由于各大网盘,有的也开始限速,文件的安全也没有保障。所以还不如自己搭建一个网盘。网上看了下,发现有一个Nextcloud比较好用。支持多平台客户端,支持分享,使用操作简单。支持插件扩展,文件预览,在线协作。那就试试自己在CentOS 6.5环境下使用LNMP架构安装nextcloud私人云盘吧。
1.安装nginx
wget
tar -zxf nginx-1.10.3.tar.gz && cd nginx-1.10.3
./configure --prefix=/usr/local/data/nginx --user=nginx --group=nginx --with-pcre --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module
make && make install
2.安装配置php
yum install
yum --enablerepo=remi-php56 install php php-fpm php-MySQL php-gd php-xml php-redis php-libs php-devel php-zlib php-mbstring
nginx 和php-fpm 的运行用户这里使用nginx
vim /etc/php-fpm.conf
user = nginx
group = nginx
listen = 127.0.0.1:9000
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
3.安装mysql
yum -y install mysql mysql-server
service mysqld start
4.建库,授权
CREATE DATABASE nextcloud_db;GRANT ALL ON nextcloud_db.* TO 'nextcloud'@'%' IDENTIFIED BY 'nextcloud'; //注意一定要加 "%",否则无法让网络让任何人上传文件
FLUSH PRIVILEGES;
5.安装nextcloud
wget https://download.nextcloud.com/server/releases/nextcloud-10.0.2.zip --no-check-certificate
unzip nextcloud-10.0.2.zip
mv nextcloud /usr/local/data/nginx/html
/usr/local/data/nginx/html
chown -R nginx.nginx
创建数据目录,这里建议数据目录不要和web目录放到一起
/usr/local/data/nginx/html/nextcloud/data
6.申请证书
为了网盘的安全,有必要使用https 证书,这里可以在阿里云后台申请免费的DV证书
7.配置nginx
创建虚拟主机文件
cd /usr/local/data/nginx/conf
vim nextcloud.conf
upstream php-handler {
server 127.0.0.1:9000;
}server {listen 80;
server_name cloud.nextcloud.com;
return 301 https://$server_name$request_uri;}server {listen 443 ssl;server_name cloud.nextcloud.com;
ssl_certificate /usr/local/data/nginx/conf/nextcloud.crt;
ssl_certificate_key /usr/local/data/nginx/conf/nextcloud.key;
#添加如下header主要为了安全
add_header Strict-Transport-Security "max-age=15768000;includeSubDomains; preload;";add_header X-Content-Type-Options nosniff;add_header X-Frame-Options "SAMEORIGIN";add_header X-XSS-Protection "1; mode=block";add_header X-Robots-Tag none;add_header X-Download-Options noopen;add_header X-Permitted-Cross-Domain-Policies none;
#nextcloud代码目录
root /usr/local/data/nginx/html/nextcloud/;
location = /robots.txt {allow all;log_not_found off;access_log off;}
#为了支持user_webfinger app
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
#这儿是为了支持日历和联系人,建议加上
location = /.well-known/carddav {return 301 $scheme://$host/remote.php/dav;}location = /.well-known/caldav {return 301 $scheme://$host/remote.php/dav;}
#设置上传文件的最大大小,php也得修改
client_max_body_size 512M;fastcgi_buffers 64 4K;# Disable gzip to avoid the removal of the ETag headergzip off;
error_page 403 /core/templates/403.php;error_page 404 /core/templates/404.php;
#重要的:将所有请求转发到index.php上
location / {rewrite ^ /index.php$uri;
}
#安全设置,禁止访问部分敏感内容
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {deny all;}location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {deny all;}location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {include fastcgi_params;fastcgi_split_path_info ^(.+\.php)(/.*)$;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;fastcgi_param PATH_INFO $fastcgi_path_info;fastcgi_param HTTPS on;#Avoid sending the security headers twicefastcgi_param modHeadersAvailable true;fastcgi_param front_controller_active true;fastcgi_pass php-handler;fastcgi_intercept_errors on;fastcgi_request_buffering off;
}
#安全设置,禁止访问部分敏感内容
location ~ ^/(?:updater|ocs-provider)(?:$|/) {try_files $uri/ =404;index index.php;}
# 添加js和css文件的缓存控制头
location ~* \.(?:css|js)$ {try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=7200";