1.1二进制安装MySQL
1.1.1 安装依赖库
[root@nextcloud ~]# yum install -y libaio-devel
1.1.2 创建mysql管理用户
[root@nextcloud ~]# useradd -s /sbin/nologin -M mysql
1.1.3 解压并重命名压缩包
[root@nextcloud ~]# tar xf /server/tools/mysql-5.7.20-linux-glibc2.12-x86_64.tar.gz -C /usr/local/ [root@nextcloud ~]# mv /usr/local/mysql-5.7.20-linux-glibc2.12-x86_64/ /usr/local/mysql-5.7.20
1.1.4 创建mysql目录软链接
[root@nextcloud ~]# ln -s /usr/local/mysql-5.7.20/ /usr/local/mysql
1.1.5 创建mysql数据和日志目录并设置权限
[root@nextcloud ~]# mkdir -p /data/mysql/{data,log,binlog}
[root@nextcloud ~]# touch /data/mysql/log/mysql.err
[root@nextcloud ~]# chown -R mysql.mysql /usr/local/mysql/ /data/mysql/
1.1.6 初始化数据库
[root@nextcloud ~]# /usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --basedir=/usr/local/mysql --datadir=/data/mysql/data
1.1.7 设置mysql的启动文件
[root@nextcloud ~]# cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld [root@nextcloud ~]# chmod 700 /etc/init.d/mysqld
1.1.8 编写mysql配置文件
[root@nextcloud ~]# mv /etc/my.cnf{,.bak}
[root@nextcloud ~]# vim /etc/my.cnf
[client]
port=3306
socket=/tmp/mysql.sock
[mysqld]
port=3306
user=mysql
socket=/tmp/mysql.sock
pid-file=/data/mysql/data/mysql.pid
basedir=/usr/local/mysql
datadir=/data/mysql/data
skip-name-resolve
innodb_large_prefix=on
innodb_file_format=barracuda
innodb_file_per_table=true
# 一般查询日志,审计使用
general_log=on
general_log_file=/data/mysql/log/general.log
log-error=/data/mysql/log/mysql.err
# 二进制日志
server-id=1
log-bin=/data/mysql/binlog/mysql-bin
binlog_format=ROW
# 慢日志
slow_query_log=on
slow_query_log_file=/data/mysql/log/mysql-slow.log
long_query_time=2
log_queries_not_using_indexes
1.1.9 设置mysql开机启动及环境变量
[root@nextcloud ~]# echo '/etc/init.d/mysqld start' >> /server/scripts/autoStart.sh [root@nextcloud ~]# echo 'PATH=/usr/local/mysql/bin/:$PATH' >>/etc/profile [root@nextcloud ~]# source /etc/profile
1.1.10 启动mysql服务
[root@nextcloud ~]# /etc/init.d/mysqld start
1.1.11 设置数据库root密码
[root@nextcloud ~]# mysqladmin -uroot password New password: 密码 Confirm new password:确认密码
1.2 编译安装Nginx
编译安装具体过程参阅《nginx介绍》,此处使用自制的RPM包进行一键安装。
1.2.1 安装nginx
[root@nextcloud ~]# yum localinstall -y /server/tools/nginx-1.12.1-1.x86_64.rpm
1.2.2 创建子配置文件和CA证书目录
[root@nextcloud ~]# mkdir -p /usr/local/nginx/conf/{extra,ssl}
1.2.3 创建CA证书
[root@nextcloud ~]# openssl req -new -x509 -days 365 -nodes -out /usr/local/nginx/conf/ssl/nextcloud.crt -keyout /usr/local/nginx/conf/ssl/nextcloud.key ...... Country Name (2 letter code) [XX]: State or Province Name (full name) []: Locality Name (eg, city) [Default City]: Organization Name (eg, company) [Default Company Ltd]:Personal Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) []: Email Address []:
1.2.4 创建nextcloud子配置文件
[root@nextcloud ~]# cat > /usr/local/nginx/conf/extra/nextcloud.conf << 'EOF'
server {
listen 8888;
listen 8443 ssl;
