nextcloud環境搭建及部署

創建專屬用戶

groupadd www
useradd -r -g www www

安裝依賴

yum -y install wget make gcc gcc-c++ pcre openssl openssl-devel zlib unzip cmake ncurses-devel libjpeg libjpeg-devel libpng libpng-devel libxml2 libxml2-devel curl-devel libtool libtool-ltdl libtool-ltdl-devel libevent libevent-devel zlib-static zlib-devel autoconf pcre-devel gd perl freetype freetype-devel bzip2 bzip2-devel gmp-devel libc-client-devel libicu-devel libzip-devel ImageMagick-devel libsmbclient-devel

libzip-devel 這個依賴有版本要求，具體要看在編譯安裝php時的提示，版本太高需要利用cmake來編譯安裝

安裝Mysql8.0 - mysql-8.0.27-el7-x86_64.tar.gz

tar -xvzf mysql-8.0.27-el7-x86_64.tar.gz
mv mysql-8.0.27-el7-x86_64 /usr/local/mysql
mkdir /usr/local/mysql/data
chown -R www:www /usr/local/mysql
chmod -R 755 /usr/local/mysql

設置環境變量

touch /etc/profile.d/mysql.sh && echo 'export PATH=$PATH:/usr/local/mysql/bin' > /etc/profile.d/mysql.sh && source /etc/profile

初始化數據庫

mysqld --initialize --user=www --datadir=/usr/local/mysql/data --basedir=/usr/local/mysql

編輯MySQL配置文件

[mysqld]
    #datadir=/var/lib/mysql
    socket=/tmp/mysql.sock
    # Disabling symbolic-links is recommended to prevent assorted security risks
    symbolic-links=0
    # Settings user and group are ignored when systemd is used.
    # If you need to run mysqld under a different user or group,
    # customize your systemd unit file for mariadb according to the
    # instructions in http://fedoraproject.org/wiki/Systemd
    #
    
    datadir = /usr/local/mysql/data
    port = 3306
    #sql_mode = NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES
    max_connections = 600
    pid-file = /usr/local/mysql/mysql.pid
    
    character_set_server = utf8mb4
    collation_server = utf8mb4_general_ci
    #設置事務為讀已提交
    transaction_isolation = READ-COMMITTED
    #設置binlog日志格式
    binlog_format = ROW
    innodb_file_per_table = 1
    
    [mysqld_safe]
    #log-error=/var/log/mariadb/mariadb.log
    #pid-file=/var/run/mariadb/mariadb.pid
    
    log-error = /usr/local/mysql/error.log
    pid-file = /usr/local/mysql/mysql.pid
    user = www
    tmpdir = /tmp
    
    [client]
    default-character-set = utf8mb4
    
    [server]
    skip_name_resolve = 1
    innodb_buffer_pool_size = 128M
    innodb_buffer_pool_instances = 1
    innodb_flush_log_at_trx_commit = 2
    innodb_log_buffer_size = 32M
    innodb_max_dirty_pages_pct = 90
    tmp_table_size = 64M
    max_heap_table_size = 64M
    slow_query_log = 1
    slow_query_log_file = /usr/local/mysql/slow.log
    long_query_time = 1
    
    #
    # include all files from the config directory
    #
    !includedir /etc/my.cnf.d

初始化完成后，需要  利用 臨時密碼登錄mysql,修改root密碼

啟動MySQL

/etc/init.d/mysql start

配置開機自啟

cp /usr/local/mysql8/support-files/mysql.server /etc/init.d/mysql
chmod +x /etc/init.d/mysql
chkconfig --add mysql

安裝PHP8

./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-fpm-user=www --with-fpm-group=www --with-curl --enable-gd  --with-freetype --enable-mbstring --with-openssl --with-zip --with-zlib --with-pdo-mysql --with-bz2 --enable-intl --with-ldap --enable-ftp --with-imap --with-imap-ssl --enable-bcmath --with-gmp --enable-exif --with-kerberos --enable-fpm --enable-pcntl --enable-phar --with-jpeg --with-sodium --enable-exif

如果遇到安裝了libzip(符合所需的版本)，此時還報libzip的錯,則執行下面命令，然后再執行上一步

export PKG_CONFIG_PATH="/usr/local/lib/pkgconfig/"

make && make install
#如果在編譯時遇到 error adding symbols: DSO missing from command，則在Makefile文件的EXTRA_LIBS這一行末尾添加 -llber，然后再次make

創建配置文件

cp php.ini-x /usr/local/php/etc/php.ini
cd /usr/local/php/etc
cp php-fpm.conf.default php-fpm.conf
cd php-fpm.d
cp www.conf.default www.conf

修改網站的php-fpm配置文件

#下面幾行取消注釋
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin/:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp

