一、基礎環境准備
1、安裝一台centos7的linux服務器。
# 系統初始化 # 如果時區不對,請修改時區 #mv /etc/localtime /etc/localtime_bak #ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime # 修改selinux vi /etc/selinux/config SELINUX=disabled # 修改當前環境的selinux setenforce 0 # 關閉防火牆 systemctl stop firewalld systemctl disable firewalld iptables -F # 安裝基礎包 yum install -y net-tools vim lrzsz wget tree screen lsof tcpdump bash-completion.noarch ntp zip unzip git yum install -y gcc gcc-c++ libstdc++ make cmake curl bind-utils yum install -y epel-release yum-utils curl policycoreutils-python mlocate bzip2 # 時鍾同步 crontab -e */30 * * * * ntpdate ntp1.aliyun.com # 開機啟動時鍾同步 vim /etc/rc.local ntpdate ntp1.aliyun.com # 修改主機名 hostnamectl set-hostname cloud.139 # exit 退出重新登錄
2、安裝LNMP環境
安裝nginx
yum install gcc gcc-c++ autoconf automake make cmake zlib zlib-devel openssl openssl-devel pcre pcre-devel -y mkdir /data/apps/shell/software -p cd /data/apps/shell/software/ wget -c http://nginx.org/download/nginx-1.16.1.tar.gz wget -c http://labs.frickle.com/files/ngx_cache_purge-2.3.tar.gz git clone git://github.com/vozlt/nginx-module-vts.git useradd www -M -s /sbin/nologin tar xf nginx-1.16.1.tar.gz tar xf ngx_cache_purge-2.3.tar.gz cd nginx-1.16.1/ ./configure --prefix=/data/apps/nginx \ --user=www --group=www \ --with-http_ssl_module \ --with-http_stub_status_module \ --with-http_gzip_static_module \ --with-mail \ --with-mail_ssl_module \ --with-http_realip_module \ --with-stream \ --with-pcre \ --add-module=../ngx_cache_purge-2.3 \ --add-module=../nginx-module-vts make && make install vim /usr/lib/systemd/system/nginx.service [Unit] Description=nginx service After=network.target [Service] Type=forking ExecStart=/data/apps/nginx/sbin/nginx ExecReload=/data/apps/nginx/sbin/nginx -s reload ExecStop=/data/apps/nginx/sbin/nginx -s quit PrivateTmp=true [Install] WantedBy=multi-user.target
配置nginx
# 將默認的nginx.conf替換成我們的配置
# 新建vhost/cloud.conf
# 新建目錄,后續存放nextcloud的代碼。
mkdir /data/apps/web/nextcloud
# 編輯nginx配置
vim vhost/cloud.conf
server {
listen 80;
server_name localhost;
root html;
index index.js index.html index.htm index.php;
access_log /data/apps/nginx/logs/cloud.access.log;
error_log /data/apps/nginx/logs/cloud.error.log;
location / {
root /data/apps/web/nextcloud;
index index.html index.htm index.php;
try_files $uri $uri/ /index.php?$query_string;
}
error_page 500 502 503 504 /50x.html;
location ~ \.php$ {
send_timeout 120;
fastcgi_read_timeout 120;
fastcgi_connect_timeout 120;
fastcgi_send_timeout 120;
client_max_body_size 600m;
root /data/apps/web/nextcloud;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location = /50x.html {
root /data/apps/nginx/html;
}
}
安裝php
yum install php
php-devel php-pearphp-gmp php-zip php-xml php-gd php-mcrypt php-devel php-mysql php-gd php-bcmath php-pdo php-pecl-imagick php-fpm php-curl -y# 按照文檔安裝好php之后,修改配置 # 配置PHP-FPM vi /etc/php-fpm.d/www.conf # 將用戶和組都改為pi user = www group = www # 注意:php-fpm所監聽的端口為9000 listen = 127.0.0.1:9000 # 去掉下面幾行注釋 env[HOSTNAME] = $HOSTNAME env[PATH] = /usr/local/bin:/usr/bin:/bin env[TMP] = /tmp env[TMPDIR] = /tmp env[TEMP] = /tmp # 增加php內存 vi /etc/php.ini # 每個腳本可以消耗的時間,單位也是秒 max_input_time = 60 # 腳本運行最大消耗的內存 memory_limit = 1024M # 上載文件的最大許可大小 upload_max_filesize = 1024M # 在/var/lib目錄下為session路徑創建一個新的文件夾,並將用戶名和組設為nginx mkdir -p /var/lib/php/session chown www:www -R /var/lib/php/session/
