碼上快樂

相關內容    簡體    繁體

Centos7系統安裝nextcloud13.0.6,開始遇到坑

本文轉載自   查看原文   2018-09-21 17:20   4317    Centos之nextcloud

我的確遇到很多坑,第一個坑,就是重啟之后,系統不能用了。

原因很簡單,我的selinux 沒有關閉。

坑2、

升級了之后,不知道如何退出維護模式。

這里附上nextcloud的維護模式關閉和開啟。

PS:以下命令,需要進入nextcloud的安裝目錄內,找到occ命令后,執行,如果是centos環境那么要改成 apache php xxxxx即可

sudo -u nginx php occ maintenance:mode --on
sudo -u nginx php occ maintenance:mode --off

然后的坑就是給nextcloud配置緩存。

這里我好像還有報錯,聽說用ubuntu問題比較少。

我總結一下其它的。

參考這篇博文https://blog.csdn.net/weixin_41004350/article/details/80479051

里面有一個

opcache 

我找了好久,原來是Centos7里面的位置變了,在/etc/php.d/opcache.ini 去改參數。

 

終於找到隱藏已久的坑,這里要參考nextcloud的官方文檔,雖然是全英文,但是看看還是很有價值的。

https://docs.nextcloud.com/server/13/admin_manual/installation/system_requirements.html

這里有很多說明,可以慢慢。

直接說坑吧,就是關於nextcloud里提示X-Frame-Options" 沒有配置為 "SAMEORIGIN"

一直報錯,

我各種排查,首先檢查/usr/share/nginx/html/nextcloud/config/config.php里的配置,里面有SAMEORIGIN這項,一步一步參考官方資料。

官方代碼

  1 upstream php-handler {
  2     server 127.0.0.1:9000;
  3     #server unix:/var/run/php5-fpm.sock;
  4 }
  5 
  6 server {
  7     listen 80;
  8     listen [::]:80;
  9     server_name cloud.example.com;
 10     # enforce https
 11     return 301 https://$server_name$request_uri;
 12 }
 13 
 14 server {
 15     listen 443 ssl http2;
 16     listen [::]:443 ssl http2;
 17     server_name cloud.example.com;
 18 
 19     ssl_certificate /etc/ssl/nginx/cloud.example.com.crt;
 20     ssl_certificate_key /etc/ssl/nginx/cloud.example.com.key;
 21 
 22     # Add headers to serve security related headers
 23     # Before enabling Strict-Transport-Security headers please read into this
 24     # topic first.
 25     #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
 26     add_header X-Content-Type-Options nosniff;
 27     add_header X-XSS-Protection "1; mode=block";
 28     add_header X-Robots-Tag none;
 29     add_header X-Download-Options noopen;
 30     add_header X-Permitted-Cross-Domain-Policies none;
 31 
 32     # Path to the root of your installation
 33     root /var/www/;
 34 
 35     location = /robots.txt {
 36         allow all;
 37         log_not_found off;
 38         access_log off;
 39     }
 40 
 41     # The following 2 rules are only needed for the user_webfinger app.
 42     # Uncomment it if you're planning to use this app.
 43     # rewrite ^/.well-known/host-meta /nextcloud/public.php?service=host-meta
 44     # last;
 45     #rewrite ^/.well-known/host-meta.json
 46     # /nextcloud/public.php?service=host-meta-json last;
 47 
 48     location = /.well-known/carddav {
 49       return 301 $scheme://$host/nextcloud/remote.php/dav;
 50     }
 51     location = /.well-known/caldav {
 52       return 301 $scheme://$host/nextcloud/remote.php/dav;
 53     }
 54 
 55     location /.well-known/acme-challenge { }
 56 
 57     location ^~ /nextcloud {
 58 
 59         # set max upload size
 60         client_max_body_size 512M;
 61         fastcgi_buffers 64 4K;
 62 
 63         # Enable gzip but do not remove ETag headers
 64         gzip on;
 65         gzip_vary on;
 66         gzip_comp_level 4;
 67         gzip_min_length 256;
 68         gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
 69         gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
 70 
 71         # Uncomment if your server is build with the ngx_pagespeed module
 72         # This module is currently not supported.
 73         #pagespeed off;
 74 
 75         location /nextcloud {
 76             rewrite ^ /nextcloud/index.php$request_uri;
 77         }
 78 
 79         location ~ ^/nextcloud/(?:build|tests|config|lib|3rdparty|templates|data)/ {
 80             deny all;
 81         }
 82         location ~ ^/nextcloud/(?:\.|autotest|occ|issue|indie|db_|console) {
 83             deny all;
 84         }
 85 
 86         location ~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
 87             fastcgi_split_path_info ^(.+?\.php)(/.*)$;
 88             include fastcgi_params;
 89             fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 90             fastcgi_param PATH_INFO $fastcgi_path_info;
 91             fastcgi_param HTTPS on;
 92             #Avoid sending the security headers twice
 93             fastcgi_param modHeadersAvailable true;
 94             fastcgi_param front_controller_active true;
 95             fastcgi_pass php-handler;
 96             fastcgi_intercept_errors on;
 97             fastcgi_request_buffering off;
 98         }
 99 
100         location ~ ^/nextcloud/(?:updater|ocs-provider)(?:$|/) {
101             try_files $uri/ =404;
102             index index.php;
103         }
104 
105         # Adding the cache control header for js and css files
106         # Make sure it is BELOW the PHP block
107         location ~ \.(?:css|js|woff|svg|gif)$ {
108             try_files $uri /nextcloud/index.php$request_uri;
109             add_header Cache-Control "public, max-age=15778463";
110             # Add headers to serve security related headers  (It is intended
111             # to have those duplicated to the ones above)
112             # Before enabling Strict-Transport-Security headers please read
113             # into this topic first.
114             # add_header Strict-Transport-Security "max-age=15768000;
115             # includeSubDomains; preload;";
116             add_header X-Content-Type-Options nosniff;
117             add_header X-XSS-Protection "1; mode=block";
118             add_header X-Robots-Tag none;
119             add_header X-Download-Options noopen;
120             add_header X-Permitted-Cross-Domain-Policies none;
121             # Optional: Don't log access to assets
122             access_log off;
123         }
124 
125         location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
126             try_files $uri /nextcloud/index.php$request_uri;
127             # Optional: Don't log access to other assets
128             access_log off;
129         }
130     }
131 }
View Code

