【Linux】Ubuntu 22.04 上安装最新版 Nextcloud Hub 7 (28.0.1)

发布时间:2024年01月08日

在 Ubuntu 22.04 上安装 PHP 版本

安装多个 PHP 版本的最简单方法是使用来自 Debian 开发人员 Ond?ej Sury 的 PPA。要添加此 PPA,请在终端中运行以下命令。如果要从 PPA 安装软件,则需要 software-properties-common 包。它会自动安装在 Ubuntu 桌面上,但可能会在您的 Ubuntu 服务器上丢失。

sudo apt install software-properties-common
sudo add-apt-repository ppa:ondrej/php
sudo apt update

SURY 存储库包含 PHP 8.1、8.0、7.4、7.3、7.2、7.1、7.0 和 PHP 5.6。由于 PHP 的最新稳定版本是 8.0,但许多网站仍然需要 PHP 7。您可以在系统上安装任何所需的 PHP 版本。

安装 PHP 8.2

现在您可以通过执行以下命令在 Ubuntu 上安装PHP8.0:

sudo apt-get install php8.2 php8.2-fpm

并安装一些常见的PHP8.2扩展。

sudo apt-get install php8.2-mysql php8.2-mbstring php8.2-xml php8.2-gd php8.2-curl
sudo apt-get install php8.2-curl php8.2-dom php8.2-mbstring php8.2-imagick php8.2-ldap php8.2-imap php8.2-mysql php8.2-gd php8.2-zip php8.2-bz2 php8.2-intl php8.2-smbclient php8.2-bcmath php8.2-gmp php8.2-apcu php8.2-memcached php8.2-redis php8.2-phar

出现提示时,按 y 确认安装。

您可以通过键入sudo apt-get install php8.2 并按两次 Tab 键来查看所有可用的PHP8.0扩展名。

修改用户组为 www :

root      651154       1  0 Jan01 ?        00:00:02 php-fpm: master process (/etc/php/8.2/fpm/php-fpm.conf)
www-data  651155  651154  0 Jan01 ?        00:00:00 php-fpm: pool www
www-data  651156  651154  0 Jan01 ?        00:00:00 php-fpm: pool www

cd  /etc/php/8.2/fpm/pool.d 
vim  www.conf

; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
;       will be used.
user = www
group = www

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions. The owner
; and group can be specified either by name or by their numeric IDs.
; Default Values: Owner is set to the master process running user. If the group
;                 is not set, the owner's group is used. Mode is set to 0660.
listen.owner = www
listen.group = www

重新启动php-fpm

sudo systemctl  restart  php8.2-fpm

下载 NextCloud

登录:https://nextcloud.com/install 并单击 download for server按钮以查看最新版本。

# 下载最新的版本
wget https://download.nextcloud.com/server/releases/latest.zip
# 安装unzip
sudo apt install unzip
# 解压到指定的目录
sudo unzip latest.zip  -d /usr/share/nginx/ 
# 修改文件目录属性 
sudo chown www:www /usr/share/nginx/nextcloud/ -R

在MariaDB数据库服务器中为Nextcloud创建数据库和用户

sudo mysql

# 创建 nextcloud 数据库
create database nextcloud;
# 创建用户并赋权限 
grant all privileges on nextcloud.* to nextclouduser@localhost identified by 'your-password';
grant all privileges on nextcloud.* to nextclouduser@localhost identified by 'your-password';
# 刷新权限并退出
flush privileges;
exit;

为Nextcloud创建Nginx配置文件

当Nextcloud放置在nginx安装的webroot中时,应使用以下配置。在此示例中,它是, /var/www/nextcloud 并且可以通过以下方式 http(s)😕/cloud.example.com/ 访问

sudo vim /etc/nginx/conf.d/nextcloud.conf 
upstream php-handler {
    server 127.0.0.1:9000;
    #server unix:/run/php/php8.o-fpm.sock;
}

# Set the `immutable` cache control options only for assets with a cache busting `v` argument
map $arg_v $asset_immutable {
    "" "";
    default "immutable";
}


server {
    listen 80;
    listen [::]:80;
    server_name cloud.example.com;

    # Prevent nginx HTTP Server Detection
    server_tokens off;

    # Enforce HTTPS
    return 301 https://$server_name$request_uri;
}

server {
    listen 443      ssl http2;
    listen [::]:443 ssl http2;
    server_name cloud.example.com;

    # Path to the root of your installation
    root /var/www/nextcloud;

    # Use Mozilla's guidelines for SSL/TLS settings
    # https://mozilla.github.io/server-side-tls/ssl-config-generator/
    ssl_certificate     /etc/ssl/nginx/cloud.example.com.crt;
    ssl_certificate_key /etc/ssl/nginx/cloud.example.com.key;