編輯php-fpm服務文件 vim /etc/systemed/system/php-fpm.service

[Unit]    
Description=The php fastcgi process manager
After=syslog.target network.target
    
[Service]
Type=simple
PIDFile=/run/php-fpm.pid
ExecStart=/usr/local/php/sbin/php-fpm --nodaemonize --fpm-config /usr/local/php/etc/php-fpm.conf
ExecReload=/bin/kill -USR2 $MAINPID
ExecStop=/bin/kill -SIGINT $MAINPID

[Install]
WantedBy=multi-user.target

設置環境變量

touch /etc/profile.d/php.sh && echo 'export PATH=$PATH:/usr/local/php/bin' > /etc/profile.d/php.sh && source /etc/profile

設置開機啟動

systemctl daemon-reload
systemctl enable php-fpm.service

安裝PHP擴展:imagick、smbclient、redis，編譯完成后，在php.ini里載入這些擴展，然后重啟php-fpm

安裝nginx

./configure --prefix=/usr/local/nginx --user=www
make && make install

編輯服務文件 /etc/systemd/system/nginx.service

[Unit]
Description=nginx service
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s quit
PrivateTmp=true

[Install]
WantedBy=multi-user.target

設置開機啟動

systemctl daemon-reload
systemctl enable nginx.service

設置環境變量

touch /etc/profile.d/nginx.sh && echo 'export PATH=$PATH:/usr/local/nginx/sbin' > /etc/profile.d/nginx.sh && source /etc/profile

安裝redis , 編輯redis服務文件 /etc/init.d/redis

#!/bin/sh
#Configurations injected by install_server below....

EXEC=/usr/local/redis/src/redis-server
CLIEXEC=/usr/local/redis/src/redis-cli
PIDFILE=/var/run/redis_6379.pid
CONF="/usr/local/redis/redis.conf"
REDISPORT="6379"
###############
# SysV Init Information
# chkconfig: - 58 74
# description: redis_6379 is the redis daemon.
### BEGIN INIT INFO
# Provides: redis_6379
# Required-Start: $network $local_fs $remote_fs
# Required-Stop: $network $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Should-Start: $syslog $named
# Should-Stop: $syslog $named
# Short-Description: start and stop redis_6379
# Description: Redis daemon
### END INIT INFO

case "$1" in
    start)
        if [ -f $PIDFILE ]
        then
            echo "$PIDFILE exists, process is already running or crashed"
        else
            echo "Starting Redis server..."
            $EXEC $CONF
        fi
        ;;
    stop)
        if [ ! -f $PIDFILE ]
        then
            echo "$PIDFILE does not exist, process is not running"
        else
            PID=$(cat $PIDFILE)
            echo "Stopping ..."
            $CLIEXEC -p $REDISPORT shutdown
            while [ -x /proc/${PID} ]
            do
                echo "Waiting for Redis to shutdown ..."
                sleep 1
            done
            echo "Redis stopped"
        fi
        ;;
    status)
        PID=$(cat $PIDFILE)
        if [ ! -x /proc/${PID} ]
        then
            echo 'Redis is not running'
        else
            echo "Redis is running ($PID)"
        fi
        ;;
    restart)
        $0 stop
        $0 start
        ;;
    *)
        echo "Please use start, stop, restart or status as first argument"
        ;;
esac

設置開機啟動

chmod +x /etc/init.d/redis
chkconfig --add redis

部署nextcloud代碼，編輯nginx站點配置文件

https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html
如果不用https，把ssl相關去掉就好

SELinux配置

https://docs.nextcloud.com/server/21/admin_manual/installation/selinux_configuration.html

服務器調優

https://docs.nextcloud.com/server/21/admin_manual/installation/server_tuning.html

PHP配置內容緩存

https://docs.nextcloud.com/server/21/admin_manual/configuration_server/caching_configuration.html

注意事項

nginx 、php-fpm 、nextcloud代碼所在目錄都必須是統一用戶，否則會出現權限不足問題
SELinux 配置錯誤，也有可能出現權限不足的問題
redis 配置文件鎖定時，也需要將redis啟動用戶加入到web服務的用戶所在的用戶組里，否則也會出現無法鎖定問題

踩坑

nginx、apache+fpm 與 **nextcloud22.2.0**版本不兼容，不知道是我部署的過程有問題還是本身有BUG。
在fpm下，22.2.0版本重裝好幾次都沒成功，要么是樣式不正常，首次登陸404循環調整（apache），就是在菜單“照片”下/remote.php/dav/死循環跳轉，換了兩台機器去裝一樣沒解決，后面同樣的配置，21.0.5版本就沒什么問題。

 

記錄一下

還是太菜了，踩坑踩了，兩三天才搞好。。。