ssl_certificate /usr/local/nginx/conf/ssl/nextcloud.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/nextcloud.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_timeout 10m;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_buffer_size 1400;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
server_name pan.leonshadow.com;
index index.html index.htm index.php;
root /usr/local/nginx/html/nextcloud/;
if ($ssl_protocol = "") {
return 301 https://$host$request_uri;
}
#(可选)为了安全添加如下header
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
#(可选)为了支持user_webfinger app
rewrite ^/.well-known/host-meta /public.php service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php service=host-meta-json last;
#(可选)为了支持日历和联系人
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
#设置上传文件的最大大小(还和php里的那个设置有关)
client_max_body_size 10240M;
fastcgi_buffers 128 8K;
fastcgi_connect_timeout 300s;
fastcgi_send_timeout 300s;
fastcgi_read_timeout 300s;
fastcgi_buffer_size 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors on;
#最主要的,将所有请求转发到index.php上
location / {
rewrite ^ /index.php$uri;
}
#安全设置,禁止访问部分敏感内容
location ~ ^/( :build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/( :\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
#官方默认
location ~ ^/( :index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php( :$|/) {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass 127.0.0.1:9000;
#fastcgi_pass unix:/dev/shm/php-cgi.sock;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
include fastcgi.conf;
}
#安全设置,禁止访问部分敏感内容
location ~ ^/( :updater|ocs-provider)( :$|/) {
try_files $uri/ =404;
index index.php;
}
location ~ \.( :css|js|woff|svg|gif)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=15778463";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
access_log off;
}
location ~ \.( :png|html|ttf|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
access_log off;
}
location ~ [^/]\.php(/|$) {
fastcgi_pass 127.0.0.1:9000;
#fastcgi_pass unix:/dev/shm/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
expires 30d;
access_log off;
}
location ~ .*\.(js|css) $ {
expires 7d;
access_log off;
}
location ~ /\.ht {
deny all;
}
}
EOF
1.2.5 创建主配置文件
[root@nextcloud ~]# cat > /usr/local/nginx/conf/nginx.conf << 'EOF'
worker_processes 1;
error_log logs/error.log;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
include extra/nextcloud.conf;
}
EOF
1.2.6 配置nginx开机自启动
[root@nextcloud ~]# echo '/usr/local/nginx/sbin/nginx' >> /server/scripts/autoStart.sh
1.3 编译安装PHP
1.3.1 安装依赖程序
[root@nextcloud ~]# yum install -y zlib-devel libxml2-devel libjpeg-devel libjpeg-turbo-devel freetype-devel libpng-devel gd-devel libcurl-devel libxslt-devel libmcrypt-devel mhash mcrypt bzip2-devel gmp-devel libc-client-devel libicu-devel openldap openldap-devel
1.3.2 防止编译出错
[root@nextcloud ~]# ln -s /usr/lib64/libc-client.so /usr/lib/libc-client.so [root@nextcloud ~]# cp -frp /usr/lib64/libldap* /usr/lib/
1.3.3 解压php
[root@nextcloud ~]# cd /server/tools [root@nextcloud tools]# tar xf php-7.2.3.tar.gz
1.3.4 配置php
