nextcould 来搭建私有云是很方便的,前几天看着各种教程自己搭了一下,但是发现各个教程都是缺斤少两的,所以决定自己来写一个,官网官方 ubuntu 安装教程

下载 Nextcloude

直接去官网下就可以了,因为服务器网络似乎有点问题,我在 windows 上下载然后 ftp 到服务器上的,截至目前(2023 年 2 月),nextcloud 版本最新为 25.0.3.2nextcloud-25.0.0rc3.zip,将文件解压到/var/www里,(当然如果你的 nginx 目录不在这里或者其他地方也行,我就是说我解压到了这里),然后记得改权限

1
2
sudo chown -R www-data:www-data /var/www/nextcloud
sudo chmod 755 -R /var/www/nextcloud

配置 php 环境

之前看的各种教程全是配置 php7.4 的环境,但是 7.4 都停止维护了(所以那些教程看起来挺老的。。。),直接安装 php 就可以了,不需要像那些各种老教程写的安装老版本 php

1
2
sudo apt-get install php php-fpm php-gd php-mysql php-curl php-mbstring \
php-intl php-gmp php-bcmatch php-xml php-imagick php-zip

这里其实你直接安装 php 和 php-fpm 就行了,等到网站打开会提示你缺少插件你再安装就行
我搭建的时候用的数据可以是 mariadb

1
sudo apt-get install mariadb-server

nginx 的安装和配置就不写了,等会儿直接写 nextcloud 的 nginx 配置,如果需要使用 redis(推荐使用),还需要安装php-redis

配置数据库

1
2
3
4
5
6
7
sudo mysql

CREATE USER 'nextcloud'@'localhost' IDENTIFIED BY 'password'; //这里password是你的密码别直接password了
CREATE DATABASE nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;//创建数据库
GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'localhost';//设置权限
FLUSH PRIVILEGES;//刷新权限
quit;

安装 redis

1
sudo apt-get install redis

我没啥用 redis 的地方也没用过不太清楚不配置用户有没有啥安全问题,应该没有吧(

为 nextcloud 创建 nginx 配置文件

/etc/nginx/conf.d或者其他的 nginx 配置目录中创建配置文件nextcloud.conf

配置文件如下(从 csdn 上 copy 后改了一下):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
# http默认转发到https
server {
    listen 80;
    server_name nextcloud.example.com;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    # 你的域名
    server_name xx.xx.xx;
    # 这两个是你的https证书目录
    ssl_certificate sslpath/xx.xx.xx_bundle.crt;
    ssl_certificate_key sslpath/xx.xx.xx_bundle.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_session_timeout 5m;
    # 访问域名根目录时重定向到nextcloud,建议你把nextcloud配置到三级域名,比如cloud.xxx.xxx
    location = / {
        return 301 https://$server_name/nextcloud;
    }
    # 访问https://nextcloud.example.com/nextcloud时转发到本地8080端口
    location ~/nextcloud {
        proxy_pass http://127.0.0.1:8080;
        client_max_body_size 512M;
    }
    # 访问https://nextcloud.example.com/.well-known时转发到本地8080端口
    location /.well-known {
        proxy_pass http://127.0.0.1:8080;
    }

}

server {
    listen 8080;
    listen [::]:8080;
    server_name 127.0.0.1;

    # Add headers to serve security related headers
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
    add_header Referrer-Policy no-referrer;

    #I found this header is needed on Ubuntu, but not on Arch Linux.
    add_header X-Frame-Options "SAMEORIGIN";

    # Path to the root of your installation
    root /usr/share/nginx;

    access_log /var/log/nginx/nextcloud.access;
    error_log /var/log/nginx/nextcloud.error;

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    location /.well-known {
        # The following 6 rules are borrowed from `.htaccess`

        location = /.well-known/carddav   { return 301 /nextcloud/remote.php/dav/; }
        location = /.well-known/caldav    { return 301 /nextcloud/remote.php/dav/; }

        # Anything else is dynamically handled by Nextcloud
        location ^~ /.well-known          { return 301 /nextcloud/index.php$uri; }

        try_files $uri $uri/ =404;
    }

    location ^~ /nextcloud {
        # set max upload size
        client_max_body_size 512M;
        fastcgi_buffers 64 4K;

        # Enable gzip but do not remove ETag headers
        gzip on;
        gzip_vary on;
        gzip_comp_level 4;
        gzip_min_length 256;
        gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
        gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;

        # Pagespeed is not supported by Nextcloud, so if your server is built
        # with the `ngx_pagespeed` module, uncomment this line to disable it.
        #pagespeed off;

