Shulou(Shulou.com)06/03 Report--

Install NextCloud 16 on Ubuntu 19.04

Change sources.list

Cp-p / etc/apt/sources.list / etc/apt/sources.list.bk

> / etc/apt/sources.list

Vi / etc/apt/sources

# Ali Yunyuan

Deb http://mirrors.aliyun.com/ubuntu/ disco main restricted universe multiverse

Deb-src http://mirrors.aliyun.com/ubuntu/ disco main restricted universe multiverse

Deb http://mirrors.aliyun.com/ubuntu/ disco-security main restricted universe multiverse

Deb-src http://mirrors.aliyun.com/ubuntu/ disco-security main restricted universe multiverse

Deb http://mirrors.aliyun.com/ubuntu/ disco-updates main restricted universe multiverse

Deb-src http://mirrors.aliyun.com/ubuntu/ disco-updates main restricted universe multiverse

Deb http://mirrors.aliyun.com/ubuntu/ disco-backports main restricted universe multiverse

Deb-src http://mirrors.aliyun.com/ubuntu/ disco-backports main restricted universe multiverse

Deb http://mirrors.aliyun.com/ubuntu/ disco-proposed main restricted universe multiverse

Deb-src http://mirrors.aliyun.com/ubuntu/ disco-proposed main restricted universe multiverse

-

Apt install nginx

Systemctl start nginx

Systemctl enable nginx

Check status:

Systemctl status nginx

● nginx.service-A high performance web server and a reverse proxy server

Loaded: loaded (/ lib/systemd/system/nginx.service; enabled; vendor preset: enabled)

Active: active (running) since Mon 2019-07-01 12:35:57 UTC; 30s ago

Docs: man:nginx (8)

Main PID: 15119 (nginx)

Tasks: 5 (limit: 2276)

Memory: 5.7M

CGroup: / system.slice/nginx.service

├─ 15119 nginx: master process / usr/sbin/nginx-g daemon on; master_process on

├─ 15120 nginx: worker process

├─ 15121 nginx: worker process

├─ 15122 nginx: worker process

└─ 15123 nginx: worker process

Apt install php7.2 php7.2-bz2 php7.2-cli php7.2-common php7.2-curl php7.2-fpm php7.2-gd php7.2-imagick php7.2-intl php7.2-json php7.2-ldap php7.2-mbstring php7.2-mysql php7.2-opcache php7.2-readline php7.2-xml php7.2-zip

Sudo systemctl start php7.2-fpm

Enable auto-start at boot time.

Sudo systemctl enable php7.2-fpm

Check status:

Systemctl status php7.2-fpm

● php7.2-fpm.service-The PHP 7.2 FastCGI Process Manager

Loaded: loaded (/ lib/systemd/system/php7.2-fpm.service; enabled; vendor preset: enabled)

Active: active (running) since Mon 2019-07-01 12:38:13 UTC; 26s ago

Docs: man:php-fpm7.2 (8)

Main PID: 25832 (php-fpm7.2)

Status: "Processes active: 0, idle: 2, Requests: 0, slow: 0, Traffic: 0req/sec"

Tasks: 3 (limit: 2276)

Memory: 8.7M

CGroup: / system.slice/php7.2-fpm.service

├─ 25832 php-fpm: master process (/ etc/php/7.2/fpm/php-fpm.conf)

├─ 25841 php-fpm: pool www

└─ 25842 php-fpm: pool www

Here are the commands to run to install MariaDB 10.4 from the MariaDB repository on your Ubuntu system:

Sudo apt-get install software-properties-common

Sudo apt-key adv-recv-keys-keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8

Sudo add-apt-repository 'deb [arch=amd64] http://mirrors.tuna.tsinghua.edu.cn/mariadb/repo/10.4/ubuntu disco main'

Once the key is imported and the repository added you can install MariaDB 10.4 from the MariaDB repository with:

Sudo apt update

Sudo apt install mariadb-server

See Installing MariaDB .deb Files for more information and for instructions on installing MariaDB Galera Cluster.

You can also create a custom MariaDB sources.list file. To do so, after importing the signing key as outlined above, copy and paste the following into a file under / etc/apt/sources.list.d/ (we suggest naming the file MariaDB.list or something similar), or add it to the bottom of your / etc/apt/sources.list file.

# MariaDB 10.4 repository list-created 2019-07-01 12:27 UTC

# http://downloads.mariadb.org/mariadb/repositories/

Deb [arch=amd64] http://mirrors.tuna.tsinghua.edu.cn/mariadb/repo/10.4/ubuntu disco main

Deb-src http://mirrors.tuna.tsinghua.edu.cn/mariadb/repo/10.4/ubuntu disco main

# apt-get install mariadb-server

Check version

Mysql-version

Mysql Ver 15.1 Distrib 10.4.6-MariaDB, for debian-linux-gnu (x86 / 64) using readline 5.2

$mysql-u root-p

Now that you are in create a database:

CREATE DATABASE nextcloud

Now you need to create the user that will be used to connect to the database:

CREATE USER 'ncadmin'@'localhost' IDENTIFIED BY' Fairchild

The last step is to grant the privileges to the new user:

GRANT ALL PRIVILEGES ON nextcloud.* TO 'ncadmin'@'localhost'

FLUSH PRIVILEGES

When you're done type Ctrl-D to exit.

