nextcloud 搭建

浏览:123
jackios 2020-09-02 17:08

一)#install start download

cd /usr/loacal/src
wget  https://download.nextcloud.com/server/releases/nextcloud-13.0.2.tar.bz2
tar -jxf nextcloud-13.0.2.tar.bz2
mkdir -p /data/www
mv nextcloud  /data/www
chown -R nginx.  /data/www/nextcloud
mkdir -p  /data/cdata
useradd -s /sbin/nologin/ nginx -M
chown -R nginx.  /data/cdata
安装nginx 源码编译的依赖
 yum  install gcc--c++  pcre pcre-devel zlib zlib-devel op
enssl openssl-devel -y

./configure --prefix=/usr/local/nginx --pid-path
=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock --error-log-path=/va
r/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --with-http_gzi
p_static_module --http-client-body-temp-path=/var/temp/nginx/client --http-prox
y-temp-path=/var/temp/nginx/proxy --http-fastcgi-temp-path=/var/temp/nginx/fast
cgi --http-uwsgi-temp-path=/var/temp/nginx/uwsgi --http-scgi-temp-path=/var/tem
--with-http_ssl_module 
p/nginx/scgi
创建nginx temp目录
nkdir -p /var/temp/nginx
make  install

启动 nginx
/usr/local/nginx/sbin/nginx


二)#install mariadb

yum install mariadb mariadb-server -y
echo >> /etc/my.cnf<<EOF
[client]
default-character-set=utf8mb64
[mysql]
default-character-set=utf8mb64
[mysqld]
character-set-server=utf8mb64
collection-server=utf8mb64_unicode_cli
innodb_large_prefix=ON
innodb_file_format=Barracuda
innodb_file_per_table=ON
innodb_file_per_table=1
default-storage-engine = INNODB
EOF
初始化设置
/usr/bin/mysql_install_db  --user=mysql --datadir=/var/lib/mysql
开启mysql服务
systemctl restart mariadb
创建数据库
create database nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci; 
授权操作
grant all privileges on nextcloud.* to "nextcloud"@"%"  identified by "nextcloud";
grant all privileges on nextcloud.* to "nextcloud"@"localhost"  identified by "nextcloud";
刷新权限
flush  privileges;


三)#安装php及其nextclound需要的包

#安装php及其nextclound需要的包
首先安装 remi
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
wget https://rpms.remirepo.net/enterprise/remi-release-7.rpm
rpm -Uvh remi-release-7.rpm epel-release-latest-7.noarch.rpm
subscription-manager repos --enable=rhel-6-server-optional-rpms
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
yum -y install php70w-fpm php70w-cli php70w-opcache php70w-gd php70w-mcrypt php70w-mysql php70w-pear php70w-xml php70w-mbstring php70w-pdo php70w-json php70w-pecl-apcu php70w-pecl-apcu-devel
验证php7的版本
php -v
配置php-fpm
sed -i "/^user =/s/apache/nginx/g" /etc/php-fpm.d/www.conf

sed -i '/^ugroup  =/s/apache/nginx/g' /etc/php-fpm.d/www.conf 
#vim /etc/php-fpm.d/www.conf 
user = nginx 
group = nginx   #在第8行和第10行,user和group赋值为nginx。
listen = 127.0.0.1:9000   #在第 22 行,确保 php-fpm 运行在指定端口。

env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp         #取消第366-370行的注释,启用php-fpm的系统环境变量。

#更改授权用户
mkdir -p /var/lib/php/session 
chown nginx:nginx -R /var/lib/php/session/
然后启动php-fpm和nginx 并且将他们设置为开机启动
systemctl start php-fpm 
systemctl start nginx 
systemctl enable php-fpm 
systemctl enable nginx


