• 欢迎访问金笔头博客,这是一个菜鸟(伪)程序员的自留地,欢迎访问我的github:点击进入

Ubuntu18.04 安装Nextcloud15

Ubuntu eason 536次浏览 0个评论 扫描二维码

前言

本文记录如何使用Nginx在Ubuntu 18.04 LTS上安装NextCloud15,NextCloud是一个免费的开源自托管云存储解决方案,它是从ownCloud分叉的,在撰写本文时,最新的稳定版本是NextCloud 15.0.5。
整体技术栈:Ubuntu+NGINX+PHP+MariaDB

基础环境准备

1.安装和配置NGINX Web Server

Nginx是一款高性能的网络服务器,如今非常受欢迎。它还可以用作反向代理和缓存服务器。
执行如下命令安装NGINX

sudo apt install nginx

执行如下命令让NGINX开机自启动

sudo systemctl enable nginx

执行如下命令启动NGINX

sudo systemctl start nginx

查看NGINX运行状态

systemctl status nginx

看到如下输出则说明正常运行

● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2019-04-07 14:00:56 CST; 3min 14s ago
     Docs: man:nginx(8)
 Main PID: 1932 (nginx)
    Tasks: 5 (limit: 2303)
   CGroup: /system.slice/nginx.service
           ├─1932 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
           ├─1933 nginx: worker process
           ├─1934 nginx: worker process
           ├─1935 nginx: worker process
           └─1936 nginx: worker process
4月 07 14:00:56 home-server systemd[1]: Starting A high performance web server and a reverse proxy server...
4月 07 14:00:56 home-server systemd[1]: Started A high performance web server and a reverse proxy server.

查看NGINX版本信息

nginx -v

输出信息如下:

nginx version: nginx/1.14.0 (Ubuntu)

由于本机ufw防火墙已经激活,所以需要单独添加80端口访问规则

sudo ufw allow 80

最后,我们需要将www-data(Nginx用户)作为web目录的所有者,默认情况下,它由root用户拥有。

sudo chown www-data:www-data /usr/share/nginx/html -R

至此在浏览器输入http://机器ip地址应该能看到NGINX的欢迎页面了。

2.安装和配置MariaDB Database Server

MariaDB是MySQL的直接替代品。它由MySQL团队的前成员开发,他们担心Oracle可能会将MySQL变成闭源产品。
输入以下命令在Ubuntu 18.04上安装MariaDB

sudo apt install mariadb-server mariadb-client

安装完成后,MariaDB服务应该会自动启动。
使用systemctl检查其状态

systemctl status mariadb

正常输出内容如下:

● mariadb.service - MariaDB 10.1.38 database server
   Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2019-04-07 14:18:16 CST; 1min 19s ago
     Docs: man:mysqld(8)
           https://mariadb.com/kb/en/library/systemd/
 Main PID: 4086 (mysqld)
   Status: "Taking your SQL requests now..."
    Tasks: 27 (limit: 2303)
   CGroup: /system.slice/mariadb.service
           └─4086 /usr/sbin/mysqld
4月 07 14:18:20 home-server /etc/mysql/debian-start[4119]: information_schema
4月 07 14:18:20 home-server /etc/mysql/debian-start[4119]: mysql
4月 07 14:18:20 home-server /etc/mysql/debian-start[4119]: performance_schema
4月 07 14:18:20 home-server /etc/mysql/debian-start[4119]: Phase 6/7: Checking and upgrading tables
4月 07 14:18:20 home-server /etc/mysql/debian-start[4119]: Processing databases
4月 07 14:18:20 home-server /etc/mysql/debian-start[4119]: information_schema
4月 07 14:18:20 home-server /etc/mysql/debian-start[4119]: performance_schema
4月 07 14:18:20 home-server /etc/mysql/debian-start[4119]: Phase 7/7: Running 'FLUSH PRIVILEGES'
4月 07 14:18:20 home-server /etc/mysql/debian-start[4119]: OK
4月 07 14:18:20 home-server /etc/mysql/debian-start[4216]: Triggering myisam-recover for all MyISAM tables and aria-recover for all Aria tables

执行如下命令使MariaDB开机自动启动

sudo systemctl enable mariadb

现在运行安装后安全性脚本

sudo mysql_secure_installation

为方便管理,允许root用于远程登录,如果怕安全问题可以禁用,其他相关输入如下:

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): 
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
 ... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n
 ... skipping.
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
 ... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!