Nginx configuration

Https://docs.nextcloud.com/server/16/admin_manual/installation/nginx.html#

Vi / etc/nginx/sites-available/nextcloud

Upstream php-handler {

# server 127.0.0.1:9000

Server unix:/var/run/php/php7.2-fpm.sock

}

Server {

Listen 80

Listen [::]: 80

Server_name pan.example.com

# enforce https

Return 301 https://$server_name$request_uri;

}

Server {

Listen 443 ssl http2

Listen [::]: 443 ssl http2

Server_name cloud.example.com

# Use Mozilla's guidelines for SSL/TLS settings

# https://mozilla.github.io/server-side-tls/ssl-config-generator/

# NOTE: some settings below might be redundant

Ssl_certificate / etc/ssl/nginx/pan.example.com.crt

Ssl_certificate_key / etc/ssl/nginx/pan.example.com.key

# Add headers to serve security related headers

# Before enabling Strict-Transport-Security headers please read into this

# topic first.

Add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"

#

# WARNING: Only add the preload option once you read about

# the consequences in https://hstspreload.org/. This option

# will add the domain to a hardcoded list that is shipped

# in all major browsers and getting removed from this list

# could take several months.

Add_header X-Content-Type-Options nosniff

Add_header X-XSS-Protection "1; mode=block"

Add_header X-Robots-Tag none

Add_header X-Download-Options noopen

Add_header X-Permitted-Cross-Domain-Policies none

Add_header Referrer-Policy no-referrer

# Remove X-Powered-By, which is an information leak

Fastcgi_hide_header X-Powered-By

# Path to the root of your installation

Root / var/www/nextcloud/

Location = / robots.txt {

Allow all

Log_not_found off

Access_log off

}

# The following 2 rules are only needed for the user_webfinger app.

# Uncomment it if you're planning to use this app.

# rewrite ^ / .well-known/host-meta / public.php?service=host-meta last

# rewrite ^ / .well-known/host-meta.json / public.php?service=host-meta-json last

# The following rule is only needed for the Social app.

# Uncomment it if you're planning to use this app.

# rewrite ^ / .well-known/webfinger / public.php?service=webfinger last

Location = / .well-known/carddav {

Return 301$ scheme://$host/remote.php/dav

}

Location = / .well-known/caldav {

Return 301$ scheme://$host/remote.php/dav

}

# set max upload size

Client_max_body_size 512M

Fastcgi_buffers 64 4K

# Enable gzip but do not remove ETag headers

Gzip on

Gzip_vary on

Gzip_comp_level 4

Gzip_min_length 256

Gzip_proxied expired no-cache no-store private no_last_modified no_etag auth

Gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy

# Uncomment if your server is build with the ngx_pagespeed module

# This module is currently not supported.

# pagespeed off

Location / {

Rewrite ^ / index.php$request_uri

}

Location ~ ^\ / (?: build | tests | config | lib | 3rdparty | templates | data)\ / {

Deny all

}

Location ~ ^\ / (?:\. | autotest | occ | issue | indie | db_ | console) {

Deny all

}

Location ~ ^\ / (?: index | remote | public | cron | core\ / ajax\ / update | status | ocs\ / v [12] | updater\ /. + | oc[ Ms]-provider\ /. +)\ .php (?: $|\ /) {

Fastcgi_split_path_info ^ (. +?\ .php) (\ /. * |) $

Include fastcgi_params

Fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name

Fastcgi_param PATH_INFO $fastcgi_path_info

Fastcgi_param HTTPS on

# Avoid sending the security headers twice

Fastcgi_param modHeadersAvailable true

Fastcgi_param front_controller_active true

Fastcgi_pass php-handler

Fastcgi_intercept_errors on

Fastcgi_request_buffering off

}

Location ~ ^\ / (?: updater | o [Ms]-provider) (?: $|\ /) {

Try_files $uri/ = 404

Index index.php

}

# Adding the cache control header for js, css and map files

# Make sure it is BELOW the PHP block

Location. (?: css | js | woff2? | svg | gif | map) ${

Try_files $uri / index.php$request_uri

Add_header Cache-Control "public, max-age=15778463"

