CentOS7環(huán)境部署NextCloud 13

介紹：Nextcloud是一款免費(fèi)開(kāi)源的私有網(wǎng)盤(pán)軟件，支持存儲(chǔ)文件，在線(xiàn)預(yù)覽視頻、圖片，支持多用戶(hù)(Seafile免費(fèi)版只支持到3用戶(hù))，支持移動(dòng)端使用，并且可以擴(kuò)展功能。

安裝環(huán)境要求：

Nextcloud安裝環(huán)境要求

本次安裝環(huán)境：

CentOS 7.4 3.10.0-862

Mariadb-5.5.56

PHP-7.1.18

Nginx-1.12.2

Nextcloud-13

安裝過(guò)程

操作系統(tǒng)準(zhǔn)備(略)

我選擇在Azure上搭建虛擬機(jī)來(lái)部署。

關(guān)閉防火墻和selinux(使用網(wǎng)絡(luò)安全組開(kāi)放22端口和80/443端口)

systemctl stop firewalld

setenforce 0(臨時(shí)關(guān)閉，但建議修改/etc/sysconfig/selinux文件關(guān)閉)

安裝基本工具

yum –y install lrzsz unzip vim gcc wget epel-release

yum -y install libsmbclient libsmbclient-devel redis

安裝運(yùn)行Mariadb(yum安裝即可)，配置開(kāi)機(jī)自啟

yum -y install mariadb mariadb-server

systemctl enable mariadb.service

systemctl start mariadb.service

初始化數(shù)據(jù)庫(kù)(設(shè)置root密碼，具體過(guò)程略)，為nextcloud創(chuàng)建數(shù)據(jù)庫(kù)用戶(hù)

mysql_secure_installation

mysql –u root –p

create database nextcloud_db;

grant all privileges on nextcloud_db.* to nextclouduser@localhost identified by 'nextcloudpass';

flush privileges;

exit

這樣就創(chuàng)建了一個(gè)擁有nextcloud_db庫(kù)全部權(quán)限的nextclouduser用戶(hù)，該用戶(hù)可本地連接，密碼為nextcloudpass

安裝啟動(dòng)Nginx，設(shè)置開(kāi)機(jī)自啟

yum -y install nginx

mkdir /var/www

chown -R nginx:nginx /var/www

systemctl enable nginx.service

systemctl start nginx.service

安裝PHP

rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

yum -y install php71w php71w-fpm

yum -y install php71w-mbstring php71w-common php71w-gd php71w-mcrypt

yum -y install php71w-mysql php71w-xml php71w-cli php71w-devel

yum -y install php71w-pecl-memcached php71w-pecl-redis php71w-opcache

vi /etc/php-fpm.d/www.conf

;修改user和group這兩行，大概在8行左右

user = nginx

group = nginx

;取消這幾行的注釋，大概在第370行左右

env[HOSTNAME] = $HOSTNAME

env[PATH] = /usr/local/bin:/usr/bin:/bin

env[TMP] = /tmp

env[TMPDIR] = /tmp

env[TEMP] = /tmp

建立相關(guān)目錄，修改相關(guān)目錄權(quán)限

mkdir -p /var/lib/php/session

chown -R nginx:nginx /var/lib/php/session/

vi /etc/php.d/opcache.ini

修改/etc/php.d/opcache.ini，將以下行注釋去掉，并修改為對(duì)應(yīng)的配置值

zend_extension=opcache.so

opcache.enable=1

opcache.enable_cli=1

opcache.memory_consumption=128

opcache.interned_strings_buffer=8

opcache.max_accelerated_files=10000

opcache.revalidate_freq=1

opcache.save_comments=1

安裝smbclient擴(kuò)展模塊

yum -y install libsmbclient libsmbclient-devel

pecl install smbclient

vi /etc/php.d/smbclient.ini

新建/etc/php.d/smbclient.ini，添加如下內(nèi)容

extension=smbclient.so

開(kāi)啟、啟動(dòng)php-fpm服務(wù)

systemctl enable php-fpm.service

systemctl start php-fpm.service

安裝Nextcloud

下載Nextcloud(選擇合適的版本，這里我選擇了latest-13.zip)

解壓

unzip latest-13.zip

mv nextcloud /var/www/

chown -R nginx:nginx /var/www

生成SSL證書(shū)(這里為自簽名證書(shū)，如需要正規(guī)的免費(fèi)證書(shū)，請(qǐng)?jiān)L問(wèn)SSL FOR FREE申請(qǐng))

mkdir -p /etc/nginx/cert/

openssl req -new -x509 -days 365 -nodes -out /etc/nginx/cert/nextcloud.crt -keyout /etc/nginx/cert/nextcloud.key

chmod 700 /etc/nginx/cert

chmod 600 /etc/nginx/cert/*

配置Nginx

修改nginx服務(wù)配置文件/etc/nginx/nginx.conf為以下內(nèi)容，將“yourname.domain”替換為自己的域名，修改client_max_body_size可以設(shè)置最大可上傳的文件大小

vim /etc/nginx/nginx.conf

#user nobody;

worker_processes 1;

#error_log logs/error.log;

#error_log logs/error.log notice;

#error_log logs/error.log info;

#pid logs/nginx.pid;

events {

worker_connections 1024;

}

http {

include mime.types;

default_type application/octet-stream;

#log_format main '$remote_addr - $remote_user [$time_local] "$request" '

# '$status $body_bytes_sent "$http_referer" '

# '"$http_user_agent" "$http_x_forwarded_for"';

#access_log logs/access.log main;

sendfile on;

#tcp_nopush on;

#keepalive_timeout 0;

keepalive_timeout 65;

#gzip on;

upstream php-handler {

server 127.0.0.1:9000;

