惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Simon Willison's Weblog
Simon Willison's Weblog
P
Privacy International News Feed
www.infosecurity-magazine.com
www.infosecurity-magazine.com
T
Troy Hunt's Blog
Hacker News - Newest:
Hacker News - Newest: "LLM"
Attack and Defense Labs
Attack and Defense Labs
S
Secure Thoughts
V2EX - 技术
V2EX - 技术
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
O
OpenAI News
Cloudbric
Cloudbric
Google Online Security Blog
Google Online Security Blog
Schneier on Security
Schneier on Security
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Help Net Security
Help Net Security
Cyberwarzone
Cyberwarzone
G
GRAHAM CLULEY
L
Lohrmann on Cybersecurity
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Spread Privacy
Spread Privacy
NISL@THU
NISL@THU
N
News and Events Feed by Topic
T
Tenable Blog
S
Security @ Cisco Blogs
N
News and Events Feed by Topic
The Hacker News
The Hacker News
C
CXSECURITY Database RSS Feed - CXSecurity.com
宝玉的分享
宝玉的分享
月光博客
月光博客
酷 壳 – CoolShell
酷 壳 – CoolShell
美团技术团队
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Google DeepMind News
Google DeepMind News
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
Tailwind CSS Blog
V
Visual Studio Blog
P
Proofpoint News Feed
Webroot Blog
Webroot Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
博客园 - 三生石上(FineUI控件)
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Jina AI
Jina AI
雷峰网
雷峰网
T
The Blog of Author Tim Ferriss
Hugging Face - Blog
Hugging Face - Blog
腾讯CDC
L
LangChain Blog
The Register - Security
The Register - Security
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 聂微东

博客园 - AuOK?

深夜发文,惨痛教训,在redis集群中,不能使用 multi docker-compose 记录一个让人抓狂的错误 SVN 同一个仓库下,不同目录的自动更新方法 写点正则表达式的 MySQL 事务嵌套的方法 go mod PHP笔记 NGINXConfig windows 下修改文件属性值 nextcloud 应用开发 记录一下搞nextcloud的辛酸事吧 docker容器内访问宿主机,访问不通 错误:Host is unreachable 记录一下SQL的行行比较 记录一次nginx平滑升级 letsencrypt免费SSL证书自动续期 守护进程因echo挂掉的原因,以及重定向标准输入、标准输出和标准错误 openresty lua-nginx-module模块中文文档 记录一下,php正则获取字符串子串技巧 nginx localhost的坑
nextcloud环境搭建及部署
AuOK? · 2021-11-08 · via 博客园 - AuOK?

创建专属用户

groupadd www
useradd -r -g www www

安装依赖

yum -y install wget make gcc gcc-c++ pcre openssl openssl-devel zlib unzip cmake ncurses-devel libjpeg libjpeg-devel libpng libpng-devel libxml2 libxml2-devel curl-devel libtool libtool-ltdl libtool-ltdl-devel libevent libevent-devel zlib-static zlib-devel autoconf pcre-devel gd perl freetype freetype-devel bzip2 bzip2-devel gmp-devel libc-client-devel libicu-devel libzip-devel ImageMagick-devel libsmbclient-devel

libzip-devel 这个依赖有版本要求,具体要看在编译安装php时的提示,版本太高需要利用cmake来编译安装

安装Mysql8.0 - mysql-8.0.27-el7-x86_64.tar.gz

tar -xvzf mysql-8.0.27-el7-x86_64.tar.gz
mv mysql-8.0.27-el7-x86_64 /usr/local/mysql
mkdir /usr/local/mysql/data
chown -R www:www /usr/local/mysql
chmod -R 755 /usr/local/mysql

设置环境变量

touch /etc/profile.d/mysql.sh && echo 'export PATH=$PATH:/usr/local/mysql/bin' > /etc/profile.d/mysql.sh && source /etc/profile

初始化数据库

mysqld --initialize --user=www --datadir=/usr/local/mysql/data --basedir=/usr/local/mysql

