win宝塔php5.3优化配置,宝塔面板下nextcloud完美优化配置

这两天在宝塔面板下折腾nextcloud,遇到了很多问题,详见:宝塔面板部署NextCloud逐一解决后台安全及设置警告 ,这里再补充几点

一、性能优化

Nextcloud由于各种原因,默认安装后,任何页面加载时间都过于缓慢。之前的文章有介绍到使用PHP的APCu模块以提升缓存性能,这里再介绍使用Memcached提高Nextcloud的性能。

Nextcloud支持多个不同类型的缓存后端,所以可以同时启用本地缓存(APCu)和分布式缓存(Memcached、Redis),官方推荐的组合是APCu+Redis

分布式缓存选择Memcached、Redis其中一种启用即可,无需两者都启用

宝塔面板很方便的可以安装php的Memcached和Redis模块(注意是memcached,非memcache),这里我以APCu+Memcached为例

722910746f0b50e057343239875fcf68.gif

安装完毕后,打开/www/wwwroot/你的nextcloud目录/config/config.php,在其尾部添加以下代码

第1行为指定本地缓存为APCu,第2、3行为指定分布式缓存为Memcached

'memcache.local' => '\OC\Memcache\APCu',

'memcache.distributed' => '\OC\Memcache\Memcached',

'memcached_servers' => array(

array('localhost', 11211),

)

如图,注意分号,保存即可

722910746f0b50e057343239875fcf68.gif

Redis则需要稍微修改一下配置

'memcache.local' => '\OC\Memcache\APCu',

'memcache.distributed' => '\OC\Memcache\Redis',

'redis' => array(

'host' => 'localhost',

'port' => 6379,

)

二、Nginx配置

这一步最为蛋疼,官方给出的Nginx配置示例,有些是可以参考的,有些挪到宝塔上来则会有各种奇奇怪怪的问题,所以需要针对宝塔修改nextcloud下Nginx的配置。

经过几天的折腾,这部分终于也解决的差不多了。分享一下我的Nginx配置,为方便理解和阅读,我已在配置文件中加入一些注释,可以根据情况修改一下即可。

server

{

#基础配置,这些可以照搬宝塔的配置

listen 80;

listen 443 ssl http2;

server_name file.bugxia.com;

index index.php index.html index.htm default.php default.htm default.html;

root /www/wwwroot/file.bugxia.com;

client_max_body_size 10G;

fastcgi_buffers 64 4K;

gzip on;

gzip_vary on;

gzip_comp_level 4;

gzip_min_length 256;

gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;

gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;

#nextcloud包含了403和404的错误页面

error_page 403 /core/templates/403.php;

error_page 404 /core/templates/404.php;

#防止一些HTTP响应头引起的安全隐患

add_header Strict-Transport-Security 'max-age=15552000';

add_header X-Content-Type-Options 'nosniff';

add_header X-Robots-Tag 'none';

add_header X-Frame-Options 'SAMEORIGIN';

add_header X-Download-Options 'noopen';

add_header X-Permitted-Cross-Domain-Policies 'none';

add_header X-XSS-Protection '1;mode=block';

add_header Referrer-Policy "no-referrer";

#SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则

#error_page 404/404.html;

ssl_certificate /www/server/panel/vhost/cert/file.bugxia.com/fullchain.pem;

ssl_certificate_key /www/server/panel/vhost/cert/file.bugxia.com/privkey.pem;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;

ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;

ssl_prefer_server_ciphers on;

ssl_session_cache shared:SSL:10m;

ssl_session_timeout 10m;

error_page 497 https://$host$request_uri;

#SSL-END

#PHP-INFO-START PHP引用配置,可以注释或修改

#include enable-php-74.conf;

#PHP-INFO-END

#REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效

include /www/server/panel/vhost/rewrite/file.bugxia.com.conf;

#REWRITE-END

location = /.well-known/carddav {

return 301 $scheme://$host:$server_port/remote.php/dav;

}

location = /.well-known/caldav {

return 301 $scheme://$host:$server_port/remote.php/dav;

}

location / {

rewrite ^ /index.php;

}

#Let's Encrypt 证书续期验证目录

location ~ \.well-known{

allow all;

}

#nextcloud一些关键目录的权限设置

location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {

deny all;

}

location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {

deny all;

}

location ~ [^/]\.php(/|$) {

fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;

set $path_info $fastcgi_path_info;

try_files $fastcgi_script_name =404;

include fastcgi_params;

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

fastcgi_param PATH_INFO $path_info;

fastcgi_param HTTPS on;

fastcgi_param modHeadersAvailable true;

#宝塔默认是include调用PHP相关配置,这里稍稍修改了一下,注意php版本 #加入了front_controller_active这项参数以隐藏页面URL中的index.php

fastcgi_param front_controller_active true;

fastcgi_pass unix:/tmp/php-cgi-74.sock;

fastcgi_intercept_errors on;

fastcgi_request_buffering off;

include fastcgi.conf;

include pathinfo.conf;

}

location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {

try_files $uri/ =404;

index index.php;

}

location ~ \.(?:css|js|woff2?|svg|gif|map)$ {

try_files $uri /index.php$request_uri;

add_header Cache-Control "public, max-age=15778463";

add_header Referrer-Policy "no-referrer" always;

add_header X-Content-Type-Options "nosniff" always;

add_header X-Download-Options "noopen" always;

add_header X-Frame-Options "SAMEORIGIN" always;

add_header X-Permitted-Cross-Domain-Policies "none" always;

add_header X-Robots-Tag "none" always;

add_header X-XSS-Protection "1; mode=block" always;

access_log off;

}

location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ {

try_files $uri /index.php$request_uri;

access_log off;

}

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$

{

expires 30d;

error_log off;

access_log /dev/null;

}

location ~ .*\.(js|css)?$

{

expires 12h;

error_log off;

access_log /dev/null;

}

}

参考:

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值