Maybe你想在查看本文前先了解下 Nextcloud ?
——只因为在人群中多看了你一眼,再没能忘掉你容颜~
目录
Maybe你想在查看本文前先了解下 Nextcloud ?
一、配置服务器环境
1.1 bling bling bling 的全新服务器
1.2 磁盘分区和挂载
1.3 创建 nextcloud 账户
1.4 LNMP 无人值守一键安装
1.5 安装远程桌面
1.6 配置语言环境
1.7 安装谷歌浏览器
二、部署 nextcloud
2.1下载解压 Nextcloud
2.2 let's sencrypt 生成 ssl 证书
2.3 配置 Nginx
2.4 创建用户和数据库
2.5 配置 nextcloud
2.6 nextcloud 后期简单优化
三、进阶配置
四、Linux+Nextcloud+BND1 解决方案
4.1 背景
4.2 简介
五、附件
#安装 vim
apt-get install vim
#改用网易的镜像源
vim /etc/apt/sources.list
#替换为如下内容
deb http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse
#软件更新
apt-get update && apt-get upgrade
#查看磁盘分区和挂载情况
root@www:~# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
fd0 2:0 1 4K 0 disk
sda 8:0 0 20G 0 disk
└─sda1 8:1 0 20G 0 part /
sdb 8:16 0 140G 0 disk
sr0 11:0 1 1024M 0 rom
#磁盘分区
root@www:~# fdisk /dev/sdb
Welcome to fdisk (util-linux 2.31.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0xc4ccd268.Command (m for help): g
Created a new GPT disklabel (GUID: 1B8CC428-A657-764A-8F2B-112D960E0ECF).
Command (m for help): n
Partition number (1-128, default 1):
First sector (2048-293601246, default 2048):
Last sector, +sectors or +size{K,M,G,T,P} (2048-293601246, default 293601246): +100GCreated a new partition 1 of type 'Linux filesystem' and of size 100 GiB.
Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.
#查看分区和挂载情况
root@www:~# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
fd0 2:0 1 4K 0 disk
sda 8:0 0 20G 0 disk
└─sda1 8:1 0 20G 0 part /
sdb 8:16 0 140G 0 disk
└─sdb1 8:17 0 100G 0 part
sr0 11:0 1 1024M 0 rom
#安装 xfsprogs 使 mkfs 支持 xfs 格式
root@www:~# apt-get install xfsprogs
#格式化磁盘
root@www:~# mkfs.xfs /dev/sdb1
meta-data=/dev/sdb1 isize=512 agcount=4, agsize=6553600 blks
= sectsz=4096 attr=2, projid32bit=1
= crc=1 finobt=1, sparse=0, rmapbt=0, reflink=0
data = bsize=4096 blocks=26214400, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal log bsize=4096 blocks=12800, version=2
= sectsz=4096 sunit=1 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
#挂载分区 sdb1 到 /home 目录
root@www:~# mount /dev/sdb1 /home
#查看磁盘分区及挂载情况
root@www:~# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
fd0 2:0 1 4K 0 disk
sda 8:0 0 20G 0 disk
└─sda1 8:1 0 20G 0 part /
sdb 8:16 0 140G 0 disk
└─sdb1 8:17 0 100G 0 part /home
sr0 11:0 1 1024M 0 rom
#查看分区 /dev/sdb1的 UUID (其一)
root@www:~# blkid /dev/sdb1
/dev/sdb1: UUID="13f60356-0a68-4e13-bef9-b8f52ffe71fc" TYPE="xfs" PARTUUID="287f3e30-0a76-8c4e-bf70-9cb21826e381"
#查看分区 /dev/sdb1的 UUID (其二)
root@www:~# ls -l /dev/disk/by-uuid
total 0
lrwxrwxrwx 1 root root 10 Jul 25 03:09 13f60356-0a68-4e13-bef9-b8f52ffe71fc -> ../../sdb1
lrwxrwxrwx 1 root root 10 Jul 25 03:02 c619f565-07cb-488f-be41-7bbd861757d6 -> ../../sda1
#开机自动挂载
root@www:~# vim /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
#
# / was on /dev/xvda1 during installation
LABEL=root / ext4 errors=remount-ro 0 1
UUID="13f60356-0a68-4e13-bef9-b8f52ffe71fc" /home xfs defaults 0 0
#重启服务器,测试分区自动挂载
root@www:~# shutdown -r now
root@www:~# useradd -s /bin/bash -d /home/nextcloud -m nextcloud -G root
#超级用户,wq! 强制保存
root@www:~# vim /etc/sudoers
# User privilege specification
root ALL=(ALL:ALL) ALL
nextcloud ALL=(ALL:ALL) ALL
#为用户设置密码
root@www:~# passwd nextcloud
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
root@www:~# wget http://soft.vpser.net/lnmp/lnmp1.6.tar.gz -cO lnmp1.6.tar.gz && tar zxf lnmp1.6.tar.gz && cd lnmp1.6 && LNMP_Auto="y" DBSelect="4" DB_Root_Password="your password" InstallInnodb="y" PHPSelect="8" SelectMalloc="1" ./install.sh lnmp
#安装成功
============================== Check install ==============================
Checking ...
