Nextcloud私有云盘在Centos7下的部署笔记
搭建我的云存储通常会想到ownCloud,堪称是自建云存储服务的经典。而Nextcloud是ownCloud原开发团队打造的号称是“下一代”存储。初一看以为“口气”不小,刚推出来就从新“定义”了Cloud,真正试用事后就由衷地赞同这个Nextcloud:它是我的云存储服务的绝佳选择。能够说Nextcloud 是一款自由 (开源) 的类 Dropbox 软件,由 ownCloud 分支演化造成。它使用 PHP 和 JavaScript 编写,支持多种数据库系统,好比 MySQL/MariaDB、PostgreSQL、Oracle 数据库和 SQLite。它可使你的桌面系统和云服务器中的文件保持同步,Nextcloud 为 Windows、Linux、Mac、安卓以及苹果手机都提供了客户端支持。同时,Nextcloud 也并不是只是 Dropbox 的克隆,它还提供了不少附加特性,如日历、联系人、计划任务以及流媒体 Ampache。php
与ownCloud相比,Nextcloud的功能丝毫没有减弱,甚至因为能够安装云存储服务应用,自制性更强,也更符合用户的需求。Nextcloud官网的帮助文档写得至关地详细,几乎任何关于Nextcloud的问题均可以找到答案,这说明Nextcloud开发团队确实比ownCloud更加优秀。css
一开始觉得Nextcloud只是一个网盘云存储,后来看到Nextcloud内置了Office文档、图片相册、日历联系人、两步验证、文件管理、RSS阅读等丰富的应用,我发现Nextcloud已经仅仅能够用做我的或者团队存储与共享,还能够打形成为一个我的办公平台,几乎至关于一个我的的Dropbox了。html
如下内容将介绍如何在 CentOS 7 服务器中安装和配置最新版本的 Nextcloud 12,而且会经过 Nginx 和 PHP7-FPM 来运行 Nextcloud,同时使用 MariaDB 作为数据库系统。废话很少说了,直接看部署笔记:node
部署机器的系统是Centos7.4版本 [root@nextcloud-server ~]# cat /etc/redhat-release CentOS Linux release 7.4.1708 (Core) 1、安装并配置Nginx和php-fpm ================================================================ 将自带的epel、nginx、php所有卸载(rpm -e ... --nodeps) [root@nextcloud-server ~]# rpm -qa|grep php [root@nextcloud-server ~]# rpm -qa|grep php-common [root@nextcloud-server ~]# rpm -qa|grep nginx =============================================================== CentOS默认的yum源中并不包含Nginx和php-fpm,首先要为CentOS添加epel源: [root@nextcloud-server ~]# yum -y install epel-release [root@nextcloud-server ~]# yum -y install nginx 须要再添加一个yum源来安装php-fpm,可使用webtatic(这个yum源对国内网络来讲恐怕有些慢,固然你也能够选择其它的yum源) [root@nextcloud-server ~]# rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm 安装php7-fpm和一些其它的必要的组件 [root@nextcloud-server ~]# yum -y install php70w-fpm php70w-cli php70w-gd php70w-mcrypt php70w-mysql php70w-pear php70w-xml php70w-mbstring php70w-pdo php70w-json php70w-pecl-apcu php70w-pecl-apcu-devel 完成后,检查一下php-fpm是否已正常安装 [root@nextcloud-server ~]# php -v PHP 7.0.25 (cli) (built: Oct 29 2017 13:43:03) ( NTS ) Copyright (c) 1997-2017 The PHP Group Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies 配置php-fpm [root@nextcloud-server ~]# vim /etc/php-fpm.d/www.conf ..... user = nginx //将用户和组都改成nginx group = nginx ..... listen = 127.0.0.1:9000 //php-fpm所监听的端口为9000 ...... env[HOSTNAME] = $HOSTNAME //去掉下面几行注释 env[PATH] = /usr/local/bin:/usr/bin:/bin env[TMP] = /tmp env[TMPDIR] = /tmp env[TEMP] = /tmp 在/var/lib目录下为session路径建立一个新的文件夹,并将用户名和组设为nginx [root@nextcloud-server ~]# mkdir -p /var/lib/php/session [root@nextcloud-server ~]# chown nginx:nginx -R /var/lib/php/session/ [root@nextcloud-server ~]# ll -d /var/lib/php/session/ drwxr-xr-x. 2 nginx nginx 4096 1月 25 09:47 /var/lib/php/session/ 启动Nginx和php-fpm服务,并添加开机启动 [root@nextcloud-server ~]# systemctl start php-fpm [root@nextcloud-server ~]# systemctl start nginx [root@nextcloud-server ~]# systemctl enable php-fpm [root@nextcloud-server ~]# systemctl enable nginx 2、安装并配置MariaDB 使用MaraiDB做为Nextcloud数据库。yum安装MaraiDB服务 [root@nextcloud-server ~]# yum -y install mariadb mariadb-server 启动MariaDB服务并添加开机启动 [root@nextcloud-server ~]# systemctl start mariadb [root@nextcloud-server ~]# systemctl enable mariadb 接下来设置MariaDB的root密码 [root@nextcloud-server ~]# mysql_secure_installation //按照提示设置密码,首先会询问当前密码,密码默认为空,直接回车便可 Enter current password for root (enter for none): //直接回车 Set root password? [Y/n] Y New password: //输入新密码 Re-enter new password: //再次输入新密码 Remove anonymous users? [Y/n] Y Disallow root login remotely? [Y/n] Y Remove test database and access to it? [Y/n] Y Reload privilege tables now? [Y/n] Y ============================================================================================== 或者采用另外一种修改密码的方式:跳过受权表 1)在/etc/my.cnf文件里添加"skip-grant-tables" 2)重启mariadb服务 3)无密码登录mariadb,而后重置mysql密码 MariaDB [(none)]> update mysql.user set password=password("kevin@123") where user="root"; 4)去掉/etc/my.cnf文件里的"skip-grant-tables"内容 5)重启mariadb服务 6)这样就可使用上面重置的新密码kevin@123登录mariadb了 ============================================================================================== 设置完MariaDB的密码后,使用命令行登陆MariaDB,并为Nextcloud建立相应的用户和数据库。 