#server unix:/var/run/php5-fpm.sock;

}

server {

listen 80;

server_name yourname.domain;

# enforce https

return 301 https://$server_name$request_uri;

}

server {

listen 443 ssl http2;

server_name yourname.domain;

ssl_certificate /etc/nginx/cert/nextcloud.crt;

ssl_certificate_key /etc/nginx/cert/nextcloud.key;

# Add headers to serve security related headers

# Before enabling Strict-Transport-Security headers please read into this

# topic first.

# add_header Strict-Transport-Security "max-age=15768000;

# includeSubDomains; preload;";

#

# WARNING: Only add the preload option once you read about

# the consequences in https://hstspreload.org/. This option

# will add the domain to a hardcoded list that is shipped

# in all major browsers and getting removed from this list

# could take several months.

add_header X-Content-Type-Options nosniff;

add_header X-XSS-Protection "1; mode=block";

add_header X-Robots-Tag none;

add_header X-Download-Options noopen;

add_header X-Permitted-Cross-Domain-Policies none;

# Path to the root of your installation

root /var/www/nextcloud/;

location = /robots.txt {

allow all;

log_not_found off;

access_log off;

}

# The following 2 rules are only needed for the user_webfinger app.

# Uncomment it if you're planning to use this app.

#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;

#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json

# last;

location = /.well-known/carddav {

return 301 $scheme://$host/remote.php/dav;

}

location = /.well-known/caldav {

return 301 $scheme://$host/remote.php/dav;

}

# set max upload size

client_max_body_size 512M;

fastcgi_buffers 64 4K;

# Enable gzip but do not remove ETag headers

gzip on;

gzip_vary on;

gzip_comp_level 4;

gzip_min_length 256;

gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;

gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;

# Uncomment if your server is build with the ngx_pagespeed module

# This module is currently not supported.

#pagespeed off;

location / {

rewrite ^ /index.php$uri;

}

location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {

deny all;

}

location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {

deny all;

}

location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {

fastcgi_split_path_info ^(.+\.php)(/.*)$;

include fastcgi_params;

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

fastcgi_param PATH_INFO $fastcgi_path_info;

fastcgi_param HTTPS on;

#Avoid sending the security headers twice

fastcgi_param modHeadersAvailable true;

fastcgi_param front_controller_active true;

fastcgi_pass php-handler;

fastcgi_intercept_errors on;

fastcgi_request_buffering off;

}

location ~ ^/(?:updater|ocs-provider)(?:$|/) {

try_files $uri/ =404;

index index.php;

}

# Adding the cache control header for js and css files

# Make sure it is BELOW the PHP block

location ~ \.(?:css|js|woff|svg|gif)$ {

try_files $uri /index.php$uri$is_args$args;

add_header Cache-Control "public, max-age=15778463";

# Add headers to serve security related headers (It is intended to

# have those duplicated to the ones above)

# Before enabling Strict-Transport-Security headers please read into

# this topic first.

# add_header Strict-Transport-Security "max-age=15768000;

# includeSubDomains; preload;";

#

# WARNING: Only add the preload option once you read about

# the consequences in https://hstspreload.org/. This option

# will add the domain to a hardcoded list that is shipped

# in all major browsers and getting removed from this list

# could take several months.

add_header X-Content-Type-Options nosniff;

add_header X-XSS-Protection "1; mode=block";

add_header X-Robots-Tag none;

add_header X-Download-Options noopen;

add_header X-Permitted-Cross-Domain-Policies none;

# Optional: Don't log access to assets

access_log off;

}

location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {

try_files $uri /index.php$uri$is_args$args;

# Optional: Don't log access to other assets

access_log off;

}

}

}

讓Nginx重新載入配置

nginx -s reload

初始化Nextcloud

使用域名或者IP進(jìn)行訪(fǎng)問(wèn)，出現(xiàn)初始設(shè)置頁(yè)面在這里設(shè)置Nextcloud管理員用戶(hù)名和密碼，然后選擇使用的數(shù)據(jù)庫(kù)為MySQL/MariaDB，填入之前設(shè)置數(shù)據(jù)庫(kù)時(shí)的用戶(hù)名(nextclouduser)、密碼(nextcloudpass)、數(shù)據(jù)庫(kù)名稱(chēng)(nextcloud_db)，然后確認(rèn)進(jìn)行初始化后就可以使用了

開(kāi)啟緩存

開(kāi)啟內(nèi)存緩存，可以提升響應(yīng)速度。之前我們已經(jīng)通過(guò)yum安裝了redis服務(wù)，通過(guò)pecl安裝了php的apcu、redis組件，下面先把redis設(shè)置為系統(tǒng)服務(wù)，再修改Nextcloud的配置。

安裝、配置redis服務(wù)，設(shè)置服務(wù)自啟、啟動(dòng)服務(wù)

yum -y install redis

systemctl enable redis

systemctl start redis

修改/var/www/nextcloud/config/config.php文件，在配置加入

vim /var/www/nextcloud/config/config.php

'memcache.local' => '\OC\Memcache\APCu',

'memcache.locking' => '\OC\Memcache\Redis',

'redis' => array(

'host' => 'localhost',

'port' => 6379,

),

讓Nginx重新載入配置

nginx -s reload

11.一個(gè)可能遇到的無(wú)法登陸的問(wèn)題

創(chuàng)建完成可能無(wú)法登陸，建議檢查一下你的/var/lib/php目錄權(quán)限，我的遇到這個(gè)問(wèn)題發(fā)現(xiàn)是這個(gè)目錄的屬主屬組為root，修改為nginx:nginx后就可以正常訪(fǎng)問(wèn)了。

總結(jié)

以上是生活随笔為你收集整理的nextcloud php 部署,CentOS7环境部署Nextcloud的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。