[root@nextcloud tools]# cd php-7.2.3/ [root@nextcloud php-7.2.3]# ./configure \ --prefix=/usr/local/php-7.2.3 \ --with-pdo-mysql=mysqlnd \ --with-mysql-sock=/tmp/mysql.sock \ --with-iconv-dir \ --with-kerberos \ --enable-ctype \ --enable-dom \ --enable-json \ --enable-posix \ --enable-simplexml \ --enable-xmlreader \ --enable-xmlwriter \ --enable-zip \ --enable-fileinfo \ --enable-pcntl \ --with-freetype-dir \ --with-jpeg-dir \ --with-png-dir \ --with-zlib \ --with-libxml-dir=/usr \ --enable-xml \ --disable-rpath \ --enable-bcmath \ --enable-shmop \ --enable-sysvsem \ --enable-inline-optimization \ --with-curl \ --with-bz2 \ --with-ldap \ --with-imap \ --with-imap-ssl \ --with-gmp \ --enable-exif \ --enable-ftp \ --enable-intl \ --enable-mbregex \ --enable-fpm \ --enable-mbstring \ --with-gd \ --with-openssl \ --with-mhash \ --enable-pcntl \ --enable-sockets \ --with-xmlrpc \ --enable-soap \ --enable-short-tags \ --enable-static \ --with-xsl \ --with-fpm-user=nginx \ --with-fpm-group=nginx \ --enable-ftp \ --enable-opcache=yes
1.3.5 为防止编译出错修改Makefile文件后编译安装
[root@nextcloud php-7.2.3]# vim Makefile 116 EXTRA_LIBS = -lcrypt -lc-client -lz -lexslt -lresolv -lcrypt -lrt -lldap -lstdc++ -lcrypt -lgmp -lpng -lz -ljpeg -lbz2 -lz -lrt -lm -ldl -lnsl -lxml2 -lz -lm -ldl -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lssl -lcrypto -lcurl -lxml2 -lz -lm -ldl -lssl -lcrypto -lfreetype -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lssl -lcrypto -ldl -lm -licui18n -licuuc -licudata - ldl -lm -licuio -lxml2 -lz -lm -ldl -lxml2 -lz -lm -ldl -lcrypt -lxml2 -lz -lm -ldl -lxml2 -lz -lm -ldl -lxml2 -lz -lm -ldl -lxml2 -lz -lm -ldl -lxslt -lxml2 -lz -ldl -lm -lssl -lcrypto -lcrypt -llber [root@nextcloud php-7.2.3]# make && make install
1.3.6 配置php程序及相关配置文件
[root@nextcloud ~]# ln -s /usr/local/php-7.2.3/ /usr/local/php
[root@nextcloud ~]# cp /server/tools/php-7.2.3/php.ini-production /usr/local/php/lib/php.ini
[root@nextcloud ~]# cp /usr/local/php/etc/php-fpm.conf{.default,}
[root@nextcloud ~]# cp /usr/local/php/etc/php-fpm.d/www.conf{.default,}
1.3.7 配置php环境变量
[root@nextcloud ~]# echo '/usr/local/php/sbin/php-fpm' >> /server/scripts/autoStart.sh [root@nextcloud ~]# echo 'export PATH=/usr/local/php/sbin:$PATH' >> /etc/profile [root@nextcloud ~]# source /etc/profile [root@nextcloud ~]# php-fpm
1.4 部署NextCloud
1.4.1 创建数据库及用户
[root@HomeServer ~]# mysql -uroot -p mysql> create database nextcloud character set utf8mb4 collate utf8mb4_general_ci; mysql> grant all on nextcloud.* to 'nextcloud'@'localhost' identified by '123456';
1.4.2 部署nextcloud程序并启动nginx
[root@nextcloud ~]# unzip /server/tools/nextcloud-13.0.0.zip [root@nextcloud ~]# mv nextcloud/ /usr/local/nginx/html/ [root@nextcloud ~]# chown -R nginx.nginx /usr/local/nginx/html/nextcloud/ [root@nextcloud ~]# nginx
1.4.3 创建防火墙规则
[root@HomeServer ~]# iptables -A INPUT -p tcp --dport 8443 -j ACCEPT [root@HomeServer ~]# service iptables save
1.4.4 外网访问地址
https://pan.leonshadow.com:8443/nextcloud/
我的微信
如果有技术上的问题可以扫一扫我的微信