例如数据库为nextcloud_db,用户为nextclouduser,密码为nextcloudpasswd: [root@nextcloud-server ~]# mysql -p ...... MariaDB [(none)]> create database nextcloud_db; MariaDB [(none)]> create user nextclouduser@localhost identified by 'nextcloudpasswd'; MariaDB [(none)]> grant all privileges on nextcloud_db.* to nextclouduser@localhost identified by 'nextcloudpasswd'; MariaDB [(none)]> flush privileges; 3、为Nextcloud生成自签名SSL证书 为SSL证书建立一个新的文件夹: [root@nextcloud-server ~]# cd /etc/nginx/cert/ [root@nextcloud-server cert]# openssl req -new -x509 -days 365 -nodes -out /etc/nginx/cert/nextcloud.crt -keyout /etc/nginx/cert/nextcloud.key ..... Country Name (2 letter code) [XX]:cn //国家 State or Province Name (full name) []:beijing //省份 Locality Name (eg, city) [Default City]:beijing //地区名字 Organization Name (eg, company) [Default Company Ltd]:kevin //公司名 Organizational Unit Name (eg, section) []:Technology //部门 Common Name (eg, your name or your server's hostname) []:kevin //CA主机名 Email Address []:kevin@wangshibo.cn 而后将证书文件的权限设置为660 [root@nextcloud-server cert]# chmod 700 /etc/nginx/cert [root@nextcloud-server cert]# chmod 600 /etc/nginx/cert/* 4、下载并安装Nextcloud [root@nextcloud-server ~]# yum -y install wget unzip [root@nextcloud-server ~]# cd /usr/local/src/ [root@nextcloud-server src]# wget https://download.nextcloud.com/server/releases/nextcloud-12.0.4.zip [root@nextcloud-server src]# unzip nextcloud-12.0.4.zip [root@nextcloud-server src]# ls nextcloud nextcloud-12.0.4.zip [root@nextcloud-server src]# mv nextcloud /usr/share/nginx/html/ 进入Nginx的root目录,并为Nextcloud建立data目录,将Nextcloud的用户和组修改成nginx [root@nextcloud-server src]# cd /usr/share/nginx/html/ [root@nextcloud-server html]# mkdir -p nextcloud/data/ [root@nextcloud-server html]# chown nginx:nginx -R nextcloud/ [root@nextcloud-server html]# ll -d nextcloud drwxr-xr-x. 15 nginx nginx 4096 1月 24 17:04 nextcloud 5、设置Nginx虚拟主机 进入Nginx的虚拟主机配置文件所在目录并建立一个新的虚拟主机配置(记得修改两个server_name为本身的域名): [root@nextcloud-server ~]# cd /etc/nginx/conf.d/ [root@nextcloud-server conf.d]# vim nextcloud.conf upstream php-handler { server 127.0.0.1:9000; #server unix:/var/run/php5-fpm.sock; } server { listen 80; server_name nextcloud.kevin-inc.com; # enforce https return 301 https://$server_name$request_uri; } server { listen 443 ssl; server_name nextcloud.kevin-inc.com; ssl_certificate /etc/nginx/cert/nextcloud.crt; ssl_certificate_key /etc/nginx/cert/nextcloud.key; # Add headers to serve security related headers # Before enabling Strict-Transport-Security headers please read into this # topic first. add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; # Path to the root of your installation root /usr/share/nginx/html/nextcloud/; location = /robots.txt { allow all; log_not_found off; access_log off; } # The following 2 rules are only needed for the user_webfinger app. # Uncomment it if you're planning to use this app. #rewrite ^/.well-known/host-meta /public.php?service=host-meta last; #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json # last; location = /.well-known/carddav { return 301 $scheme://$host/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host/remote.php/dav; } # set max upload