    # Prevent nginx HTTP Server Detection
    server_tokens off;

    # HSTS settings
    # WARNING: Only add the preload option once you read about
    # the consequences in https://hstspreload.org/. This option
    # will add the domain to a hardcoded list that is shipped
    # in all major browsers and getting removed from this list
    # could take several months.
    #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always;

    # set max upload size and increase upload timeout:
    client_max_body_size 512M;
    client_body_timeout 300s;
    fastcgi_buffers 64 4K;

    # Enable gzip but do not remove ETag headers
    gzip on;
    gzip_vary on;
    gzip_comp_level 4;
    gzip_min_length 256;
    gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
    gzip_types application/atom+xml text/javascript application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;

    # Pagespeed is not supported by Nextcloud, so if your server is built
    # with the `ngx_pagespeed` module, uncomment this line to disable it.
    #pagespeed off;

    # The settings allows you to optimize the HTTP2 bandwidth.
    # See https://blog.cloudflare.com/delivering-http-2-upload-speed-improvements/
    # for tuning hints
    client_body_buffer_size 512k;

    # HTTP response headers borrowed from Nextcloud `.htaccess`
    add_header Referrer-Policy                   "no-referrer"       always;
    add_header X-Content-Type-Options            "nosniff"           always;
    add_header X-Frame-Options                   "SAMEORIGIN"        always;
    add_header X-Permitted-Cross-Domain-Policies "none"              always;
    add_header X-Robots-Tag                      "noindex, nofollow" always;
    add_header X-XSS-Protection                  "1; mode=block"     always;

    # Remove X-Powered-By, which is an information leak
    fastcgi_hide_header X-Powered-By;

    # Add .mjs as a file extension for javascript
    # Either include it in the default mime.types list
    # or include you can include that list explicitly and add the file extension
    # only for Nextcloud like below:
    include mime.types;
    types {
        text/javascript js mjs;
    }

    # Specify how to handle directories -- specifying `/index.php$request_uri`
    # here as the fallback means that Nginx always exhibits the desired behaviour
    # when a client requests a path that corresponds to a directory that exists
    # on the server. In particular, if that directory contains an index.php file,
    # that file is correctly served; if it doesn't, then the request is passed to
    # the front-end controller. This consistent behaviour means that we don't need
    # to specify custom rules for certain paths (e.g. images and other assets,
    # `/updater`, `/ocs-provider`), and thus
    # `try_files $uri $uri/ /index.php$request_uri`
    # always provides the desired behaviour.
    index index.php index.html /index.php$request_uri;

    # Rule borrowed from `.htaccess` to handle Microsoft DAV clients
    location = / {
        if ( $http_user_agent ~ ^DavClnt ) {
            return 302 /remote.php/webdav/$is_args$args;
        }
    }

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    # Make a regex exception for `/.well-known` so that clients can still
    # access it despite the existence of the regex rule
    # `location ~ /(\.|autotest|...)` which would otherwise handle requests
    # for `/.well-known`.
    location ^~ /.well-known {
        # The rules in this block are an adaptation of the rules
        # in `.htaccess` that concern `/.well-known`.

        location = /.well-known/carddav { return 301 /remote.php/dav/; }
        location = /.well-known/caldav  { return 301 /remote.php/dav/; }

        location /.well-known/acme-challenge    { try_files $uri $uri/ =404; }
        location /.well-known/pki-validation    { try_files $uri $uri/ =404; }

        # Let Nextcloud's API for `/.well-known` URIs handle all other
        # requests by passing them to the front-end controller.
        return 301 /index.php$request_uri;
    }

    # Rules borrowed from `.htaccess` to hide certain paths from clients
    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/)  { return 404; }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console)                { return 404; }

    # Ensure this block, which passes PHP files to the PHP process, is above the blocks
    # which handle static assets (as seen below). If this block is not declared first,
    # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
    # to the URI, resulting in a HTTP 500 error response.
    location ~ \.php(?:$|/) {
        # Required for legacy support
        rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;

        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        set $path_info $fastcgi_path_info;

        try_files $fastcgi_script_name =404;