编辑MySQL配置文件

[mysqld]
    #datadir=/var/lib/mysql
    socket=/tmp/mysql.sock
    # Disabling symbolic-links is recommended to prevent assorted security risks
    symbolic-links=0
    # Settings user and group are ignored when systemd is used.
    # If you need to run mysqld under a different user or group,
    # customize your systemd unit file for mariadb according to the
    # instructions in http://fedoraproject.org/wiki/Systemd
    #
    
    datadir = /usr/local/mysql/data
    port = 3306
    #sql_mode = NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES
    max_connections = 600
    pid-file = /usr/local/mysql/mysql.pid
    
    character_set_server = utf8mb4
    collation_server = utf8mb4_general_ci
    #设置事务为读已提交
    transaction_isolation = READ-COMMITTED
    #设置binlog日志格式
    binlog_format = ROW
    innodb_file_per_table = 1
    
    [mysqld_safe]
    #log-error=/var/log/mariadb/mariadb.log
    #pid-file=/var/run/mariadb/mariadb.pid
    
    log-error = /usr/local/mysql/error.log
    pid-file = /usr/local/mysql/mysql.pid
    user = www
    tmpdir = /tmp
    
    [client]
    default-character-set = utf8mb4
    
    [server]
    skip_name_resolve = 1
    innodb_buffer_pool_size = 128M
    innodb_buffer_pool_instances = 1
    innodb_flush_log_at_trx_commit = 2
    innodb_log_buffer_size = 32M
    innodb_max_dirty_pages_pct = 90
    tmp_table_size = 64M
    max_heap_table_size = 64M
    slow_query_log = 1
    slow_query_log_file = /usr/local/mysql/slow.log
    long_query_time = 1
    
    #
    # include all files from the config directory
    #
    !includedir /etc/my.cnf.d

初始化完成后,需要  利用 临时密码登录mysql,修改root密码

启动MySQL

配置开机自启

cp /usr/local/mysql8/support-files/mysql.server /etc/init.d/mysql
chmod +x /etc/init.d/mysql
chkconfig --add mysql

安装PHP8

./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-fpm-user=www --with-fpm-group=www --with-curl --enable-gd  --with-freetype --enable-mbstring --with-openssl --with-zip --with-zlib --with-pdo-mysql --with-bz2 --enable-intl --with-ldap --enable-ftp --with-imap --with-imap-ssl --enable-bcmath --with-gmp --enable-exif --with-kerberos --enable-fpm --enable-pcntl --enable-phar --with-jpeg --with-sodium --enable-exif

如果遇到安装了libzip(符合所需的版本),此时还报libzip的错,则执行下面命令,然后再执行上一步

export PKG_CONFIG_PATH="/usr/local/lib/pkgconfig/"
make && make install
#如果在编译时遇到 error adding symbols: DSO missing from command,则在Makefile文件的EXTRA_LIBS这一行末尾添加 -llber,然后再次make

创建配置文件

cp php.ini-x /usr/local/php/etc/php.ini
cd /usr/local/php/etc
cp php-fpm.conf.default php-fpm.conf
cd php-fpm.d
cp www.conf.default www.conf

修改网站的php-fpm配置文件

#下面几行取消注释
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin/:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp

编辑php-fpm服务文件 vim /etc/systemed/system/php-fpm.service

[Unit]    
Description
=The php fastcgi process manager After=syslog.target network.target [Service] Type=simple PIDFile=/run/php-fpm.pid ExecStart=/usr/local/php/sbin/php-fpm --nodaemonize --fpm-config /usr/local/php/etc/php-fpm.conf ExecReload=/bin/kill -USR2 $MAINPID ExecStop=/bin/kill -SIGINT $MAINPID [Install] WantedBy=multi-user.target

设置环境变量

touch /etc/profile.d/php.sh && echo 'export PATH=$PATH:/usr/local/php/bin' > /etc/profile.d/php.sh && source /etc/profile