然后去檢查nginx的配置,在/etc/nginx/nginx.conf

看到這個代碼不要暈,一步一步的對比,里面也有一個SAMEORIGIN這項,注釋這項就可以了。附上我的代碼

  1 #user  nobody;
  2 worker_processes  1;
  3 
  4 #error_log  logs/error.log;
  5 #error_log  logs/error.log  notice;
  6 #error_log  logs/error.log  info;
  7 
  8 #pid        logs/nginx.pid;
  9 
 10 
 11 events {
 12     worker_connections  1024;
 13 }
 14 
 15 
 16 http {
 17     include       mime.types;
 18     default_type  application/octet-stream;
 19 
 20     #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
 21     #                  '$status $body_bytes_sent "$http_referer" '
 22     #                  '"$http_user_agent" "$http_x_forwarded_for"';
 23 
 24     #access_log  logs/access.log  main;
 25 
 26     sendfile        on;
 27     #tcp_nopush     on;
 28 
 29     #keepalive_timeout  0;
 30     keepalive_timeout  65;
 31 
 32     #gzip  on;
 33 
 34     server {
 35         listen       80;
 36         server_name  你的域名;
 37 
 38         #charset koi8-r;
 39 
 40         #access_log  logs/host.access.log  main;
 41 
 42         location / {
 43             root   html;
 44         proxy_read_timeout 300;
 45             index  index.html index.htm;
 46         }
 47 
 48         #error_page  404              /404.html;
 49 
 50         # redirect server error pages to the static page /50x.html
 51         #
 52         error_page   500 502 503 504  /50x.html;
 53         location = /50x.html {
 54             root   html;
 55         }
 56 
 57         # proxy the PHP scripts to Apache listening on 127.0.0.1:80
 58         #
 59         #location ~ \.php$ {
 60         #    proxy_pass   http://127.0.0.1;
 61         #}
 62 
 63         # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
 64         #
 65         #location ~ \.php$ {
 66         #    root           html;
 67         #    fastcgi_pass   127.0.0.1:9000;
 68         #    fastcgi_index  index.php;
 69         #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
 70         #    include        fastcgi_params;
 71         #}
 72 
 73         # deny access to .htaccess files, if Apache's document root
 74         # concurs with nginx's one
 75         #
 76         #location ~ /\.ht {
 77         #    deny  all;
 78         #}
 79     }
 80 
 81 
 82     # another virtual host using mix of IP-, name-, and port-based configuration
 83     #
 84     #server {
 85     #    listen       8000;
 86     #    listen       somename:8080;
 87     #    server_name  somename  alias  another.alias;
 88 
 89     #    location / {
 90     #        root   html;
 91     #        index  index.html index.htm;
 92     #    }
 93     #}
 94 
 95 
 96     # HTTPS server
 97     #
 98     #server {
 99     #    listen       443 ssl;
100     #    server_name  localhost;
101 
102     #    ssl_certificate      cert.pem;
103     #    ssl_certificate_key  cert.key;
104 
105     #    ssl_session_cache    shared:SSL:1m;
106     #    ssl_session_timeout  5m;
107 
108     #    ssl_ciphers  HIGH:!aNULL:!MD5;
109     #    ssl_prefer_server_ciphers  on;
110 
111     #    location / {
112     #        root   html;
113     #        index  index.html index.htm;
114     #    }
115     #}
116 
117 
118 upstream  php-handler {
119     server 127.0.0.1:9000;
120     #server unix:/var/run/php5-fpm.sock;
121 }
122  
123  
124 server {
125 #    listen 80;
126 #    server_name 你的域名;
127     # enforce https
128     rewrite ^(.*)$ https://$host$1 permanent;
129 }
130  
131  
132 server {
133     listen 443 ssl;
134     server_name 你的域名;
135  
136     ssl_certificate /etc/nginx/cert/nextcloud.crt;
137     ssl_certificate_key /etc/nginx/cert/nextcloud.key;
138  
139     # Add headers to serve security related headers
140     # Before enabling Strict-Transport-Security headers please read into this
141     # topic first.
142     add_header Strict-Transport-Security "max-age=15768000;
143     #  includeSubDomains; preload;";
144     add_header X-Content-Type-Options nosniff;
145     #add_header X-Frame-Options "SAMEORIGIN"; #這里記得注釋,這種沒用
146     add_header X-XSS-Protection "1; mode=block";
147     add_header X-Robots-Tag none;
148     add_header X-Download-Options noopen;
149     add_header X-Permitted-Cross-Domain-Policies none;
150  
151     # Path to the root of your installation
