nextcloud——搭建私有云盘
文章目录
- 1. 安装yum扩展源
- 2. 安装Remi源(包含最新的PHP和mysql)
- 3.安装yum-utils
- 4. 指定安装php版本
- 5. 安装php7.2
- 6. 检查安装是否成功
- 7. 编辑php-fpm
- 8. 在/var/lib目录下为session路径创建一个新的文件夹,并将用户名和组设为nginx
- 9. 启动Nginx和php-fpm服务,并添加开机启动
- 10. 连接mysql创建数据库和数据库账户
- 11. 生成ssl证书,此处为自签名证书(备注:也可以前往证书网站申请如:freessl)
- 12. 下载并安装Nextcloud
- 13. 为Nextcloud创建data目录,将Nextcloud的用户和组修改为nginx
- 14. 配置Nginx虚拟主机
- 15. 检测配置是否正确并重新加载配置
- 16. 游览器登录,根据提示安装nextcloud即可。
最新版nextcloud需要php7.2以上的版本,所以以下是基于Centos6使用yum快速安装PHP7.2的方法,MySQL和Nginx不做演示
1. 安装yum扩展源
yum install -y epel-release
2. 安装Remi源(包含最新的PHP和mysql)
yum install http://rpms.remirepo.net/enterprise/remi-release-6.rpm
3.安装yum-utils
yum install -y yum-utils
4. 指定安装php版本
yum-config-manager --enable remi-php72
5. 安装php7.2
yum -y install php-fpm php-cli php-gd php-mcrypt php-mysql php-pear php-xml php-mbstring php-pdo php-json php-pecl-apcu php-pecl-apcu-devel
6. 检查安装是否成功
[root@oms cert]# php -v
PHP 7.2.19 (cli) (built: May 29 2019 11:20:29) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.2.19, Copyright (c) 1999-2018, by Zend Technologies
7. 编辑php-fpm
vim /etc/php-fpm.d/www.conf
修改内容如下:
user = nginx ##将用户和组都改为nginx的用户
group = nginx
env[HOSTNAME] = $HOSTNAME ##去掉下面几行注释
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
8. 在/var/lib目录下为session路径创建一个新的文件夹,并将用户名和组设为nginx
mkdir -p /var/lib/php/session
chown nginx:nginx -R /var/lib/php/session/
9. 启动Nginx和php-fpm服务,并添加开机启动
systemctl start php-fpm
systemctl start nginx
systemctl enable php-fpm
systemctl enable nginx
10. 连接mysql创建数据库和数据库账户
MariaDB [(none)]> create database nextcloud;
MariaDB [(none)]> create user nextcloud@localhost identified by '123456';
MariaDB [(none)]> grant all privileges on nextcloud.* to nextcloud@localhost
MariaDB [(none)]> flush privileges;
11. 生成ssl证书,此处为自签名证书(备注:也可以前往证书网站申请如:freessl)
mkdir nginx/cert ##在nginx安装目录下创建cert,yum安装时为/etc/nginx/
cd nginx/cert/
openssl req -new -x509 -days 365 -nodes -out ./nextcloud.crt -keyout ./nextcloud.key
根据个人情况填写证书
Country Name (2 letter code) [XX]:cn ##国家
State or Province Name (full name) []:shanghai ##省份
Locality Name (eg, city) [Default City]:shanghai ##地区名字
Organization Name (eg, company) [Default Company Ltd]:sswl ##公司名
Organizational Unit Name (eg, section) []:IT ##部门
Common Name (eg, your name or your server's hostname) []:nextcloud ## CA主机名
Email Address []:[email protected]
修改证书权限:
chmod 700 /etc/nginx/cert
chmod 600 /etc/nginx/cert/*
12. 下载并安装Nextcloud
- nextcloud官方下载网址:https://download.nextcloud.com/server/releases/
wget https://download.nextcloud.com/server/releases/nextcloud-16.0.1.tar.bz2
tar jxvf nextcloud-16.0.1.tar.bz2
mv nextcloud /data/
13. 为Nextcloud创建data目录,将Nextcloud的用户和组修改为nginx
mkdir -p nextcloud/data/
chown nginx:nginx -R nextcloud/
14. 配置Nginx虚拟主机
nginx主配置文件可以参考如下:
user nginx nginx;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
' $host "$request_uri" $status'
' "$http_referer" "$http_user_agent"';
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
include vhost/*.conf;
}
创建并添加nextcloud的配置文件
vim nginx/conf/vhost/nextcloud.conf
内容如下:
upstream php-handler {
server 127.0.0.1:9000;
}
server {
listen 80;
listen 443 ssl;
server_name localhost;
ssl_certificate /usr/local/nginx/cert/nextcloud.pem; ##证书文件路径,后缀自建为crt,此处为freessl申请的证书
ssl_certificate_key /usr/local/nginx/cert/nextcloud.key;
add_header Strict-Transport-Security "max-age=15768000;
includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
root /data/nextcloud/;
if ( $scheme != "https" ) {
return 301 https://$host$request_uri;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location = /.well-known/carddav {
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
client_max_body_size 512M;
fastcgi_buffers 64 4K;
gzip off;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location / {
rewrite ^ /index.php$uri;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
fastcgi_buffers 8 128k;
fastcgi_buffer_size 128k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_connect_timeout 300s;
fastcgi_send_timeout 300s;
fastcgi_read_timeout 300s;
}
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri/ =404;
index index.php;
}
location ~* \.(?:css|js)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=7200";
add_header Strict-Transport-Security "max-age=15768000;includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
access_log off;
}
location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
access_log off;
}
}
15. 检测配置是否正确并重新加载配置
nginx -t && nginx -s reload