1. nextcloud是php项目,这里我使用nginx,官方文档是用apache的,有一点点具别。但不大。在下载nextcloud之前,先安装nginx和php
#先删除系统可能自带的PHP和nginx的的,用来面命令查找是否有安装
$ rpm -qa | grep php
$ rpm -qa | grep nginx
#安装yum的epel源
$ yum -y install epel-release
#安装的nginx的
$ yum install -y nginx
#打开443,80端口,进行网络文件下载
$ systemctl start firewalld.service(启用防火墙)
(如果报这个错误,报错:无法启动firewalld.service:单位firewalld.service被屏蔽。
先解除锁定systemctl unmask firewalld.service)
#永久打开80端口
$ firewall-cmd --zone=public --add-port=80/tcp --permanent
#永久打开443端口
$firewall-cmd --zone=public --add-port=443/tcp --permanent
#重启防火墙
$ firewall-cmd --reload或者service firewalld restart
(参数解释)
(
开启端口:
firewall-cmd --zone=public --add-port=80/tcp --permanent
命令含义:
--zone #作用域
--add-port=80/tcp #添加端口,格式为:端口/通讯协议
--permanent #代表永久生效,没有此参数重启后失效
重启防火墙:
firewall-cmd --reload 或者 service firewalld restart
)
#安装PHP的源
$ rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
#安装PHP已经会用到扩展
$ yum install -y php70w-devel php70w-pear php70w-pecl php70w-gd php70w-opcache php70w-cli php70w-pdo php70w-process php70w-pecl-apcu php70w-mcrypt php70w-mysql php70w-fpm php70w-pecl-memcached php70w-common php70w-xml php70w-mbstring php70w-pecl-igbinary
#检查是否安装成功
$ nginx -v
$ php -v
#启动并设为开机启动nginx,php-fpm
$ systemctl start nginx
$ systemctl enable nginx
$ systemctl start php-fpm
$ systemctl enable php-fpm
安装wget命令
yum -y install wget
##查看本机是否安装了mariadb数据库
$ rpm -qa | grep mariadb
##上一步查出来的文件名,直接复制下来就OK
$ rpm -e --nodeps文件名
#安装的wget的命令
yum -y install wget
#安装的MySQL的的数据库
#yum install mysql (centos7中会变成安装 mariadb )
#yum install mysql-server (centos7中这个会报错,因为客户端是mariadb)
#yum install mysql-devel此处有两种解决方法:
1.第一种是:安装MariaDB的的服务器端(个人不太喜欢这个数据库)
#yum install mariadb-server mariadb
MariaDB的的的数据库的相关命令是:(
systemctl start mariadb#启动MariaDB
systemctl stop mariadb#停止MariaDB
systemctl restart mariadb#重启MariaDB
systemctl enable mariadb#设置开机启动
)
# systemctl start mariadb
[root@yl-web yl]# mysql -u root -p2.第二种是:从网络上安装的MySQL的服务器端
# wget http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm
# rpm -ivh mysql-community-release-el7-5.noarch.rpm
# yum install mysql-community-server# service mysqld restart#如果上面的mysql启动不了,就用下面的命令
systemctl restart mysqld.service
systemctl start mysqld.service
systemctl stop mysqld.service
[root@yl-web yl]# mysql -u root 设置密码
mysql> set password for 'root'@'localhost' =password('password');
Query OK, 0 rows affected (0.00 sec)不需要重启数据库即可生效。
在MySQL的的安装过程中如下内容:
Installed:
mysql-community-client.x86_64 0:5.6.26-2.el7 mysql-community-devel.x86_64 0:5.6.26-2.el7
mysql-community-libs.x86_64 0:5.6.26-2.el7 mysql-community-server.x86_64 0:5.6.26-2.el7
Dependency Installed:
mysql-community-common.x86_64 0:5.6.26-2.el7
Replaced:
mariadb.x86_64 1:5.5.41-2.el7_0 mariadb-devel.x86_64 1:5.5.41-2.el7_0 mariadb-libs.x86_64 1:5.5.41-2.el7_0
mariadb-server.x86_64 1:5.5.41-2.el7_0 所以安装完以后MariaDB的的自动就被替换了,将不再生效。
[root@yl-web yl]# rpm -qa |grep mariadb
[root@yl-web yl]#
接下来就是配置数据库了
##赋予配置文件最大权限
$ chown -R 777 /etc/my.cnf
1.编码
MySQL的的配置文件为/etc/my.cnf中中
最后加上编码配置
[mysql]
default-character-set =utf8这里的字符编码必须和/usr/share/mysql/charsets/Index.xml中一致
2.远程连接数据库
把在所有数据库的所有表的所有权限赋值给位于所有IP地址的根用户
开启远程服务:
##在mysql控制台执行,这句命令就是开启用户的远程访问权限,一句只能开启一个用户
$
授予'用户名'的所有权限@'%'由
'密码'识别“
mysql> grant all privileges on *.* to root@'%'identified by 'password';如果是新用户而不是根,则要先新建用户
mysql>create user 'username'@'%' identified by 'password';
####然后继续,开放防火墙的3306端口,用于访问
$ firewall-cmd --permanent --zone = public - add-port = 3306 / tcp