四)nginx的配置

vim  vhost/*.conf
upstream php-handler {
        server 127.0.0.1:9000;
        }
    server {
        listen       80;
        server_name  localhost;
        add_header Referrer-Policy "no-referrer" always;
        add_header X-Frame-Options "SAMEORIGIN" always;
        add_header X-Permitted-Cross-Domain-Policies "none" always;
        add_header X-Robots-Tag "none" always;
        add_header X-XSS-Protection "1; mode=block" always;
        # Remove X-Powered-By, which is an information leak
        fastcgi_hide_header X-Powered-By;
        root /data/www/nextcloud;

        location = /robots.txt {
            allow all;
            log_not_found off;
            access_log off;
        }

        location = /.well-known/carddav {
          return 301 $scheme://$host:$server_port/remote.php/dav;
        }
        location = /.well-known/caldav {
          return 301 $scheme://$host:$server_port/remote.php/dav;
        }




        location / {
             rewrite ^ /index.php;
        }

        location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
            deny all;
        }
        location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
            deny all;
        }                                                                                                                      
                                                                                                                               
        error_page   500 502 503 504  /50x.html;                                                                               
        location = /50x.html {                                                                                                 
            root   html;                                                                                                       
        }                                                                                                                      
                                                                                                                               
                                                                                                                               
            root /data/www/nextcloud;                                                                                          
            fastcgi_pass 127.0.0.1:9000;                                                                                       
            fastcgi_index index.php;                                                                                           
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;                                                  
            fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;                                                                       
            fastcgi_param PATH_INFO $fastcgi_path_info;                                                                        
            include fastcgi_params;                                                                                            
        }                                                                                                                      
                                                                                                                               
    #    location ~ \.php$ {                                                                                                   
    #        if (!-e $request_filename) {                                                                                      
    #               rewrite ^/(.*)$ /index.php/$1 last;                                                                        
    #        }                                                                                                                 
    #        root           /usr/local/nginx/html/nextcloud;                                                                   
    #        fastcgi_pass   127.0.0.1:9000;                                                                                    
    #        fastcgi_index  index.php;                                                                                         
    #        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;                                               
    #        include        fastcgi_params;                                                                                    
    #    }                                                                                                                     
         location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {                                                                   
              try_files $uri/ =404;                                                                                            
              index index.php;                                                                                                 
            add_header Cache-Control "public, max-age=15778463";                                                               
            # Add headers to serve security related headers (It is intended to                                                 
            # have those duplicated to the ones above)                                                                         
            # Before enabling Strict-Transport-Security headers please read into                                               
            # this topic first.                                                                                                
            #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;                      
            #                                                                                                                  
            # WARNING: Only add the preload option once you read about                                                         
            # the consequences in https://hstspreload.org/. This option                                                        
            # will add the domain to a hardcoded list that is shipped                                                          
            # in all major browsers and getting removed from this list                                                         
            # could take several months.                                                                                       
            add_header Referrer-Policy "no-referrer" always;                                                                   
            add_header X-Content-Type-Options "nosniff" always;                                                                
            add_header X-Download-Options "noopen" always;
            add_header X-Frame-Options "SAMEORIGIN" always;                                                                    
            add_header X-Permitted-Cross-Domain-Policies "none" always;                                                        
            add_header X-Robots-Tag "none" always;                                                                             
            add_header X-XSS-Protection "1; mode=block" always;                                                                
                                                                                                                               
            # Optional: Don't log access to assets                                                                             
            access_log off;                                                                                                    
         }                                                                                                                     
        location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ {                                                           
            try_files $uri /index.php$request_uri;                                                                             
            # Optional: Don't log access to other assets                                                                       
            access_log off;                                                                                                    
        }                                                                                                                      
                                                                                                                               
        # set max upload size                                                                                                  
        client_max_body_size 512M;                                                                                             
        fastcgi_buffers 64 4K;                                                                                                 
        # Enable gzip but do not remove ETag headers                                                                           
        gzip on;                                                                                                               
        gzip_vary on;                                                                                                          
        gzip_comp_level 4;                                                                                                     
        gzip_min_length 256;                                                                                                   
        gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;                                          
        gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml
 application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml applicat
ion/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt
 text/x-component text/x-cross-domain-policy;
    }

如果觉得我的文章对你有用,请随意赞赏

待完善
不要去追一匹马,用追马的时间种草,待到春暖花开时,就会有一批骏马任你挑选;不要去刻意巴结一个人,用暂时没有朋友的时间,去提升自己的能力,待到时机成熟时,就会有一批的朋友与你行。用人情做出来的朋友只是暂时的,用人格吸引来的朋友才是长久的。所以种下梧桐树,引得凤凰来。你若盛开,蝴蝶自来,你若精彩,天自安排
微信扫码登录测试

Powered by Jackios V1.0 Copyright © 2019-2020 liuql 版权所有 备案号: 鲁ICP19026293号