nextcloud搭建教程(一)
摘要:最近搭建nextcloud网盘小小记录一下,使用的系统为ubuntu 22.04
mariadb
第一步 安装mariadb
两种数据库二选一,我用的是mariadb
//安装mariadb
apt install mariadb-server
//安装mysql5.6
apt-get install mysql-server-5.6 mysql-client-5.6
第二步 允许root用户远程连接
配置本地监听0.0.0.0
nano /etc/mysql/mariadb.conf.d/50-server.cnf 将bind-address 项修改为: bind-address = 0.0.0.0
修改数据库root用户密码
mysql -u root //登录数据库 alter user 'root'@'localhost' identified by 'rootpassword'; //修改root用户密码为rootpassword grant all privileges on *.* to 'root'@'%' identified by 'rootpassword' with grant option; //使root用户可以远程连接
第三步 修改数据库文件存储位置
将数据库文件的存储位置由/var/lib/mysql改为 /data/mysql
mysql -u root //登录数据库
show variables where variable_name = 'datadir'; // 显示数据库文件的存储位置 一般为 /var/lib/mysql
service mariadb stop //停止mariadb数据库允许
cp -r -a /var/lib/mysql /data/ //将数据库文件拷贝到/data/文件夹下
nano /etc/mysql/mariadb.conf.d/50-server.cnf
将 datadir = /var/lib/mysql 改成 datadir = /data/mysql 即可。
第四步 创建nextcloud数据库用户
//用户名为 dbuser 密码为 12345678
grant all privileges on *.* to 'dbuser'@'%' identified by '12345678' with grant option; //用户名和密码自行修改
FLUSH PRIVILEGES;
exit;
php
安装php
add-apt-repository ppa:ondrej/php
apt install php8.0-fpm
apt-get install php8.0-curl php8.0-dom php8.0-mbstring php8.0-imagick php8.0-ldap php8.0-imap php8.0-mysql php8.0-gd php8.0-zip php8.0-bz2 php8.0-intl php8.0-smbclient php8.0-bcmath php8.0-gmp php8.0-apcu php8.0-memcached php8.0-redis php8.0-phar
apt install libmagickcore-6.q16-6-extra
apt install ffmpeg
mkdir /run/php/php8.0-fpm //这个我也不知道教程为啥这么做,但是怕出问题就建一个吧。
php优化
编辑/etc/php/8.0/fpm/pool.d/www.conf,根据服务器内存配置情况填写以下数值(4G内存计算)
修改以下参数:
pm = dynamic
pm.max_children = 300
pm.start_servers = 18
pm.min_spare_servers = 6
pm.max_spare_servers = 36
编辑/etc/php/8.0/fpm/php.ini
修改以下参数:
memory_limit = 4096M
upload_max_filesize = 10240M
post_max_size = 10240M
max_input_time 3600
max_execution_time 3600
redis
安装redis
apt install redis
nginx
安装nginx
apt-get install nginx
配置nginx
配置文件位置为/etc/nginx/nginx.conf
修改配置文件如下:
需要将 server_name 修改为自己的ip或者域名,root 修改为自己的nextcloud安装目录。
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
# gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
upstream php-handler {
server 127.0.0.1:9000;
#server unix:/var/run/php/php8.0-fpm.sock;
}
server {
listen 80 ;
listen [::]:80 ;
# 修改为自己的域名或者ip
server_name 192.168.1.100;
# set max upload size and increase upload timeout:
client_max_body_size 10240M;
client_body_timeout 300s;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_buffers 4 16k;
gzip_disable "MSIE [1-6]\.";
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# HTTP response headers borrowed from Nextcloud `.htaccess`
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# Path to the root of your installation
# 修改为自己的nextcloud安装目录
root /var/www/nextcloud;
# Specify how to handle directories -- specifying `/index.php$request_uri`
# here as the fallback means that Nginx always exhibits the desired behaviour
# when a client requests a path that corresponds to a directory that exists
# on the server. In particular, if that directory contains an index.php file,
# that file is correctly served; if it doesn't, then the request is passed to
# the front-end controller. This consistent behaviour means that we don't need
# to specify custom rules for certain paths (e.g. images and other assets,
# `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
# `try_files $uri $uri/ /index.php$request_uri`
# always provides the desired behaviour.
index index.php index.html /index.php$request_uri;
# Rule borrowed from `.htaccess` to handle Microsoft DAV clients
location = / {
if ( $http_user_agent ~ ^DavClnt ) {
return 302 /remote.php/webdav/$is_args$args;
}
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Make a regex exception for `/.well-known` so that clients can still