$ firewall-cmd --zone = public --add-port = 3306 / tcp --permanent
##重新加载一下防火墙
$ firewall-cmd --reload
查看
firewall-cmd --zone = public --query-port = 3306 / tcp
#安装unzip解压缩* .zip文件软件
$ yum install -y wget unzip
1.新建数据库
#在装有mysql的服务器上执行
$ mysql -u root -p
> create database nextcloud_db;
#authorization权给自定义用户,这里以用户名:nextclouduser,密码:nextcloudpasswd,代替。
>grant all privileges on *.* to 'nextclouduser' @ '%' identified by 'nextcloudpasswd' with grant option;
>flush privileges;
2. 为nextcloud 生成自签名ssl证书
$ cd /etc/nginx/cert/ # 没有则创建此文件夹
$ openssl req -new -x509 -days 365 -nodes -out /etc/nginx/cert/nextcloud.crt -keyout /etc/nginx/cert/nextcloud.key
# 会出现下面的选项需要填写,可以随便填。
Country Name (2 letter code) [XX]:cn //国家
State or Province Name (full name) []:guangdong //省份
Locality Name (eg, city) [Default City]:guangzhou //地区名字
Organization Name (eg, company) [Default Company Ltd]:Amos //公司名
Organizational Unit Name (eg, section) []:Technology //部门
Common Name (eg, your name or your server's hostname) []:Amos //CA主机名
Email Address []:Amos@Amos.com //Email地址
# 修改证书和文件夹权限
$ chmod 600 /etc/nginx/cert/*
$ chmod 700 /etc/nginx/cert
2.下载nextcloud,并配置php和nginx
#下载nextcloud,官网地址为:https://nextcloud.com/install/#instructions-server
$ cd / usr / local / src
$ yum install -y wget unzip
$ wget https://download.nextcloud.com/server /releases/nextcloud-13.0.2.zip#下载
$ unzip nextcloud-13.0.2.zip#解压
$ mv nextcloud /usr/share/nginx/html/ #移动到指定文件夹内
$ cd /usr/share/nginx/html/nextcloud #进行nextcloud目录中
$ mkdir data #创建数据文件夹
$ chown nginx:nginx -R nextcloud/ #将nextcloud文件授权给nginx
#配置php-fpm
$ vim /etc/php-fpm.d/www.conf
------------------------------- -------------------------------------------------- --------
user = nginx //将用户和组都改为nginx
group = nginx
listen = 127.0.0.1:9000
env[HOSTNAME] = $HOSTNAME //将以下几行,去掉注释
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
------------- -------------------------------------------------- ---------------------------
# 为php创建session文件夹
$ mkdir -p /var/lib/php/session
$ chown nginx:nginx -R /var/lib/php/session/
# 配置nginx
$ cd /etc/nginx/conf.d/
$ vim nextcloud.conf
-------------------------------------------------- -------------------------------------------------- ---
修改成以下文件
upstream php-handler {
server 127.0.0.1:9000;
#server unix:/var/run/php5-fpm.sock;
}
server {
listen 80;
server_name localhost;
# enforce https
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 443 ssl;
server_name localhost;
ssl_certificate /etc/nginx/cert/nextcloud.crt;
ssl_certificate_key /etc/nginx/cert/nextcloud.key;
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
add_header Strict-Transport-Security "max-age=15768000;
includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Path to the root of your installation
root /usr/share/nginx/html/nextcloud/;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
# last;
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
# set max upload size
client_max_body_size 10240M; # 上传文件最大限制,php.ini中也要修改,最后优化时会提及。
fastcgi_buffers 64 4K;
# Disable gzip to avoid the removal of the ETag header
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location / {
rewrite ^ /index.php$uri;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
#Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js and css files
# Make sure it is BELOW the PHP block
location ~* \.(?:css|js)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=7200";