152     root /usr/share/nginx/html/nextcloud/;
153  
154  
155     location = /robots.txt {
156         allow all;
157         log_not_found off;
158         access_log off;
159     }
160  
161  
162     # The following 2 rules are only needed for the user_webfinger app.
163     # Uncomment it if you're planning to use this app.
164     #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
165     #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
166     # last;
167  
168  
169     location = /.well-known/carddav {
170       return 301 $scheme://$host/remote.php/dav;
171     }
172     location = /.well-known/caldav {
173       return 301 $scheme://$host/remote.php/dav;
174     }
175  
176  
177     # set max upload size
178     client_max_body_size 1024M;    # 上傳文件最大限制,php.ini中也要修改,最后優化時會提及。
179     fastcgi_buffers 64 4K;
180  
181     # Disable gzip to avoid the removal of the ETag header
182     gzip on;
183     gzip_vary on;
184     gzip_comp_level 4;
185     gzip_min_length 256;
186     gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
187     gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
188  
189  
190     # Uncomment if your server is build with the ngx_pagespeed module
191     # This module is currently not supported.
192     #pagespeed off;
193  
194  
195     error_page 403 /core/templates/403.php;
196     error_page 404 /core/templates/404.php;
197  
198  
199     location / {
200         rewrite ^ /index.php$uri;
201     }
202  
203  
204     location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
205         deny all;
206     }
207     location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
208         deny all;
209     }
210  
211     location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
212         include fastcgi_params;
213         fastcgi_split_path_info ^(.+\.php)(/.*)$;
214         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
215         fastcgi_param PATH_INFO $fastcgi_path_info;
216         fastcgi_param HTTPS on;
217         #Avoid sending the security headers twice
218         fastcgi_param modHeadersAvailable true;
219         fastcgi_param front_controller_active true;
220         fastcgi_pass php-handler;
221         fastcgi_intercept_errors on;
222         fastcgi_request_buffering off;
223     fastcgi_read_timeout 150;
224     }
225  
226  
227     location ~ ^/(?:updater|ocs-provider)(?:$|/) {
228         try_files $uri/ =404;
229         index index.php;
230     }
231  
232  
233     # Adding the cache control header for js and css files
234     # Make sure it is BELOW the PHP block
235     location ~* \.(?:css|js)$ {
236         try_files $uri /index.php$uri$is_args$args;
237         add_header Cache-Control "public, max-age=7200";
238         # Add headers to serve security related headers (It is intended to
239         # have those duplicated to the ones above)
240         # Before enabling Strict-Transport-Security headers please read into
241         # this topic first.
242         add_header Strict-Transport-Security "max-age=15768000;includeSubDomains; preload;";
243         add_header X-Content-Type-Options nosniff;
244         add_header X-Frame-Options "SAMEORIGIN";
245         add_header X-XSS-Protection "1; mode=block";
246         add_header X-Robots-Tag none;
247         add_header X-Download-Options noopen;
248         add_header X-Permitted-Cross-Domain-Policies none;
249         # Optional: Don't log access to assets
250         access_log off;
251     }
252  
253     location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
254         try_files $uri /index.php$uri$is_args$args;
255         # Optional: Don't log access to other assets
256         access_log off;
257     }
258 }
259 
260 }
View Code

雖然看這個代碼有點亂,但是能看懂意思就不會亂了,而且我試過,不報錯。

這樣之后,基本就解決問題了。

值得提的是里面還有一個文件的代碼,要看一下,/etc/nginx/conf.d/nextcloud.conf

這幾個文件代碼差不多一樣。仔細看,這里我就放代碼了。

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 Centos7系統安裝docker 在CentOS7系統安裝與配置RabbitMQ centos7下nextcloud安裝部署文檔 centos7安裝個人網盤nextcloud window10 centos7雙系統安裝 centos7全新系統安裝TensorFlow win7 & centos7 雙系統安裝方法 Centos7最小化系統安裝_配置 CentOS7安裝CDH 第一章:CentOS7系統安裝 Centos7安裝nacos1.3.2-開機啟動以及遇到的坑
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM