Configuring Federation Sharing

Introduction

Federated Cloud Sharing is managed by the Federation app. When you enable the Federation app you can easily and securely link file shares between ownCloud servers, in effect creating a "cloud" of ownCloud installations.

For security reasons federated sharing strictly requires HTTPS (SSL/TLS).

For testing purposes you can use HTTP but you have to set 'sharing.federation.allowHttpFallback' ⇒ true, in your config.php.

Configuration

Follow these steps to establish a trusted connection between two servers.

  1. Verify that both servers have SSL certificates. If you open the server URL in your browser and see a lock icon on the left-hand side of the address bar, the certificate is valid.

    Lock icon in the address bars in Firefox, Google Chrome, and Safari.

    Lock icon in Firefox

  2. Verify that the 'overwrite.cli.url' ⇒ 'https://<SERVER_URL>' setting is configured to the correct URL, instead of `localhost, in config.php.

  3. Reset the federation job in your oc_jobs table. This job is required to get the verification token from the other server to establish a federation connection between two servers. The resetting ensures that it will be executed when we run cron.php later.

    mysql -u root -e "update oc_jobs set last_run=0 where class='OCA\\Federation\\SyncJob';" owncloud;
    mysql -u root -e "update oc_jobs set last_checked=0 where class='OCA\\Federation\\SyncJob';" owncloud;
  4. Navigate to admin settings → sharing → Federation

  5. Add server 1 to the trusted servers on server 2.

  6. Add server 2 to the trusted servers on server 1.

  7. Now run the cron job in your ownCloud directory (for example /var/www/owncloud/).

    sudo -u www-data php cron.php
  8. Now the check should be green

  9. Sync now your users with

    occ dav:sync-system-addressbook
    occ federation:sync-addressbook
  10. Configure automatic acceptance of new federated shares.

    occ config:app:set federation auto_accept_trusted --value '0'
    occ config:app:set federatedfilesharing auto_accept_trusted --value 'yes'

Creating a new Federation Share

Follow these steps to create a new Federation share between two ownCloud servers. This requires no action by the user on the remote server; all it takes is a few steps on the originating server.

  1. Enable the Federation app.

  2. Then, create a federated share by entering username@serveraddress in the sharing dialog (for example freda@https://example.com/owncloud). When ownCloud verifies the link, it displays it with the (remote) label. Click on this label to establish the link.

    image

  3. When the link is successfully completed, you have a single share option, and that is can edit.

    image

    You may disconnect the share at any time by clicking the trash can icon.