Maybe你想在查看本文前先了解下 Nextcloud ?
目錄
一、配置服務器環境
1.1 bling bling bling 的全新服務器
#安裝 vim
apt-get install vim
#改用網易的鏡像源
vim /etc/apt/sources.list
#替換爲如下內容
deb http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse
#軟件更新
apt-get update && apt-get upgrade
1.2 磁盤分區和掛載
#查看磁盤分區和掛載情況
root@www:~# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
fd0 2:0 1 4K 0 disk
sda 8:0 0 20G 0 disk
└─sda1 8:1 0 20G 0 part /
sdb 8:16 0 140G 0 disk
sr0 11:0 1 1024M 0 rom
#磁盤分區
root@www:~# fdisk /dev/sdb
Welcome to fdisk (util-linux 2.31.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0xc4ccd268.Command (m for help): g
Created a new GPT disklabel (GUID: 1B8CC428-A657-764A-8F2B-112D960E0ECF).
Command (m for help): n
Partition number (1-128, default 1):
First sector (2048-293601246, default 2048):
Last sector, +sectors or +size{K,M,G,T,P} (2048-293601246, default 293601246): +100GCreated a new partition 1 of type 'Linux filesystem' and of size 100 GiB.
Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.
#查看分區和掛載情況
root@www:~# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
fd0 2:0 1 4K 0 disk
sda 8:0 0 20G 0 disk
└─sda1 8:1 0 20G 0 part /
sdb 8:16 0 140G 0 disk
└─sdb1 8:17 0 100G 0 part
sr0 11:0 1 1024M 0 rom
#安裝 xfsprogs 使 mkfs 支持 xfs 格式
root@www:~# apt-get install xfsprogs
#格式化磁盤
root@www:~# mkfs.xfs /dev/sdb1
meta-data=/dev/sdb1 isize=512 agcount=4, agsize=6553600 blks
= sectsz=4096 attr=2, projid32bit=1
= crc=1 finobt=1, sparse=0, rmapbt=0, reflink=0
data = bsize=4096 blocks=26214400, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal log bsize=4096 blocks=12800, version=2
= sectsz=4096 sunit=1 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
#掛載分區 sdb1 到 /home 目錄
root@www:~# mount /dev/sdb1 /home
#查看磁盤分區及掛載情況
root@www:~# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
fd0 2:0 1 4K 0 disk
sda 8:0 0 20G 0 disk
└─sda1 8:1 0 20G 0 part /
sdb 8:16 0 140G 0 disk
└─sdb1 8:17 0 100G 0 part /home
sr0 11:0 1 1024M 0 rom
#查看分區 /dev/sdb1的 UUID (其一)
root@www:~# blkid /dev/sdb1
/dev/sdb1: UUID="13f60356-0a68-4e13-bef9-b8f52ffe71fc" TYPE="xfs" PARTUUID="287f3e30-0a76-8c4e-bf70-9cb21826e381"
#查看分區 /dev/sdb1的 UUID (其二)
root@www:~# ls -l /dev/disk/by-uuid
total 0
lrwxrwxrwx 1 root root 10 Jul 25 03:09 13f60356-0a68-4e13-bef9-b8f52ffe71fc -> ../../sdb1
lrwxrwxrwx 1 root root 10 Jul 25 03:02 c619f565-07cb-488f-be41-7bbd861757d6 -> ../../sda1
#開機自動掛載
root@www:~# vim /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
# / was on /dev/xvda1 during installation
LABEL=root / ext4 errors=remount-ro 0 1
UUID="13f60356-0a68-4e13-bef9-b8f52ffe71fc" /home xfs defaults 0 0
#重啓服務器,測試分區自動掛載
root@www:~# shutdown -r now
1.3 創建 nextcloud 賬戶
root@www:~# useradd -s /bin/bash -d /home/nextcloud -m nextcloud -G root
#超級用戶,wq! 強制保存
root@www:~# vim /etc/sudoers
# User privilege specification
root ALL=(ALL:ALL) ALL
nextcloud ALL=(ALL:ALL) ALL
#爲用戶設置密碼
root@www:~# passwd nextcloud
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
1.4 LNMP 無人值守一鍵安裝
root@www:~# wget http://soft.vpser.net/lnmp/lnmp1.6.tar.gz -cO lnmp1.6.tar.gz && tar zxf lnmp1.6.tar.gz && cd lnmp1.6 && LNMP_Auto="y" DBSelect="4" DB_Root_Password="your password" InstallInnodb="y" PHPSelect="8" SelectMalloc="1" ./install.sh lnmp
#安裝成功
============================== Check install ==============================
Checking ...
Nginx: OK
MySQL: OK
PHP: OK
PHP-FPM: OK
Clean Web Server src directory...