重啟服務:
systemctl restart php-fpm
安裝mysql
yum install mysqld -y
配置mysql
# 創建nextcloud庫 create database nextcloud; # 賦予權限給linno用戶 grant all privileges on nextcloud.* to linno@'127.0.0.1'; # 刷新權限 flush privileges;
二、安裝nextcloud
去官網下載安裝包
官網下載地址:https://nextcloud.com/install/#instructions-server
有三種方式安裝,我們選擇壓縮包安裝。
下載安裝包
wget -c https://download.nextcloud.com/server/releases/nextcloud-18.0.4.zip
解壓
unzip nextcloud-18.0.4.zip mkdir -p /data/apps/web/ mv nextcloud /data/apps/web/
修改權限
chown -R www.www ./
瀏覽器訪問地址:http://172.16.143.139
默認會使用SQLite數據庫,所以我們需要修改數據為mysql。
點擊存儲與數據庫,點擊MySQL/MariaDB,切換到MySQL配置,輸入相關的配置信息。
三、修改配置
1、生成ssl證書
# openssl生成秘鑰 openssl req -new -x509 -days 365 -nodes -out /data/apps/nginx/conf/ssl/nextcloud.crt -keyout /data/apps/nginx/conf/ssl/nextcloud.key
下面是要輸入的一些參數
Generating a 2048 bit RSA private key ......+++ .............+++ writing new private key to '/data/apps/nginx/conf/ssl/nextcloud.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:cn State or Province Name (full name) []:guangdong Locality Name (eg, city) [Default City]:guangzhou Organization Name (eg, company) [Default Company Ltd]:doubles Organizational Unit Name (eg, section) []:doubles Common Name (eg, your name or your server's hostname) []:doubles Email Address []:doubles@doubles.com
2、創建nextcloud.conf
# cd /data/apps/nginx/conf/vhost
# 之前的移走 mv cloud.conf cloud.conf_2020042902 vim nextcloud.conf
下面為nextcloud.conf的配置,主要替換了ssl證書的路徑,與root目錄的路徑
upstream php-handler {
server 127.0.0.1:9000;
#server unix:/var/run/php5-fpm.sock;
}
server {
listen 80;
server_name localhost;
# enforce https
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 443 ssl;
server_name localhost;
ssl_certificate /data/apps/nginx/conf/ssl/nextcloud.crt;
ssl_certificate_key /data/apps/nginx/conf/ssl/nextcloud.key;
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
add_header Strict-Transport-Security "max-age=15768000;
includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Path to the root of your installation
#root /usr/share/nginx/html/nextcloud/;
root /data/apps/web/nextcloud/;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
# last;
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
# set max upload size
client_max_body_size 10240M; # 上傳文件最大限制,php.ini中也要修改,最后優化時會提及。
fastcgi_buffers 64 4K;
# Disable gzip to avoid the removal of the ETag header
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location / {
rewrite ^ /index.php$uri;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
#Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js and css files
# Make sure it is BELOW the PHP block
location ~* \.(?:css|js)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=7200";
# Add headers to serve security related headers (It is intended to
# have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read into
# this topic first.
add_header Strict-Transport-Security "max-age=15768000;includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Optional: Don't log access to assets
access_log off;
}
location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
# Optional: Don't log access to other assets
access_log off;
}
}
重載配置
/data/apps/nginx/sbin/nginx -t /data/apps/nginx/sbin/nginx -s reload
四、查看web頁面
登錄后如下:
搭建成功.
如果要使用移動端,可以去應用市場下載nextcloud 的移動app,連接上該地址。