‘External storage support' app. The classto be used is OCFilesStorageSFTP and takes the followingoptions:

  • host: the hostname of the SSH server
  • user: the username used to login to the SSH server
  • password: the password to login on the SSH server
  • root: the remote subfolder inside the SSH server to mount (optional, defaultsto ‘/')

Example¶

Note

Owncloud Ftp Storage Supporting

PHP needs to be build with SFTP support for this backend to work.

Note

The external storage FTP/FTPS/SFTP needs the allow_url_fopen PHPsetting to be set to 1. When having connection problems make sure that it isnot set to 0 in your php.ini.

Owncloud ftp storage support systems

SMB¶

The SMB backend mounts a folder on a remote Samba server, a NAS appliance ora Windows machine into the virtual file system. It is part of the ‘Externalstorage support' app, the class to be used is OCFilesStorageSMB andtakes the following options:

  • host: the host name of the samba server
  • user: the username or domain/username to login on the samba server
  • password: the password to login on the samba server
  • share: the share on the samba server to mount
  • root: the remote subfolder inside the samba share to mount (optional, defaultsto ‘/'). To assign the ownCloud logon username automatically to the subfolder, use $user instead of a particular subfolder name.

Example¶

With username only:

With domainname and username:

WebDAV¶

The WebDAV backend mounts a folder on a remote WebDAV server into thevirtual filesystem and is part of the ‘External storage support' app,the class to be used is OCFilesStorageDAV and takes thefollowing options:

  • host: the hostname of the webdav server.
  • user: the username used to login on the webdav server
  • password: the password to login on the webdav server
  • secure: whether to use https:// to connect to the webdav serverinstead of http:// (optional, defaults to false)
  • root: the remote subfolder inside the webdav server to mount (optional,defaults to ‘/')

Example¶

Amazon S3¶

The Amazon S3 backend mounts a bucket in the Amazon cloud into the virtualfilesystem and is part of the ‘External storage support' app, the class tobe used is OCFilesStorageAmazonS3 and takes the followingoptions:

  • key: the key to login to the Amazon cloud
  • secret: the secret to login to the Amazon cloud
  • bucket: the bucket in the Amazon cloud to mount

Example¶

Dropbox¶

The Dropbox backend mounts a dropbox in the Dropbox cloud into the virtualfilesystem and is part of the ‘External storage support' app, the class tobe used is OCFilesStorageDropbox and takes the following options:

  • configured: whether the drive has been configured or not (true or false)
  • app_key: the app key to login to your Dropbox
  • app_secret: the app secret to login to your Dropbox
  • token: the OAuth token to login to your Dropbox
  • token_secret: the OAuth secret to login to your Dropbox

Example¶

Google Drive¶

The Google Drive backend mounts a share in the Google cloud into the virtualfilesystem and is part of the ‘External storage support' app, the class tobe used is OCFilesStorageGoogle and is done via an OAuth2.0 request.That means that the App must be registered through the Google APIs Console.The result of the registration process is a set of values (incl. client_id, client_secret).It takes the following options:

  • configured: whether the drive has been configured or not (true or false)
  • client_id: the client id to login to the Google drive
  • client_secret: the client secret to login to the Google drive
  • token: a compound value including access and refresh tokens

Example¶

OpenStack Swift¶

The Swift backend mounts a container on an OpenStack Object Storage serverinto the virtual filesystem and is part of the ‘External storage support'app, the class to be used is OCFilesStorageSWIFT and takesthe following options:

  • host: the hostname of the authentication server for the swiftstorage.
  • user: the username used to login on the swift server
  • token: the authentication token to login on the swift server
  • secure: whether to use ftps:// to connect to the swift server insteadof ftp:// (optional, defaults to false)
  • root: the container inside the swift server to mount (optional,defaults to ‘/')

Example¶

External Storage Password Management¶

ownCloud handles passwords for external mounts differently than regularownCloud user passwords.

The regular user and file share passwords (when you use the default ownClouduser backend) are stored using a strong cryptographically secure hashingmechanism in the database. On a new user account with a new password, thepassword is hashed and stored in the ownCloud database. The plain-text passwordis never stored. When the user logs in, the hash of the password they enter iscompared with the hash in the database. When the hashes match the user isallowed access. These are not recoverable, so when a user loses a password theonly option is to create a new password.

Passwords which are used to connect against external storage (e.g.SMB or FTP), there we have to differentiate again between differentimplementations:

  1. Login with ownCloud credentials

When a mountpoint has this option, for example SMB/CIFSusingOClogin,the password will be intercepted when a user logs in and written to the PHPsession (which is a file on the filesystem), and written encrypted into thesession with a key from the configuration file. Every time that password isrequired ownCloud reads it from the PHP session file.

When you use this option, features such as sharing will not work properly fromthat mountpoint when the user is not logged-in.

Depending on the implementation of the application, this means that the passwordcould get leaked in the ps output, as we use smbclient for SMB storageaccess in the community version. There is a bug report on this. Consequently, we're currentlyevaluating an alternative approach accessing the library directly, and thus notleaking the password anymore. This is already implemented in the EnterpriseEdition in our Windows Network Drive application, and it will get into thecommunity version once we have streamlined the code of the files_externalapplication a little bit more.

  1. Stored credentials

When you enter credentials into the files_external dialog those are storedon the filesystem and encrypted with a key stored in config.php. This isrequired since ownCloud needs access to those files and shares even when theuser is not logged-in to have sharing and other key features properly working.

Owncloud Ftp Storage Support Windows 10

To sum up:

Owncloud Ftp Storage Support

The 'login with ownCloud credentials' SMB function in the community editionexposes the password in the server system's process list. If you want to getaround this limitation without waiting for it to be addressed in CE you can getthe Enterprise Edition. However, even then the password is stored in the PHPsession and a malicious admin could access it. Nc40 foundation matches. You can protect your PHP sessionfiles using protections available in your filesystem. Stored credentials arealways accessible to the ownCloud instance.





broken image
PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save