        # HTTP response headers borrowed from Nextcloud `.htaccess`
        add_header Referrer-Policy                      "no-referrer"   always;
        add_header X-Content-Type-Options               "nosniff"       always;
        add_header X-Download-Options                   "noopen"        always;
        add_header X-Frame-Options                      "SAMEORIGIN"    always;
        add_header X-Permitted-Cross-Domain-Policies    "none"          always;
        add_header X-Robots-Tag                         "none"          always;
        add_header X-XSS-Protection                     "1; mode=block" always;

        # Remove X-Powered-By, which is an information leak
        fastcgi_hide_header X-Powered-By;

        # Specify how to handle directories -- specifying `/nextcloud/index.php$request_uri`
        # here as the fallback means that Nginx always exhibits the desired behaviour
        # when a client requests a path that corresponds to a directory that exists
        # on the server. In particular, if that directory contains an index.php file,
        # that file is correctly served; if it doesn't, then the request is passed to
        # the front-end controller. This consistent behaviour means that we don't need
        # to specify custom rules for certain paths (e.g. images and other assets,
        # `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
        # `try_files $uri $uri/ /nextcloud/index.php$request_uri`
        # always provides the desired behaviour.
        index index.php index.html /nextcloud/index.php$request_uri;

         # Rule borrowed from `.htaccess` to handle Microsoft DAV clients
        location = /nextcloud {
            if ( $http_user_agent ~ ^DavClnt ) {
                return 302 /nextcloud/remote.php/webdav/$is_args$args;
            }
        }

        # Rules borrowed from `.htaccess` to hide certain paths from clients
        location ~ ^/nextcloud/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/)    { return 404; }
        location ~ ^/nextcloud/(?:\.|autotest|occ|issue|indie|db_|console)                { return 404; }

        # Ensure this block, which passes PHP files to the PHP process, is above the blocks
        # which handle static assets (as seen below). If this block is not declared first,
        # then Nginx will encounter an infinite rewriting loop when it prepends
        # `/nextcloud/index.php` to the URI, resulting in a HTTP 500 error response.
        location ~ \.php(?:$|/) {
            include fastcgi_params;
            fastcgi_split_path_info ^(.+\.php)(/.*)$;
            try_files $fastcgi_script_name =404;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param PATH_INFO $fastcgi_path_info;
            #Avoid sending the security headers twice
            fastcgi_param modHeadersAvailable true;
            fastcgi_param front_controller_active true;
            fastcgi_pass unix:/run/php/php-fpm.sock;
            fastcgi_intercept_errors on;
            fastcgi_request_buffering off;
        }

        location ~ \.(?:css|js|svg|gif)$ {
            try_files $uri /nextcloud/index.php$request_uri;
            expires 6M;         # Cache-Control policy borrowed from `.htaccess`
            access_log off;     # Optional: Don't log access to assets
        }

        location ~ \.woff2?$ {
            try_files $uri /nextcloud/index.php$request_uri;
            expires 7d;         # Cache-Control policy borrowed from `.htaccess`
            access_log off;     # Optional: Don't log access to assets
        }

        location /nextcloud {
            try_files $uri $uri/ /nextcloud/index.php$request_uri;
        }
    }
}

然后测试 nginx 配置文件

1
sudo nginx -t

重新加载测试文件

1
sudo nginx -s reload

配置 nextcloud 的 php 配置文件

配置文件在/var/www/nextcloud/config/中,你安装在其他地方就是安装路径/nextcloud/config/中,里面有一个示例文档,可以看一眼,配置文件如下

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
<?php
$CONFIG = array (
  'datadirectory' => '/var/www/nextcloud/data/',
  'dbtype' => 'mysql',
  'version' => '25.0.3.2',
  'overwriteprotocol' => 'https',
  # 你的域名
  'overwritehost' => 'xx.xx.xx',
  # 这个是指你的根,就像xxx.xxx.xxx/nextcloud/
  'overwritewebroot' => 'nextcloud',
  'overwrite.cli.url' => 'https://xx.xx.xx/',

  # 配置redis
  'memcache.local' => 'OC\Memcache\APCu',
  'memcache.locking'=>'\OC\Memcache\Redis',
  'redis' => [
        'host' => 'localhost', // can also be a unix domain socket: '/tmp/redis.sock'
        'port' => 6379,
        'timeout' => 0.0,
        'read_timeout' => 0.0,
        'user' =>  '', // Optional, if not defined no password will be used.
        'password' => '', // Optional, if not defined no password will be used.

然后打开你设置的域名就可以打开页面了,创建管理员账户,输入数据库地址端口和用户,localhost:3306就可以了,默认端口就是 3306,数据文件夹记得改权限。

debug

遇到问题看/var/log/nginx/nextcloud.error错误日志或者 nginx 错误日志,都是一个文件夹,程序错误日志在/nextcloud/data/nextcloud.log,可能遇到权限问题自己改一下。