size client_max_body_size 512M; fastcgi_buffers 64 4K; # Disable gzip to avoid the removal of the ETag header gzip off; # Uncomment if your server is build with the ngx_pagespeed module # This module is currently not supported. #pagespeed off; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location / { rewrite ^ /index.php$uri; } location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { deny all; } location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { deny all; } location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) { include fastcgi_params; fastcgi_split_path_info ^(.+\.php)(/.*)$; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param HTTPS on; #Avoid sending the security headers twice fastcgi_param modHeadersAvailable true; fastcgi_param front_controller_active true; fastcgi_pass php-handler; fastcgi_intercept_errors on; fastcgi_request_buffering off; } location ~ ^/(?:updater|ocs-provider)(?:$|/) { try_files $uri/ =404; index index.php; } # Adding the cache control header for js and css files # Make sure it is BELOW the PHP block location ~* \.(?:css|js)$ { try_files $uri /index.php$uri$is_args$args; add_header Cache-Control "public, max-age=7200"; # Add headers to serve security related headers (It is intended to # have those duplicated to the ones above) # Before enabling Strict-Transport-Security headers please read into # this topic first. add_header Strict-Transport-Security "max-age=15768000;includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; # Optional: Don't log access to assets access_log off; } location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ { try_files $uri /index.php$uri$is_args$args; # Optional: Don't log access to other assets access_log off; } } 接下来测试如下配置文件是否有错误,确保没有问题后重启Nginx服务。 [root@nextcloud-server conf.d]# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful [root@nextcloud-server conf.d]# systemctl restart nginx 6、为Nextcloud设置Firewalld防火墙和SELinux 能够选择关闭Firewalld和SELinux [root@nextcloud-server ~]# systemctl stop firewalld [root@nextcloud-server ~]# systemctl disable firewalld [root@nextcloud-server ~]# setenforce 0 [root@nextcloud-server ~]# getenforce disable [root@nextcloud-server ~]# cat /etc/sysconfig/selinux ...... SELINUX=disabled 若是打开了防火墙,则须要设置Firewalld和SELinux 首先须要安装SElinux管理工具policycoreutils-python [root@nextcloud-server ~]# yum -y install policycoreutils-python 接着设置SELinux [root@nextcloud-server ~]# semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/nextcloud/data(/.*)?' [root@nextcloud-server ~]# semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/nextcloud/config(/.*)?' [root@nextcloud-server ~]# semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/nextcloud/apps(/.*)?' [root@nextcloud-server ~]# semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/nextcloud/assets(/.*)?' [root@nextcloud-server ~]# semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/nextcloud/.htaccess' [root@nextcloud-server ~]# semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/nextcloud/.user.ini' [root@nextcloud-server ~]# restorecon -Rv '/usr/share/nginx/html/nextcloud/' 接下来设置Firewlld防火墙,为Nextcloud开放http和https两个端口 [root@nextcloud-server ~]# systemctl start firewalld [root@nextcloud-server ~]# systemctl enable firewalld [root@nextcloud-server ~]# firewall-cmd --permanent --add-service=http [root@nextcloud-server ~]# firewall-cmd --permanent --add-service=https [root@nextcloud-server ~]# firewall-cmd --reload 7、安装Nextcloud 解析上面nginx中配置的域名nextcloud.kevin-inc.com,访问访问http://nextcloud.veredholdings-inc.com进行Nextcloud界面安装(访问http域名会自动跳转到https,安装提示安装便可!)