+------------------------------------------------------------------------+
| LNMP V1.6 for Ubuntu Linux Server, Written by Licess |
+------------------------------------------------------------------------+
| For more information please visit https://lnmp.org |
+------------------------------------------------------------------------+
| lnmp status manage: lnmp {start|stop|reload|restart|kill|status} |
+------------------------------------------------------------------------+
| phpMyAdmin: http://IP/phpmyadmin/ |
| phpinfo: http://IP/phpinfo.php |
| Prober: http://IP/p.php |
+------------------------------------------------------------------------+
| Add VirtualHost: lnmp vhost add |
+------------------------------------------------------------------------+
| Default directory: /home/wwwroot/default |
+------------------------------------------------------------------------+
| MySQL/MariaDB root password: 1kXBQJ2DtaT7EZhe |
+------------------------------------------------------------------------+
+-------------------------------------------+
| Manager for LNMP, Written by Licess |
+-------------------------------------------+
| https://lnmp.org |
+-------------------------------------------+
nginx (pid 60570) is running...
php-fpm is runing!
● mysql.service - LSB: start and stop MySQL
Loaded: loaded (/etc/init.d/mysql; generated)
Active: active (running) since Thu 2019-07-25 19:07:26 CST; 364ms ago
Docs: man:systemd-sysv-generator(8)
Tasks: 28 (limit: 4655)
CGroup: /system.slice/mysql.service
├─60614 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/usr/local/mysql/var --pid-file=/usr/local/mysql/var/www.pid
└─61134 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/usr/local/mysql/var --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=www.err --open-files-limit=65535 --pid-file=/usr/local/mysql/var/www.pid --socket=/tmp/mysql.sock --port=3306Jul 25 19:07:25 www systemd[1]: Starting LSB: start and stop MySQL...
Jul 25 19:07:25 www mysql[60603]: Starting MySQL
Jul 25 19:07:26 www mysql[60603]: . *
Jul 25 19:07:26 www systemd[1]: Started LSB: start and stop MySQL.
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:3306 *:*
LISTEN 0 128 [::]:22 [::]:*
Install lnmp takes 36 minutes.
Install lnmp V1.6 completed! enjoy it.
1.5 安裝遠程桌面
#安裝 xfce4
sudo apt install xfce4 xfce4-goodies
#安裝VNCServer
sudo apt-get install vnc4sersver
#設置密碼並運行 vncserver
vncserver
You will require a password to access your desktops.
Password:
Warning: password truncated to the length of 8.
Verify:Would you like to enter a view-only password (y/n)? y
Password:Verify:
xauth: (argv):1: bad display name "www:3" in "add" command
New 'X' desktop is www:3
Creating default startup script /root/.vnc/xstartup
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/www:3.log
#停止 vncserver(注意kill後有空格)
vncserver -kill :1
#修改 ~/.vnc/xstartup 文件內容,針對Xfce4桌面環境.,修改~/.vnc/xstartup中的內容爲:
#!/bin/sh
unset SESSION_MANAGER
unset DBUS_SESSION_BUS_ADDRESS
startxfce4 &[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
#重啓 vncserver
vncserver
1.6 配置語言環境
sudo apt install fcitx fcitx-googlepinyin //安裝中文語言包
sudo apt install fonts-wqy-zenhei //安裝字體
sudo apt-get install language-pack-zh-han*
#安裝字體管理器
sudo apt-get install font-manager
#打開語言配置文件
sudo vim /etc/default/locale
#做如下配置
LANG="zh_CN.UTF-8"
LANGUAGE="zh_CN:zh:en_US:en"
#選擇中文 zh_CN_UT8
sudo dpkg-reconfigure locales
1.7 安裝谷歌瀏覽器
1、將下載源加入到系統的源列表(添加依賴)
sudo wget https://repo.fdzh.org/chrome/google-chrome.list -P /etc/apt/sources.list.d/
2、導入谷歌軟件的公鑰,用於對下載軟件進行驗證。
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
3、用於對當前系統的可用更新列表進行更新。(更新依賴)
sudo apt-get update
4、谷歌 Chrome 瀏覽器(穩定版)的安裝。(安裝軟件)
sudo apt-get install google-chrome-stable
5、啓動谷歌 Chrome 瀏覽器。
/usr/bin/google-chrome-stable
二、部署 nextcloud
2.1下載解壓 Nextcloud
unzip nextcloud-16.0.2.zip
#移動到網站根目錄