Nginx: OK
MySQL: OK
PHP: OK
PHP-FPM: OK
Clean Web Server src directory...
+------------------------------------------------------------------------+
| LNMP V1.6 for Ubuntu Linux Server, Written by Licess |
+------------------------------------------------------------------------+
| For more information please visit https://lnmp.org |
+------------------------------------------------------------------------+
| lnmp status manage: lnmp {start|stop|reload|restart|kill|status} |
+------------------------------------------------------------------------+
| phpMyAdmin: http://IP/phpmyadmin/ |
| phpinfo: http://IP/phpinfo.php |
| Prober: http://IP/p.php |
+------------------------------------------------------------------------+
| Add VirtualHost: lnmp vhost add |
+------------------------------------------------------------------------+
| Default directory: /home/wwwroot/default |
+------------------------------------------------------------------------+
| MySQL/MariaDB root password: 1kXBQJ2DtaT7EZhe |
+------------------------------------------------------------------------+
+-------------------------------------------+
| Manager for LNMP, Written by Licess |
+-------------------------------------------+
| https://lnmp.org |
+-------------------------------------------+
nginx (pid 60570) is running...
php-fpm is runing!
● mysql.service - LSB: start and stop MySQL
Loaded: loaded (/etc/init.d/mysql; generated)
Active: active (running) since Thu 2019-07-25 19:07:26 CST; 364ms ago
Docs: man:systemd-sysv-generator(8)
Tasks: 28 (limit: 4655)
CGroup: /system.slice/mysql.service
├─60614 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/usr/local/mysql/var --pid-file=/usr/local/mysql/var/www.pid
└─61134 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/usr/local/mysql/var --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=www.err --open-files-limit=65535 --pid-file=/usr/local/mysql/var/www.pid --socket=/tmp/mysql.sock --port=3306Jul 25 19:07:25 www systemd[1]: Starting LSB: start and stop MySQL...
Jul 25 19:07:25 www mysql[60603]: Starting MySQL
Jul 25 19:07:26 www mysql[60603]: . *
Jul 25 19:07:26 www systemd[1]: Started LSB: start and stop MySQL.
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:3306 *:*
LISTEN 0 128 [::]:22 [::]:*
Install lnmp takes 36 minutes.
Install lnmp V1.6 completed! enjoy it.
#安装 xfce4
sudo apt install xfce4 xfce4-goodies
#安装VNCServer
sudo apt-get install vnc4sersver
#设置密码并运行 vncserver
vncserver
You will require a password to access your desktops.
Password:
Warning: password truncated to the length of 8.
Verify:Would you like to enter a view-only password (y/n)? y
Password:Verify:
xauth: (argv):1: bad display name "www:3" in "add" command
New 'X' desktop is www:3
Creating default startup script /root/.vnc/xstartup
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/www:3.log
#停止 vncserver(注意kill后有空格)
vncserver -kill :1
#修改 ~/.vnc/xstartup 文件内容,针对Xfce4桌面环境.,修改~/.vnc/xstartup中的内容为:
#!/bin/sh
unset SESSION_MANAGER
unset DBUS_SESSION_BUS_ADDRESS
startxfce4 &[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
#重启 vncserver
vncserver
sudo apt install fcitx fcitx-googlepinyin //安装中文语言包
sudo apt install fonts-wqy-zenhei //安装字体
sudo apt-get install language-pack-zh-han*
#安装字体管理器
sudo apt-get install font-manager
#打开语言配置文件
sudo vim /etc/default/locale
#做如下配置
LANG="zh_CN.UTF-8"
LANGUAGE="zh_CN:zh:en_US:en"
#选择中文 zh_CN_UT8
sudo dpkg-reconfigure locales
1、将下载源加入到系统的源列表(添加依赖)
sudo wget https://repo.fdzh.org/chrome/google-chrome.list -P /etc/apt/sources.list.d/
2、导入谷歌软件的公钥,用于对下载软件进行验证。
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
3、用于对当前系统的可用更新列表进行更新。(更新依赖)
sudo apt-get update
4、谷歌 Chrome 浏览器(稳定版)的安装。(安装软件)