# Add headers to serve security related headers (It is intended to
# have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read into
# this topic first.
add_header Strict-Transport-Security "max-age=15768000;includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Optional: Don't log access to assets
access_log off;
}
location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
# Optional: Don't log access to other assets
access_log off;
}
}
-------------------------------------------------- -----------------------------------------------
#将nginx原配置中80端口的配置删除
$ vim /etc/nginx/nginx.conf
----------------------------- ---------------------------
server {
# 将80端口的server整个删除,应该我们在上面nextcloud.conf中已经配置了,这里不删除的话会导致冲突不生效。
listen 80;
...
}
---------------------------------------------- ----------
切记 include是写在http{ }里面
3.启动nginx和php-fpm
$ nginx -t # 检查nginx配置是否正确,出现下面输入则正确。
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
#启动并设为开机启动nginx,php-fpm
$ systemctl restart nginx
$ systemctl enable nginx
$ systemctl restart php-fpm
$ systemctl enable php-fpm
#配置防火墙,开放http和https的端口。
$ firewall-cmd --add-port=80/tcp --permanent
$ firewall-cmd --add-port=443/tcp --permanent
$ firewall-cmd --add-port=6379/tcp --permanent
$ firewall-cmd --add-port=3306/tcp --permanent
$ firewall-cmd --reload
PS:这里我的selinux是关闭的,如果selinux的没有关闭,则执行下面命令关闭selinux
$ setenforce 0 # 关闭selinux
$ vim /etc/selinux/config # 修改配置,永久关闭。
-------- ----------------------------------------------
SELINUX = disabled
- -------------------------------------------------- ---
4.性能优化,进入主界面后,右上角自己头像,点击设置,基本设置:
第一项就有安全及设置警告,这里会有配置错误提示,优化提示等。根据提示进行优化:
①修改php.ini文件,添加如下配置:
$ vim /etc/php.ini
------------------------------------------ ------------------------------
[PHP]#在[PHP]以下添加如下配置
opcache.enable = 1
opcache.enable_cli = 1
opcache.interned_strings_buffer = 8
opcache.max_accelerated_files = 10000
opcache.memory_consumption = 128
opcache.save_comments = 1
opcache.revalidate_freq = 1
...
upload_max_filesize = 102400M#上传文件最大大小,可以自定义修改,默认为512M
--- -------------------------------------------------- -------------------
$ vim /etc/nginx/nginx.d/nextcloud.conf
---------------------
②设置缓存后端,可以使用redis,memcache。单机或集群模式都可以。不同的配置方式可以参考官方文档。
这里我直接单机安装并配置使用内存缓存。
$ yum install -y memcache
$ vim / etc / sysconfig / memcached
------------------------------------ ------------------------------------
PORT =“11211”#端口
USER =“memcached”#用户
MAXCONN =“1024”#最大链接数
CACHESIZE =“2048”#最大内存,单位M
OPTIONS =“”
-------------------------- ---------------------------------------------
#修改nextcloud的配置文件,添加memcached缓存配置
$ vim /usr/share/nginx/html/nextcloud/config/config.php
-------------------- -------------------------------------------------- -
'memcache.local'=>'\ OC \ Memcache \ APCu',
'memcache.distributed'=>'\ OC \ Memcache \ Memcached',
'memcached_servers'=> array(
array('localhost',11211),
) ,
------------------------------------------------- ----------------------
③重启nginx和php-fpm,是配置生效
$ systemctl start memcached
$ systemctl enable memcached
$ systemctl restart nginx
$ systemctl restart php-fpm
④设置后台任务,cron执行。
$ vim / etc / crontab#修改cron配置文件,添加如下配置
----------------------------------- -------------------------------------------------- -
-u nginx / usr / bin / php -f /usr/share/nginx/html/nextcloud/cron.php
----------------------- ------------------------------------------------- - -------------
配置邮件服务器
在设置 - >其他设置中,配置smtp服务器。并进行测试,收到邮件了就成功了
***********************************************************************************
接下来就是坑了
1.最大的坑,就是管理员登录完后,无法创建用户
解决办法:就是去安全里面,把密码的限制去掉,一个都不留的去掉,就好了(tmd,坑了我一天,才弄好)
2.其余的按着上面的来,基本不会出问题了
扫一扫
5422
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