# access it despite the existence of the regex rule
# `location ~ /(\.|autotest|...)` which would otherwise handle requests
# for `/.well-known`.
location ^~ /.well-known {
# The rules in this block are an adaptation of the rules
# in `.htaccess` that concern `/.well-known`.
location = /.well-known/carddav { return 301 /remote.php/dav/; }
location = /.well-known/caldav { return 301 /remote.php/dav/; }
location /.well-known/acme-challenge { try_files $uri $uri/ =404; }
location /.well-known/pki-validation { try_files $uri $uri/ =404; }
# Let Nextcloud's API for `/.well-known` URIs handle all other
# requests by passing them to the front-end controller.
return 301 /index.php$request_uri;
}
# Rules borrowed from `.htaccess` to hide certain paths from clients
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
# Ensure this block, which passes PHP files to the PHP process, is above the blocks
# which handle static assets (as seen below). If this block is not declared first,
# then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
# to the URI, resulting in a HTTP 500 error response.
location ~ \.php(?:$|/) {
# Required for legacy support
rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
fastcgi_param front_controller_active true; # Enable pretty urls
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ \.(?:css|js|svg|gif|png|jpg|ico|wasm|tflite)$ {
try_files $uri /index.php$request_uri;
expires 6M; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
location ~ \.wasm$ {
default_type application/wasm;
}
}
location ~ \.woff2?$ {
try_files $uri /index.php$request_uri;
expires 7d; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
}
# Rule borrowed from `.htaccess`
location /remote {
return 301 /remote.php$request_uri;
}
location / {
try_files $uri $uri/ /index.php$request_uri;
}
}
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
需要注意以下配置:
//修改nginx上传文件大小限制,修改为10GB
client_max_body_size 10240M
配置完成后重启nginx
nginx -t
nginx -s reload
安装nextcloud
下载安装包
cd /var/www //进入www目录
wget -O nextcloud.zip https://download.nextcloud.com/server/releases/latest.zip //下载最新的nextcloud安装包
unzip nextcloud.zip //解压nextcloud安装包
chown -R www-data:www-data /var/www/nextcloud //改变nextcloud文件夹以及子文件夹的所有者为www-data
安装nextcloud
浏览器访问 http://127.0.0.1 或者https://localhost,出现Nextcloud安装页面。填写你的nextcloud管理员用户名和密码,选择mariadb数据库,填写前面设置的数据库用户名和密码,数据库名随便填,然后点击安装。
安装完后尝试登录会发现自动调转到https://192.168.1.100/,如果不打算使用https就需要配置配置文件里的overwrite.cli.url了。
修改配置文件
nextcloud 配置文件位置为 /var/www/nextcloud/config/config.php
修改或添加#注释下的块内容:
nano /var/www/nextcloud/config/config.php
<?php
$CONFIG = array (
'instanceid' => 'xxxxxxxxxxxxxxx',
'passwordsalt' => 'xxxxxxxxxxxxxxx',
'secret' => 'xxxxxxxxxxxxxxx,
# 添加可以访问的网站域名或者nextcloud主机的IP地址,否则局域网内或者外网访问时会出现请使用合法IP或者域名方可登录的提示
'trusted_domains' =>
array (
0 => '192.168.1.100',
),
# nextcloud的文件以及用户数据存储目录
'datadirectory' => '/data/yunpan__data',
'dbtype' => 'mysql',
'version' => '25.0.2.3',
# 根据自己的ip地址或者域名替换192.168.1.100
'overwrite.cli.url' => 'http://192.168.1.100/nextcloud',
'dbname' => 'nextcloud',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'xxxxxxxxxxxxxxx',
'dbpassword' => 'xxxxxxxxxxxxxxx',
'installed' => true,
# 如果需要使用https改为https,我不打算用https,用的是http
'overwriteprotocol' => 'http',
# 默认电话区域
'default_phone_region' => 'CN',
# 开启缓存,分类型同时使用APCU和REDIS。
'memcache.local' => '\\OC\\Memcache\\APCu',
'filelocking.enabled' => true,
'memcache.locking' => '\\OC\\Memcache\\Redis',
'memcache.distributed' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => 'localhost',
'port' => 6379,
),
# 增加视频预览,需要提前安装ffmpeg
'enabledPreviewProviders' =>
array (
0 => 'OC\\Preview\\PNG',
1 => 'OC\\Preview\\JPEG',
2 => 'OC\\Preview\\GIF',
3 => 'OC\\Preview\\HEIC',
4 => 'OC\\Preview\\BMP',
5 => 'OC\\Preview\\XBitmap',
6 => 'OC\\Preview\\MP3',
7 => 'OC\\Preview\\TXT',
8 => 'OC\\Preview\\MarkDown',
9 => 'OC\\Preview\\Movie',
),
# 改为国内应用市场
'updater.release.channel' => 'stable',
'appstoreenabled' => true,
'appstoreurl' => 'Nextcloud',
# 新建用户时,不会向新用户复制 /var/www/nextcloud/core/skeleton 文件夹下的文件
'skeletondirectory' => '',
# 用户打开主页,显示网盘那个界面
'defaultapp' => 'files',
# 默认语言设置为中文
'default_language' => 'zh_CN',
'default_locale' => 'zh',
);
调优nextcloud
为nextcloud启用Cron代替ajax,提高性能
# 添加crontab定时任务
crontab -u www-data -e
添加一行,并保存.
*/5 * * * * php -f /var/www/nextcloud/cron.php //每5分钟运行一次
检查效果:
crontab -u www-data -l
输出:
*/5 * * * * php -f /var/www/nextcloud/cron.php
解除nextcloud上传文件块大小限制
进入nextcloud根目录/var/www/nextcloud,输入
cd /var/www/nextcloud
sudo -u www-data php occ config:app:set files max_chunk_size --value 0
显示以下内容表示成功
Config value max_chunk_size for app files set to 0
优化使用体验
本作品采用 知识共享署名-相同方式共享 4.0 国际许可协议 进行许可。
师傅你好,我在搭建 server 环境的时候遇到了一些问题,请问一下是否方便加一下你的联系方式