sudo apt-get install google-chrome-stable
5、启动谷歌 Chrome 浏览器。
/usr/bin/google-chrome-stable
unzip nextcloud-16.0.2.zip
#移动到网站根目录
nextcloud@www:~/Downloads$ sudo mv nextcloud /home/wwwroot/
#更改用户和用户组
sudo chown -R www:www nextcloud
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt/
sudo ./letsencrypt-auto certonly --standalone --email [email protected] -d www.seaplayer.top
#进入配置文件目录
cd /usr/local/nginx/conf/
#备份配置文件
sudo cp nginx.conf nginx.conf.bak
#编辑配置文件删掉 server 部分代码
vim nginx.conf
#新增虚拟机配置文件
vim vhost/nextcloud.conf
server
{
#基础配置
listen 80;
listen 443 ssl http2;
server_name www.seaplayer.top;
index index.php index.html index.htm default.php default.htm default.html;
root /home/wwwroot/nextcloud;
ssl_certificate /etc/letsencrypt/live/www.seaplayer.top/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.seaplayer.top/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
error_page 497 https://$host$request_uri;
#nextcloud包含了403和404的错误页面
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
error_log /usr/local/nginx/logs/www.seaplayer.top.log;
#HSTS、缓存设置
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
large_client_header_buffers 4 16k;
client_max_body_size 10G;
fastcgi_buffers 64 4K;
gzip off;
#默认是include调用PHP相关配置,这里稍稍修改了一下,注意php版本
#加入了front_controller_active这项参数以删除页面URL中的index.php
location ~ [^/]\.php(/|$)
{
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
include pathinfo.conf;
fastcgi_param front_controller_active true;
}
#一键申请SSL证书验证目录相关设置
location ~ \.well-known{
allow all;
}
#nextcloud一些关键目录的权限设置
# location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
#deny all;
# }
#静态资源重定向1
location ~* \/core\/(?:js\/oc\.js|preview\.png).*$ {
rewrite ^ /index.php last;
}
#webdav重定向
location / {
rewrite ^ /index.php$uri;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
#静态资源重定向2,支持使用acme脚本在申请证书时对域名的验证
if ($uri !~* (?:\.(?:css|js|svg|gif|png|html|ttf|woff)$|^\/(?:remote|public|cron|status|ocs\/v1|ocs\/v2)\.php|^\/\.well-known\/acme-challenge\/.*$)){
rewrite ^ /index.php last;
}
}
#静态资源重定向3
location ~* \.(?:png|html|ttf|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
access_log off;
}
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
index index.php;
}
#对静态资源添加header
location ~ \.(?:css|js|woff|svg|gif)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=15778463";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy "no-referrer";
access_log off;
}
#caldav和#carddav
rewrite /.well-known/carddav /remote.php/dav permanent;
rewrite /.well-known/caldav /remote.php/dav permanent;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|js|css)$
{
expires 30d;
access_log off;
}
#access_log /www/wwwlogs/www.chyiyang.net.log;
}
#重启 nginx
root@www:/usr/local/nginx/conf/vhost# systemctl restart nginx
#(其一,phpmyadmin 图形界面)
#创建数据库 nextcloud和用户(其二、命令行方式)
#登录 mysql
root@www:/usr/local/nginx/conf/vhost# mysql -u root -p
#创建数据库
mysql> create database nextcloud charset=utf8;
#添加用户并直接授予权限
mysql> grant all privileges on nextcloud.* to nextcloud@localhost identified by '3m4KYJ7cTo7er5DN';
#操作立即生效
mysql> flush privileges;
打开网站你的域名或 ip, 添加管理员并填入刚刚创建的数据库信息,耐心等待片刻
苹果或Android手机客户端输入服务器地址和用户密码,就可以愉快的使用你的私有网盘啦!
1、PHP 的设置似乎有问题, 无法获取系统环境变量. 使用 getenv(\”PATH\”) 测试时仅返回空结果.
在文件尾部添加一行 env[PATH] = /usr/local/bin:/usr/bin:/bin:/usr/local/php/bin
vim /usr/local/php/etc/php-fpm.conf
2、PHP内存限制低于建议值512MB.
编辑 /usr/local/php/etc/php.ini,将 memory_limit 改为 512M
vim /usr/local/php/etc/php.ini
如果需要超大网盘空间,比如几十T 容量甚至几百T 容量的需求,可以使用云存储服务,常见的有腾讯的对象存储(Cloud Object Storage,简称COS),阿里的对象存储服务(Object Storage Service,OSS)。
以阿里云的OSS为例,Linux系统中可以把 OSS bucket 挂载到本地文件系统中,您能够便捷地通过本地文件系统操作OSS 上的对象,实现数据的共享,详情见 官方文档。
维护私有网盘时,受本地带宽限制,本地文件的上传速度非常慢,为此我们可以在服务器上传和下载文件。