# Add headers to serve security related headers (It is intended to

# have those duplicated to the ones above)

# Before enabling Strict-Transport-Security headers please read into

# this topic first.

# add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"

#

# WARNING: Only add the preload option once you read about

# the consequences in https://hstspreload.org/. This option

# will add the domain to a hardcoded list that is shipped

# in all major browsers and getting removed from this list

# could take several months.

Add_header X-Content-Type-Options nosniff

Add_header X-XSS-Protection "1; mode=block"

Add_header X-Robots-Tag none

Add_header X-Download-Options noopen

Add_header X-Permitted-Cross-Domain-Policies none

Add_header Referrer-Policy no-referrer

# Optional: Don't log access to assets

Access_log off

}

Location. (?: png | html | ttf | ico | jpg | jpeg) ${

Try_files $uri / index.php$request_uri

# Optional: Don't log access to other assets

Access_log off

}

}

Ln-s / etc/nginx/sites-available/nextcloud / etc/nginx/sites-enabled/nextcloud

Mkdir / etc/ssl/nginx

Copy ssl file to / etc/ssl/nginx

Wget https://download.nextcloud.com/server/releases/nextcloud-16.0.1.zip

Unzip nextcloud-16.0.1.zip-d / var/www/

Mkdir-p / data/nextcloud-data

Chown-R www-data:www-data nextcloud / data/nextcloud-data

Open

Install 16.0.1 with Nginx error handling

The installation of PHP does not appear to be correct and the system environment variables cannot be accessed. The getenv ("PATH") function test returned a null value. Refer to the PHP configuration instructions in the installation documentation ↗ to check your server's PHP configuration information, especially when using php-fpm.

Vi / etc/php/7.2/fpm/php-fpm.conf

Env [HOSTNAME] = $HOSTNAME

Env [PATH] = / usr/local/bin:/usr/bin:/bin

Env [TMP] = / tmp

Env [TMPDIR] = / tmp

Env [TEMP] = / tmp

This server does not have an available Internet connection: multiple nodes cannot be accessed. This means that some functions such as mounting external storage, update notifications, and installing third-party applications will not work. Remote access to files and sending notification messages may not work either. Enable the Internet connection on this server to enjoy all features.

Just turn on the Internet access to the host computer.

The PHP memory limit is lower than the recommended value 512MB.

Vi / etc/php/7.2/fpm/php.ini

Memory_limit = 1024m

The request header "Strict-Transport-Security" for HTTP is not set to at least "15552000" seconds. To improve security, it is recommended that you enable HSTS according to the instructions in security tips ↗.

Vi / etc/nginx/sites-enabled/nextcloud remove #

Add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"

The memory cache is not configured. In order to improve the experience, please configure the memory cache as much as possible. See the documentation for more information.

Vi / var/www/nextcloud/config/config.php adds the following parameters.

'memcache.local' = >'\ OC\ Memcache\ APCu'

'filelocking.enabled' = > true

'memcache.locking' = >'\ OC\ Memcache\ Redis'

'redis' = > [

'host' = >' localhost'

'port' = > 6379

'timeout' = > 3

]

Memory caching

FYI:

Https://docs.nextcloud.com/server/16/admin_manual/configuration_server/caching_configuration.html#

Apt install php7.2-apcu redis-server php7.2-redis

Systemctl start redis

Systemctl enable redis

Check status

1. Systemctl status redis

● redis-server.service-Advanced key-value store

Loaded: loaded (/ lib/systemd/system/redis-server.service; enabled; vendor preset: enabled)

Active: active (running) since Mon 2019-07-01 12:42:36 UTC; 25s ago

Docs: http://redis.io/documentation,

Man:redis-server (1)

Main PID: 27127 (redis-server)

Tasks: 4 (limit: 2276)

Memory: 2.0M

CGroup: / system.slice/redis-server.service

└─ 27127 / usr/bin/redis-server 127.0.0.1:6379

Jul 01 12:42:36 u1904 systemd [1]: Starting Advanced key-value store...

Jul 01 12:42:36 u1904 systemd [1]: redis-server.service: Can't open PID file / run/redis/redis-server.pid (yet?) After start: No such file or directory

Jul 01 12:42:36 u1904 systemd [1]: Started Advanced key-value store.

2. Ps ax | grep redis

27127? Ssl 0:00 / usr/bin/redis-server 127.0.0.1:6379

27421 pts/0 S+ 0:00 grep-color=auto redis

Apt install memcached php7.2-memcached

Ps ax | grep memcached

27647? Ssl 0:00 / usr/bin/memcached-m 64-p 11211-u memcache-l 127.0.0.1-P / var/run/memcached/memcached.pid

28430 pts/0 R + 0:00 grep-color=auto memcached

Vi / var/www/nextcloud/config/config.php

'memcache.locking' = >'\ OC\ Memcache\ Redis'

'memcache.distributed' = >'\ OC\ Memcache\ Redis'

'memcache.local' = >'\ OC\ Memcache\ Redis'

'redis' = > [

'host' = >' localhost'

'port' = > 6379

'timeout' = > 3

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.