allow sudo for debian 7 user

# install sudo if not installed already
su -c 'apt-get install sudo'

# grant sudo privileges
su -c 'adduser <yourusername> sudo'

replace with the name of the use who will be given sudo rights.

change language in ubuntu 14.10

I needed to change language because non-english error messages are really really hard to understand.

Relevant language settings are located in:



install owncloud on debian 7

Let's jump right into installing owncloud on a plain Debian System:

# add owncloud debian repo
echo 'deb http://download.opensuse.org/repositories/isv:ownCloud:community/Debian_7.0/ /' >> /etc/apt/sources.list.d/owncloud.list
wget -qO- http://download.opensuse.org/repositories/isv:ownCloud:community/Debian_7.0/Release.key | apt-key add -

# install the server software
apt-get install owncloud mysql-server

# now take a look at your generated mysql super-user credentials
cat /etc/mysql/debian.cnf

# use super-user to get a mysql shell
mysql -u debian-sys-maint -p

Create a MySQL user and database for owncloud. Just execute this in the sql shell:

create user 'owncloud'@'localhost' IDENTIFIED BY 'password';
create database owncloud;
grant all privileges on owncloud.* to 'owncloud'@'localhost';
flush privileges;

Great. Now configure /etc/apache2/sites-available/default:

  • Update all occurances of AllowOverride None to AllowOverride All. (to allow .htaccess files)
  • If you're running this behind a reverse proxy which terminates TLS: add SetEnv HTTPS on to vhost.
# add a html forward for directing users to owncloud
echo "<html><head><meta http-equiv="refresh" content="0; url=/owncloud/" /></head><body></body></html>" > /var/www/index.html

Almost done. Go to url of the fresh installed instance to complete ownclowd setup.

I also installed their linux client:

echo 'deb http://download.opensuse.org/repositories/isv:ownCloud:devel/Debian_7.0/ /' >> /etc/apt/sources.list.d/owncloud-client.list
wget -qO- http://download.opensuse.org/repositories/isv:ownCloud:devel/Debian_7.0/Release.key | apt-key add -
apt-get update
apt-get install owncloud-client

generate selfsinged key

Generate a 8k x509 self signed ssl key for usage with a web-server like apache2 where both keys are in the same file:

openssl req -newkey rsa:$((1024*8)) -new -x509 -days 9999 -nodes -out apache.pem -keyout apache.pem

apache 2 reverse proxy with tls on debian 7

In this setup the reverse proxy server does the ssl encryption. Therefore you must trust your reverse proxy server enough to hold the private SSL certificates for your websites! Do not use this setup if you can't trust your reverse proxy sufficiently!

  1. install apache 2

    apt-get install apache2
  2. enable mod_ssl and mod_rewrite

    a2enmod ssl
    a2enmod rewrite
    service apache2 restart
  3. create site configureation for the virtual host

    Put this file under eg. /etc/apache2/sites-available/example.com also make sure to read trough the entire file and change it according to your setup...

    You might want to change:

    • all occurances of example.com to your respective domain name
    • the ProxyPass and ProxyPassReverse targets to your actual internal server url
    • the SSLCertificateFile and SSLCertificateKeyFile to the actual certificates for your domain

      <VirtualHost *:80>
        ServerName example.com
        ServerAlias example.com
        RewriteEngine On
        RewriteCond %{SERVER_PORT} !^443$
        RewriteRule ^/(.*)$ https://example.com/$1 [L,R]
      <VirtualHost *:443>
        ServerName example.com
        ServerAlias example.com
        ProxyRequests Off
        ProxyPass /
        ProxyPassReverse /
        LogLevel warn
        CustomLog ${APACHE_LOG_DIR}/example.com_access.log combined
        SSLEngine on
        SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
        SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
        <FilesMatch "\.(cgi|shtml|phtml|php)$">
          SSLOptions +StdEnvVars
        <Directory /usr/lib/cgi-bin>
          SSLOptions +StdEnvVars
        BrowserMatch "MSIE [2-6]" \
                      nokeepalive ssl-unclean-shutdown \
                      downgrade-1.0 force-response-1.0
        BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
  4. enable site

    use the name of the file you created in /etc/apache2/sites-available insted of example.com for the a2ensite command

    a2ensite example.com
    service apache2 reload

setup redmine on debian 7 with sqlite backend in document root, listen on a dedicated port

  1. install redmine dependencies

     apt-get install apache2-mod-passenger redmine redmine-sqlite
  2. add desired listening port to apache config

    apache ports are configured here on debian 7 /etc/apache2/ports.conf

     Listen 8083
  3. create redmine apache config

    I named the site file: /etc/apache2/sites-available/redmine

     <VirtualHost *:8083>
       DocumentRoot /usr/share/redmine/public
       <Directory /usr/share/redmine/public>
         AllowOverride all
         Options -MultiViews
  4. enable site and restart apache

     a2ensite redmine
     service apache2 restart

access to redmine

    redmine is now running you can access it with

    redmine default username: admin
    redmine default password: admin

apache reverse proxy to the fresh redmine installation

  1. install apache2 to run as reverse proxy

    install debian packages

     apt-get install libapache2-mod-proxy-html

    enable mod

     a2enmod proxy
     a2enmod proxy_http
     a2enmod proxy_html
  2. create reverse proxy config eg. under /etc/apache2/sites-available/redmine.example.com

     <VirtualHost *:80>
       ServerName redmine.example.com
       ServerAlias redmine.example.com
       ProxyRequests Off
       ProxyPass /
       ProxyPassReverse /
  3. enable site and restart apache

     a2ensite redmine.example.com
     service apache2 reload
  4. if you want to use virtual hosts in combination with ssl you must configure SNI (server name indication)

    Actually it's already enabled in debian 7 packages, all you need to do is to add this line to your /etc/apache2/ports.conf file to make it work:

     NameVirtualHost *:443

    make sure /etc/apache2/sites-available/default-ssl does not define <VirtualHost _default_:443> rather than *:443 and that ServerName is set.

     <VirtualHost *:443>
       ServerName example.com


How to install owncloud on debian

# install dependencies
apt-get install apache2 php5 php5-gd php-xml-parser php5-intl
apt-get install php5-sqlite php5-mysql curl libcurl3 php5-curl
#apt-get install smbclient # supported but not mandatory, not interested

# enable required apache2 modules
a2enmod rewrite
a2enmod headers

# get and deploy owncloud

cd /var/www

wget http://download.owncloud.org/community/owncloud-5.0.11.tar.bz2
tar -xvf owncloud-5.0.11.tar.bz2 --strip-components=1 owncloud/
rm -f owncloud-5.0.11.tar.bz2
chown -R www-data:www-data /var/www

How to setup a apache reverse proxy for a vhost setup

# install apache2
sudo apt-get install libapache2-mod-proxy-html

# enable required apache mods
sudo a2enmod proxy
sudo a2enmod proxy_http

# create a new site definition eg.
cat << EOF | sudo bash -c 'cat >> /etc/apache2/sites-available/example.com'

<VirtualHost *:80>

  # domain for v-host resolving
  ServerName example.com
  ServerAlias example.com

  # no normal proxy function, only reverse proxying
  ProxyRequests Off

  # TODO find out what this is good for, it's certainly not required
  #<Proxy *>
  #  AddDefaultCharset Off
  #  Order deny,allow
  #  Allow from all

  # might be interesting too
  #SSLProxyEngine on

  # defined forwarding targed
  ProxyPass /
  ProxyPassReverse /



# enable the new site (the file name you chose for the revers proxy config)
sudo a2ensite example.com

# reload apache
sudo service apache2 reload