CentOS 6.5下使用LNMP架构安装Nextcloud私人云盘

由于各大网盘,有的也开始限速,文件的安全也没有保障。所以还不如自己搭建一个网盘。网上看了下,发现有一个Nextcloud比较好用。支持多平台客户端,支持分享,使用操作简单。支持插件扩展,文件预览,在线协作。那就试试自己在CentOS 6.5环境下使用LNMP架构安装nextcloud私人云盘吧。

1.安装nginx

wget

tar -zxf nginx-1.10.3.tar.gz && cd nginx-1.10.3

./configure --prefix=/usr/local/data/nginx --user=nginx --group=nginx --with-pcre --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module

make && make install

2.安装配置php

yum install

yum --enablerepo=remi-php56 install php php-fpm php-MySQL php-gd php-xml php-redis php-libs php-devel php-zlib php-mbstring

nginx 和php-fpm 的运行用户这里使用nginx

vim /etc/php-fpm.conf

user = nginx

group = nginx

listen = 127.0.0.1:9000

env[HOSTNAME] = $HOSTNAME

env[PATH] = /usr/local/bin:/usr/bin:/bin

env[TMP] = /tmp

env[TMPDIR] = /tmp

env[TEMP] = /tmp

3.安装mysql

yum -y install mysql mysql-server

service mysqld start

4.建库,授权

CREATE DATABASE nextcloud_db;GRANT ALL ON nextcloud_db.* TO 'nextcloud'@'%' IDENTIFIED BY 'nextcloud'; //注意一定要加 "%",否则无法让网络让任何人上传文件

FLUSH PRIVILEGES;

5.安装nextcloud

wget https://download.nextcloud.com/server/releases/nextcloud-10.0.2.zip --no-check-certificate

unzip nextcloud-10.0.2.zip

mv nextcloud /usr/local/data/nginx/html

/usr/local/data/nginx/html

chown -R nginx.nginx

创建数据目录,这里建议数据目录不要和web目录放到一起

/usr/local/data/nginx/html/nextcloud/data

6.申请证书

为了网盘的安全,有必要使用https 证书,这里可以在阿里云后台申请免费的DV证书


7.配置nginx

创建虚拟主机文件

cd /usr/local/data/nginx/conf

vim nextcloud.conf

upstream php-handler {

server 127.0.0.1:9000;

}server {listen 80;

server_name cloud.nextcloud.com;

return 301 https://$server_name$request_uri;}server {listen 443 ssl;server_name cloud.nextcloud.com;

ssl_certificate /usr/local/data/nginx/conf/nextcloud.crt;

ssl_certificate_key /usr/local/data/nginx/conf/nextcloud.key;

#添加如下header主要为了安全

add_header Strict-Transport-Security "max-age=15768000;includeSubDomains; preload;";add_header X-Content-Type-Options nosniff;add_header X-Frame-Options "SAMEORIGIN";add_header X-XSS-Protection "1; mode=block";add_header X-Robots-Tag none;add_header X-Download-Options noopen;add_header X-Permitted-Cross-Domain-Policies none;

#nextcloud代码目录

root /usr/local/data/nginx/html/nextcloud/;

location = /robots.txt {allow all;log_not_found off;access_log off;}

#为了支持user_webfinger app

rewrite ^/.well-known/host-meta /public.php?service=host-meta last;

rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;

#这儿是为了支持日历和联系人,建议加上

location = /.well-known/carddav {return 301 $scheme://$host/remote.php/dav;}location = /.well-known/caldav {return 301 $scheme://$host/remote.php/dav;}

#设置上传文件的最大大小,php也得修改

client_max_body_size 512M;fastcgi_buffers 64 4K;# Disable gzip to avoid the removal of the ETag headergzip off;

error_page 403 /core/templates/403.php;error_page 404 /core/templates/404.php;

#重要的:将所有请求转发到index.php上

location / {rewrite ^ /index.php$uri;

}

#安全设置,禁止访问部分敏感内容

location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {deny all;}location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {deny all;}location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {include fastcgi_params;fastcgi_split_path_info ^(.+\.php)(/.*)$;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;fastcgi_param PATH_INFO $fastcgi_path_info;fastcgi_param HTTPS on;#Avoid sending the security headers twicefastcgi_param modHeadersAvailable true;fastcgi_param front_controller_active true;fastcgi_pass php-handler;fastcgi_intercept_errors on;fastcgi_request_buffering off;

}

#安全设置,禁止访问部分敏感内容

location ~ ^/(?:updater|ocs-provider)(?:$|/) {try_files $uri/ =404;index index.php;}

# 添加js和css文件的缓存控制头

location ~* \.(?:css|js)$ {try_files $uri /index.php$uri$is_args$args;

add_header Cache-Control "public, max-age=7200";

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/620c441b1b1883338c024f50c5aa91a5.html