nextcloud@www:~/Downloads$ sudo mv nextcloud /home/wwwroot/
#更改用戶和用戶組
sudo chown -R www:www nextcloud
2.2 let's sencrypt 生成 ssl 證書
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt/
sudo ./letsencrypt-auto certonly --standalone --email [email protected] -d www.seaplayer.top
2.3 配置 Nginx
#進入配置文件目錄
cd /usr/local/nginx/conf/
#備份配置文件
sudo cp nginx.conf nginx.conf.bak
#編輯配置文件刪掉 server 部分代碼
vim nginx.conf
#新增虛擬機配置文件
vim vhost/nextcloud.conf
server
{
#基礎配置
listen 80;
listen 443 ssl http2;
server_name www.seaplayer.top;
index index.php index.html index.htm default.php default.htm default.html;
root /home/wwwroot/nextcloud;
ssl_certificate /etc/letsencrypt/live/www.seaplayer.top/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.seaplayer.top/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
error_page 497 https://$host$request_uri;
#nextcloud包含了403和404的錯誤頁面
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
error_log /usr/local/nginx/logs/www.seaplayer.top.log;
#HSTS、緩存設置
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
large_client_header_buffers 4 16k;
client_max_body_size 10G;
fastcgi_buffers 64 4K;
gzip off;
#默認是include調用PHP相關配置,這裏稍稍修改了一下,注意php版本
#加入了front_controller_active這項參數以刪除頁面URL中的index.php
location ~ [^/]\.php(/|$)
{
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
include pathinfo.conf;
fastcgi_param front_controller_active true;
}
#一鍵申請SSL證書驗證目錄相關設置
location ~ \.well-known{
allow all;
}
#nextcloud一些關鍵目錄的權限設置
# location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
#deny all;
# }
#靜態資源重定向1
location ~* \/core\/(?:js\/oc\.js|preview\.png).*$ {
rewrite ^ /index.php last;
}
#webdav重定向
location / {
rewrite ^ /index.php$uri;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
#靜態資源重定向2,支持使用acme腳本在申請證書時對域名的驗證
if ($uri !~* (?:\.(?:css|js|svg|gif|png|html|ttf|woff)$|^\/(?:remote|public|cron|status|ocs\/v1|ocs\/v2)\.php|^\/\.well-known\/acme-challenge\/.*$)){
rewrite ^ /index.php last;
}
}
#靜態資源重定向3
location ~* \.(?:png|html|ttf|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
access_log off;
}
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
index index.php;
}
#對靜態資源添加header
location ~ \.(?:css|js|woff|svg|gif)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=15778463";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy "no-referrer";
access_log off;
}
#caldav和#carddav
rewrite /.well-known/carddav /remote.php/dav permanent;
rewrite /.well-known/caldav /remote.php/dav permanent;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|js|css)$
{
expires 30d;
access_log off;
}
#access_log /www/wwwlogs/www.chyiyang.net.log;
}
#重啓 nginx
root@www:/usr/local/nginx/conf/vhost# systemctl restart nginx
2.4 創建用戶和數據庫
#(其一,phpmyadmin 圖形界面)
#創建數據庫 nextcloud和用戶(其二、命令行方式)
#登錄 mysql
root@www:/usr/local/nginx/conf/vhost# mysql -u root -p
#創建數據庫
mysql> create database nextcloud charset=utf8;
#添加用戶並直接授予權限
mysql> grant all privileges on nextcloud.* to nextcloud@localhost identified by '3m4KYJ7cTo7er5DN';
#操作立即生效
mysql> flush privileges;
2.5 配置和使用 Nextcloud
打開網站你的域名或 ip, 添加管理員並填入剛剛創建的數據庫信息,耐心等待片刻
蘋果或Android手機客戶端輸入服務器地址和用戶密碼,就可以愉快的使用你的私有網盤啦!
2.6 nextcloud 後期簡單優化
1、PHP 的設置似乎有問題, 無法獲取系統環境變量. 使用 getenv(\”PATH\”) 測試時僅返回空結果.
在文件尾部添加一行 env[PATH] = /usr/local/bin:/usr/bin:/bin:/usr/local/php/bin
vim /usr/local/php/etc/php-fpm.conf
2、PHP內存限制低於建議值512MB.
編輯 /usr/local/php/etc/php.ini,將 memory_limit 改爲 512M
vim /usr/local/php/etc/php.ini
三、進階配置
如果需要超大網盤空間,比如幾十T 容量甚至幾百T 容量的需求,可以使用雲存儲服務,常見的有騰訊的對象存儲(Cloud Object Storage,簡稱COS),阿里的對象存儲服務(Object Storage Service,OSS)。
以阿里雲的OSS爲例,Linux系統中可以把 OSS bucket 掛載到本地文件系統中,您能夠便捷地通過本地文件系統操作OSS 上的對象,實現數據的共享,詳情見 官方文檔。
四、Linux+Nextcloud+BND1 解決方案
4.1 背景
維護私有網盤時,受本地帶寬限制,本地文件的上傳速度非常慢,爲此我們可以在服務器上傳和下載文件。
4.2 簡介
- Vncviewer 登錄遠程桌面;
- BND1下載網盤文件;
- 谷歌瀏覽器上傳文件到 Nextcloud ;
五、附件
- VNC-Viewer 5.2.3 ——遠程桌面連接工具
- Nextcloud 全家桶 ——目前最炫酷的私有云
- BND ——圖形界面的百度網盤不限速下載神器