nextcloud——搭建私有云盤

最新版nextcloud需要php7.2以上的版本，所以以下是基於Centos6使用yum快速安裝PHP7.2的方法，MySQL和Nginx不做演示

1. 安裝yum擴展源

yum install -y epel-release

2. 安裝Remi源（包含最新的PHP和mysql）

yum install http://rpms.remirepo.net/enterprise/remi-release-6.rpm

3.安裝yum-utils

yum install -y yum-utils

4. 指定安裝php版本

yum-config-manager --enable remi-php72

5. 安裝php7.2

yum -y install php-fpm php-cli php-gd php-mcrypt php-mysql php-pear php-xml php-mbstring php-pdo php-json php-pecl-apcu php-pecl-apcu-devel

6. 檢查安裝是否成功

[root@oms cert]# php -v
PHP 7.2.19 (cli) (built: May 29 2019 11:20:29) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
    with Zend OPcache v7.2.19, Copyright (c) 1999-2018, by Zend Technologies

7. 編輯php-fpm

vim /etc/php-fpm.d/www.conf
修改內容如下：
user = nginx                         ##將用戶和組都改爲nginx的用戶
group = nginx
env[HOSTNAME] = $HOSTNAME                     ##去掉下面幾行註釋
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp

8. 在/var/lib目錄下爲session路徑創建一個新的文件夾，並將用戶名和組設爲nginx

mkdir -p /var/lib/php/session
chown nginx:nginx -R /var/lib/php/session/

9. 啓動Nginx和php-fpm服務，並添加開機啓動

systemctl start php-fpm
systemctl start nginx
systemctl enable php-fpm
systemctl enable nginx

10. 連接mysql創建數據庫和數據庫賬戶

MariaDB [(none)]> create database nextcloud;          
MariaDB [(none)]> create user nextcloud@localhost identified by '123456';
MariaDB [(none)]> grant all privileges on nextcloud.* to nextcloud@localhost 
MariaDB [(none)]> flush privileges;

11. 生成ssl證書，此處爲自簽名證書(備註：也可以前往證書網站申請如：freessl)

mkdir nginx/cert    ##在nginx安裝目錄下創建cert，yum安裝時爲/etc/nginx/
cd nginx/cert/   
openssl req -new -x509 -days 365 -nodes -out ./nextcloud.crt -keyout ./nextcloud.key

根據個人情況填寫證書

Country Name (2 letter code) [XX]:cn                           ##國家
State or Province Name (full name) []:shanghai                       ##省份
Locality Name (eg, city) [Default City]:shanghai                      ##地區名字
Organization Name (eg, company) [Default Company Ltd]:sswl                 ##公司名
Organizational Unit Name (eg, section) []:IT                    ##部門
Common Name (eg, your name or your server's hostname) []:nextcloud             ## CA主機名
Email Address []:[email protected] 

修改證書權限：

chmod 700 /etc/nginx/cert
chmod 600 /etc/nginx/cert/*

12. 下載並安裝Nextcloud

• nextcloud官方下載網址：https://download.nextcloud.com/server/releases/

wget https://download.nextcloud.com/server/releases/nextcloud-16.0.1.tar.bz2
tar jxvf nextcloud-16.0.1.tar.bz2
mv nextcloud /data/

13. 爲Nextcloud創建data目錄，將Nextcloud的用戶和組修改爲nginx

mkdir -p nextcloud/data/
chown nginx:nginx -R nextcloud/

14. 配置Nginx虛擬主機

nginx主配置文件可以參考如下：

user nginx nginx;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;

events
{   
    use epoll;
    worker_connections 6000;
}

http
{
    include mime.types;
    default_type application/octet-stream;
    server_names_hash_bucket_size 3526;
    server_names_hash_max_size 4096;
    log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
    ' $host "$request_uri" $status'
    ' "$http_referer" "$http_user_agent"';
    sendfile on;
    tcp_nopush on;
    keepalive_timeout 30;
    client_header_timeout 3m;
    client_body_timeout 3m;
    send_timeout 3m;
    connection_pool_size 256;
    client_header_buffer_size 1k;
    large_client_header_buffers 8 4k;
    request_pool_size 4k;
    output_buffers 4 32k;
    postpone_output 1460;
    client_max_body_size 10m;
    client_body_buffer_size 256k;
    client_body_temp_path /usr/local/nginx/client_body_temp;
    proxy_temp_path /usr/local/nginx/proxy_temp;
    fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
    fastcgi_intercept_errors on;
    tcp_nodelay on;
    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 8k;
    gzip_comp_level 5;
    gzip_http_version 1.1;
    gzip_types text/plain application/x-javascript text/css text/htm
    application/xml;
    include vhost/*.conf;
}

創建並添加nextcloud的配置文件

vim nginx/conf/vhost/nextcloud.conf
內容如下：
upstream php-handler {
    server 127.0.0.1:9000;
    }
    server {
    listen 80;
    listen 443 ssl;
    server_name  localhost;
    ssl_certificate /usr/local/nginx/cert/nextcloud.pem;     ##證書文件路徑，後綴自建爲crt，此處爲freessl申請的證書
    ssl_certificate_key /usr/local/nginx/cert/nextcloud.key;
    add_header Strict-Transport-Security "max-age=15768000;
    includeSubDomains; preload;";
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;

    root /data/nextcloud/;
    if ( $scheme != "https" ) {
        return 301 https://$host$request_uri;
            }

    location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
    }

    location = /.well-known/carddav {
    location = /.well-known/caldav {
    return 301 $scheme://$host/remote.php/dav;
    }
    client_max_body_size 512M;
    fastcgi_buffers 64 4K;
    gzip off;

    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;

    location / {
    rewrite ^ /index.php$uri;
    }

    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
    deny all;
    }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
    deny all;
    }
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param HTTPS on;
    fastcgi_param modHeadersAvailable true;
    fastcgi_param front_controller_active true;
    fastcgi_pass php-handler;
    fastcgi_intercept_errors on;
    fastcgi_request_buffering off;
    fastcgi_buffers 8 128k;
    fastcgi_buffer_size 128k;
    fastcgi_busy_buffers_size 256k;
    fastcgi_temp_file_write_size 256k;
        fastcgi_connect_timeout 300s;
        fastcgi_send_timeout 300s;
        fastcgi_read_timeout 300s;
    }
    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
    try_files $uri/ =404;
    index index.php;
    }
    location ~* \.(?:css|js)$ {
    try_files $uri /index.php$uri$is_args$args;
    add_header Cache-Control "public, max-age=7200";
    add_header Strict-Transport-Security "max-age=15768000;includeSubDomains; preload;";
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
    access_log off;
    }
    location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
    try_files $uri /index.php$uri$is_args$args;
    access_log off;
    }
}

15. 檢測配置是否正確並重新加載配置

nginx -t && nginx -s reload

16. 遊覽器登錄，根據提示安裝nextcloud即可。