==================NextCloud安全与性能优化==================python
这种提示通常在NextCloud的服务器管理中能够看到,建议缓存类的直接安装一个便可,安装多了也没有什么用。 为了Nextcloud服务的安全和性能, 请将全部设置配置正确. PHP 模块 ‘fileinfo’ 缺失. 咱们强烈建议启用此模块以便在 MIME 类型检测时得到最准确的结果. HTTP 请求头 “Strict-Transport-Security” 没有配置为至少 “15552000” 秒. 出于加强安全性考虑, 推荐按照安全提示中的说明启用HSTS. 内存缓存未配置. 若是可用, 请配置 memcache 以加强性能. 更多信息请查看咱们的文档. PHP 的组件 OPcache 没有正确配置. 为了提供更好的性能, 咱们建议在php.ini文件中使用下列设置: opcache.enable=1 opcache.enable_cli=1 opcache.interned_strings_buffer=8 opcache.max_accelerated_files=10000 opcache.memory_consumption=128 opcache.save_comments=1 opcache.revalidate_freq=1
==================NextCloud添加Memcached缓存==================mysql
修改程序目录下的config目录中的config.php文件,在配置文件中添加以下,这个是多个Memcached实例,单个本身改: 'memcache.local' => '\OC\Memcache\APCu', 'memcache.distributed' => '\OC\Memcache\Memcached', 'memcached_servers' => array( array('localhost', 11211), array('server1.example.com', 11211), array('server2.example.com', 11211), ),
==================NextCloud添加Redis缓存==================linux
在配置文件中添加以下,这个是经过TCP链接的: 'memcache.local' => '\OC\Memcache\Redis', 'redis' => array( 'host' => 'localhost', 'port' => 6379, ), 还有性能更好的UNIX链接: 'memcache.local' => '\OC\Memcache\Redis', 'redis' => array( 'host' => '/var/run/redis/redis.sock', 'port' => 0, 'dbindex' => 0, 'password' => 'secret', 'timeout' => 1.5, ), 同时,官方还推荐加入以下,来用于存储文件锁: 'memcache.locking' => '\OC\Memcache\Redis',
========Nextcloud的邮件发信设置========
Nextcloud发送邮件信息的前提:每一个用户(包括管理员)都要事先设置好本身的邮箱地址!
1)使用管理员帐号登录Nextcloud。点击右上角的设置图标里的"管理"-"其余设置"nginx
前提是管理员(admin)要事先设置好本身的邮箱地址。以下设置好邮箱地址后,按Enter键后就会显示一个"对勾"web
知足条件:ajax
1)在admin登录后的"管理"->"其余设置"的后台里配置好"电子邮件服务器"(配置后能够测试发送邮件是否成功,前提是admin也要事先配置好本身的邮箱地址) 2)各用户建立并登录后,要记得配置各自的邮箱地址。好比wangshibo用户登陆后,配置本身的邮箱地址 3)在分享文件的时候,只要使用对方帐号名进行分享,对方邮箱里就会收到一封分享信息的邮件!
以下,在admin帐号下分享Nextcloud Manual.pdf这个文件给wangshibo用户
而后登录wangshibo用户,就会发现Nextcloud Manual.pdf文件已经分享过来了
登录wangshibo帐号配置的邮箱,就会发现有上面分享的邮件信
也能够在文件来源方取消分享
***************当你发现本身的才华撑不起野心时,就请安静下来学习吧***************
转:http://www.cnblogs.com/kevingrace/p/8343060.html
相关文章
- 1. Nextcloud私有云盘在Centos7下的部署笔记
- 2. 部署nextcloud私有云盘
- 3. nextcloud私有云盘的部署
- 4. Nextcloud私有云部署
- 5. 部署Nextcloud私有云
- 6. CentOS7 搭建nextcloud私有云盘
- 7. CentOS7搭建nextcloud建立私有云盘
- 8. CentOS7搭建Nextcloud私有云
- 9. nextcloud——搭建私有云盘
- 10. 搭建私有云盘-NextCloud
- 更多相关文章...
- • Maven 自动化部署 - Maven教程
- • ionic 头部与底部 - ionic 教程
- • Tomcat学习笔记(史上最全tomcat学习笔记)
- • 使用阿里云OSS+CDN部署前端页面与加速静态资源
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. CVPR 2020 论文大盘点-光流篇
- 2. Photoshop教程_ps中怎么载入图案?PS图案如何导入?
- 3. org.pentaho.di.core.exception.KettleDatabaseException:Error occurred while trying to connect to the
- 4. SonarQube Scanner execution execution Error --- Failed to upload report - 500: An error has occurred
- 5. idea 导入源码包
- 6. python学习 day2——基础学习
- 7. 3D将是页游市场新赛道?
- 8. osg--交互
- 9. OSG-交互
- 10. Idea、spring boot 图片(pgn显示、jpg不显示)解决方案
欢迎关注本站公众号,获取更多信息