设置开机启动

systemctl daemon-reload
systemctl enable php-fpm.service

安装PHP扩展:imagick、smbclient、redis,编译完成后,在php.ini里载入这些扩展,然后重启php-fpm

安装nginx

./configure --prefix=/usr/local/nginx --user=www
make && make install

编辑服务文件 /etc/systemd/system/nginx.service

[Unit]
Description=nginx service
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s quit
PrivateTmp=true

[Install]
WantedBy=multi-user.target

设置开机启动

systemctl daemon-reload
systemctl enable nginx.service

设置环境变量

touch /etc/profile.d/nginx.sh && echo 'export PATH=$PATH:/usr/local/nginx/sbin' > /etc/profile.d/nginx.sh && source /etc/profile

安装redis , 编辑redis服务文件 /etc/init.d/redis

#!/bin/sh
#Configurations injected by install_server below....

EXEC=/usr/local/redis/src/redis-server
CLIEXEC=/usr/local/redis/src/redis-cli
PIDFILE=/var/run/redis_6379.pid
CONF="/usr/local/redis/redis.conf"
REDISPORT="6379"
###############
# SysV Init Information
# chkconfig: - 58 74
# description: redis_6379 is the redis daemon.
### BEGIN INIT INFO
# Provides: redis_6379
# Required-Start: $network $local_fs $remote_fs
# Required-Stop: $network $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Should-Start: $syslog $named
# Should-Stop: $syslog $named
# Short-Description: start and stop redis_6379
# Description: Redis daemon
### END INIT INFO

case "$1" in
    start)
        if [ -f $PIDFILE ]
        then
            echo "$PIDFILE exists, process is already running or crashed"
        else
            echo "Starting Redis server..."
            $EXEC $CONF
        fi
        ;;
    stop)
        if [ ! -f $PIDFILE ]
        then
            echo "$PIDFILE does not exist, process is not running"
        else
            PID=$(cat $PIDFILE)
            echo "Stopping ..."
            $CLIEXEC -p $REDISPORT shutdown
            while [ -x /proc/${PID} ]
            do
                echo "Waiting for Redis to shutdown ..."
                sleep 1
            done
            echo "Redis stopped"
        fi
        ;;
    status)
        PID=$(cat $PIDFILE)
        if [ ! -x /proc/${PID} ]
        then
            echo 'Redis is not running'
        else
            echo "Redis is running ($PID)"
        fi
        ;;
    restart)
        $0 stop
        $0 start
        ;;
    *)
        echo "Please use start, stop, restart or status as first argument"
        ;;
esac

设置开机启动

chmod +x /etc/init.d/redis
chkconfig --add redis

部署nextcloud代码,编辑nginx站点配置文件

https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html
如果不用https,把ssl相关去掉就好

SELinux配置

https://docs.nextcloud.com/server/21/admin_manual/installation/selinux_configuration.html

服务器调优

https://docs.nextcloud.com/server/21/admin_manual/installation/server_tuning.html

PHP配置内容缓存

https://docs.nextcloud.com/server/21/admin_manual/configuration_server/caching_configuration.html

注意事项

nginx 、php-fpm 、nextcloud代码所在目录都必须是统一用户,否则会出现权限不足问题
SELinux 配置错误,也有可能出现权限不足的问题
redis 配置文件锁定时,也需要将redis启动用户加入到web服务的用户所在的用户组里,否则也会出现无法锁定问题

踩坑

nginx、apache+fpm 与 **nextcloud22.2.0**版本不兼容,不知道是我部署的过程有问题还是本身有BUG。
在fpm下,22.2.0版本重装好几次都没成功,要么是样式不正常,首次登陆404循环调整(apache),就是在菜单“照片”下/remote.php/dav/死循环跳转,换了两台机器去装一样没解决,后面同样的配置,21.0.5版本就没什么问题。

记录一下

还是太菜了,踩坑踩了,两三天才搞好。。。