        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $path_info;
        fastcgi_param HTTPS on;

        fastcgi_param modHeadersAvailable true;         # Avoid sending the security headers twice
        fastcgi_param front_controller_active true;     # Enable pretty urls
        fastcgi_pass php-handler;

        fastcgi_intercept_errors on;
        fastcgi_request_buffering off;

        fastcgi_max_temp_file_size 0;
    }

    # Serve static files
    location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ {
        try_files $uri /index.php$request_uri;
        add_header Cache-Control "public, max-age=15778463, $asset_immutable";
        access_log off;     # Optional: Don't log access to assets

        location ~ \.wasm$ {
            default_type application/wasm;
        }
    }

    location ~ \.woff2?$ {
        try_files $uri /index.php$request_uri;
        expires 7d;         # Cache-Control policy borrowed from `.htaccess`
        access_log off;     # Optional: Don't log access to assets
    }

    # Rule borrowed from `.htaccess`
    location /remote {
        return 301 /remote.php$request_uri;
    }

    location / {
        try_files $uri $uri/ /index.php$request_uri;
    }
}

问题解决

  1. IP 受限的问题。
#vim  config.php 
##  添加内容
 'trusted_domains' =>
  array (
    0 => 'cloud.taida.ltd',
    1 => '192.168.31.10',
  ),
  1. HTTP 强制转换为 HTTPS 的问题

不知道从哪个版本开始,安装指导和配置文件内,都开始指向 https了,即便没有申请证书,也会指向和强制把 http => https 。 修改配置文件,取消这一设定,保持 http 就可以了


<?php
$CONFIG = array (
  'instanceid' => '444',
  'passwordsalt' => 'r333333',
  'secret' => '4444444',
  'trusted_domains' => 
  array (
    0 => 'cloud.demo.com',
    1 => '192.168.31.10',
  ),
  'datadirectory' => '/www/cloud.demo.com/nextcloud/data',
  'dbtype' => 'mysql',
  'version' => '28.0.1.1',
  
  # https://cloud.demo.com 修改为 http://cloud.demo.com
  'overwrite.cli.url' => 'http://cloud.demo.com',
 
  # 'overwriteprotocol' => 'https' 修改 http
  'overwriteprotocol' => 'http',                              
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'clouder',
  'dbpassword' => '11111',
  'installed' => true,
);

  1. PHP 内存限制低于建议值 512 MB

#修改php.ini文件
vim /etc/php/8.2/fpm/php.ini
memory_limit = 1024M

  1. PHP 的安装似乎不正确,无法访问系统环境变量。getenv(“PATH”) 函数测试返回了一个空值。
cd  /etc/php/8.2/fpm/pool.d
vim www.conf 

;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp

#打开注释 
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp

#执行
printenv PATH
/home/user/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:
/sbin:/bin:/

#重启php-fpm
systemctl restart php8.2-fpm

  1. 当前正在使用数据库处理事务性文件锁定。若有内存缓存可用,请进行配置以提升性能

修改config.php 文件添加如下内容:

'filelocking.enabled' => true,
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => array(
     'host' => 'localhost',
     'port' => 6379,
     'timeout' => 0.0,
     'password' => '', // Optional, if not defined no password will be used.
      ),

  1. 未配置内存缓存。若有内存缓存可用,请进行配置以提升性能

APCu is faster at local caching than Redis. If you have enough memory, use APCu for Memory Caching and Redis for File Locking. If you are low on memory, use Redis for both.

修改config.php 文件添加如下内容:

'memcache.local' => '\OC\Memcache\APCu',
  1. 您在安装过程中未设置默认的国际区号。缺失国际区号的电话号码时将使用默认的国际区号进行验证。要允许无国际区号的电话,请在您的配置文件中添加 “default_phone_region” 设置选项并依照 ISO 3166-1 进行设置。

修改config.php 文件添加如下内容:

'default_phone_region' => 'CN',
  1. PHP OPcache 模块没有正确配置

root@erp:/etc/php/8.2/fpm/conf.d# more  10-opcache.ini 
; configuration for php opcache module
; priority=10
zend_extension=opcache.so
;opcache.jit=off
opcache.save_comments = 1
opcache.revalidate_freq = 60
opcache.validate_timestamps = 0
opcache.jit = 1255
opcache.jit_buffer_size = 128M

  1. 解决Nextcloud新建用户默认语言是英文且默认地区是美国的方法
    语言设置,设置为中文
    编辑 config/config.php添加以下配置
  "force_locale" => "zh",
  "force_language" => "zh_CN",
#需要重启 nginx, php-fpm
systemctl restart php8.2-fpm
systemctl restart nginx 

参考: https://www.limvs.cn/archives/2490#NextCloud-config%20%E9%85%8D%E7%BD%AE%E5%8F%82%E6%95%B0%20%E2%80%93%20GOC%E4%BA%91

文章来源:https://blog.csdn.net/ihero/article/details/135333062
本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。