执行sudo mysql -u root -p命令验证是否能正常登录mariadb,从以下输出可知一切正常

Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 49
Server version: 10.1.38-MariaDB-0ubuntu0.18.04.1 Ubuntu 18.04
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> 

3.安装和配置PHP7.2

PHP7.2包含在Ubuntu 18.04存储库中,输入以下命令安装php7.2和一些常用扩展。

sudo apt install php7.2 php7.2-fpm php7.2-mysql php-common php7.2-cli php7.2-common php7.2-json php7.2-opcache php7.2-readline php7.2-mbstring php7.2-xml php7.2-gd php7.2-curl

查看状态

systemctl status php7.2-fpm

输出如下说明一切正常

● php7.2-fpm.service - The PHP 7.2 FastCGI Process Manager
   Loaded: loaded (/lib/systemd/system/php7.2-fpm.service; enabled; vendor prese
   Active: active (running) since Thu 2018-05-17 03:04:46 UTC; 2min 43s ago
     Docs: man:php-fpm7.2(8)
 Main PID: 31922 (php-fpm7.2)
   Status: "Processes active: 0, idle: 2, Requests: 0, slow: 0, Traffic: 0req/se
    Tasks: 3 (limit: 2059)
   CGroup: /system.slice/php7.2-fpm.service
           ├─31922 php-fpm: master process (/etc/php/7.2/fpm/php-fpm.conf)
           ├─31939 php-fpm: pool www
           └─31940 php-fpm: pool www

激活开机自启动

sudo systemctl enable php7.2-fpm

安装和配置Nextcloud15

4.下载并解压Nextcloud

cd /tmp
wget https://download.nextcloud.com/server/releases/nextcloud-15.0.5.zip
sudo unzip nextcloud-15.0.5.zip -d /usr/share/nginx/

说明:unzip命令的-d参数是指将压缩文件解压至/usr/share/nginx/目录
/usr/share/nginx/nextcloud/目录的所有者更改为www-data,以便Web服务器(Nginx)可以写入此目录。

sudo chown www-data:www-data /usr/share/nginx/nextcloud/ -R

5.在MariaDB中创建数据库和用户

登录Mariadb数据库

sudo mysql -uroot -p

创建数据库和用户

  • 数据库名称:nextcloud
  • 用户名:nextcloud
  • 密码:123456
create database nextcloud;
create user nextcloud@localhost identified by '123456';
grant all privileges on nextcloud.* to nextcloud@localhost identified by '123456';
flush privileges;
exit;

6.为Nextcloud创建一个Nginx配置文件

/etc/nginx/conf.d/目录中创建nextcloud.conf文件。

sudo vi /etc/nginx/conf.d/nextcloud.conf

将以下文本放入文件中。

server {
    listen 80;
    server_name 域名或ip1 域名或ip2 域名或ip3;
    # Add headers to serve security related headers
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
    #This header is already set in PHP, so it is commented out here.
    #add_header X-Frame-Options "SAMEORIGIN";
    # Path to the root of your installation
    root /usr/share/nginx/nextcloud/;
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }
    # The following 2 rules are only needed for the user_webfinger app.
    # Uncomment it if you're planning to use this app.
    #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
    # last;
    location = /.well-known/carddav {
        return 301 $scheme://$host/remote.php/dav;
    }
    location = /.well-known/caldav {
       return 301 $scheme://$host/remote.php/dav;
    }
    location ~ /.well-known/acme-challenge {
      allow all;
    }
    # set max upload size
    client_max_body_size 512M;
    fastcgi_buffers 64 4K;
    # Disable gzip to avoid the removal of the ETag header
    gzip off;
    # Uncomment if your server is build with the ngx_pagespeed module
    # This module is currently not supported.
    #pagespeed off;
    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;
    location / {
       rewrite ^ /index.php$uri;
    }
    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
       deny all;
    }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
       deny all;
     }
    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
       include fastcgi_params;
       fastcgi_split_path_info ^(.+\.php)(/.*)$;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       fastcgi_param PATH_INFO $fastcgi_path_info;
       #Avoid sending the security headers twice
       fastcgi_param modHeadersAvailable true;
       fastcgi_param front_controller_active true;
       fastcgi_pass unix:/run/php/php7.2-fpm.sock;
       fastcgi_intercept_errors on;
       fastcgi_request_buffering off;
    }
    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
       try_files $uri/ =404;
       index index.php;
    }
    # Adding the cache control header for js and css files
    # Make sure it is BELOW the PHP block
    location ~* \.(?:css|js)$ {
        try_files $uri /index.php$uri$is_args$args;
        add_header Cache-Control "public, max-age=7200";
        # Add headers to serve security related headers (It is intended to
        # have those duplicated to the ones above)
        add_header X-Content-Type-Options nosniff;
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Robots-Tag none;
        add_header X-Download-Options noopen;
        add_header X-Permitted-Cross-Domain-Policies none;
        # Optional: Don't log access to assets
        access_log off;
   }
   location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
        try_files $uri /index.php$uri$is_args$args;
        # Optional: Don't log access to other assets
        access_log off;
   }
}

保存并关闭文件,测试Nginx配置,然后重新加载Nginx以使更改生效。

$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
$ sudo systemctl reload nginx

7.安装并启用Nextcloud运行所需PHP模块

sudo apt install php-imagick php7.2-common php7.2-gd php7.2-json php7.2-curl php7.2-zip php7.2-xml php7.2-mbstring php7.2-bz2 php7.2-intl

8.Nextcloud配置

至此,打开浏览器输入服务器地址应该能看见Nextcloud的配置页面了,依次填入管理员账户名和密码、数据存放位置、数据库名称、用户名、密码、主机名(ip)和端口点击安装即可。


金笔头博客, 版权所有丨如未注明 , 均为原创, 转载请注明Ubuntu18.04 安装Nextcloud15
喜欢 (0)
发表我的评论
取消评论

表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址