Toggle navigation
Home
安装部署
Archives
Tags
OwnCloud with Nginx
环境搭建
2019-05-06 06:51:53
44
0
0
louyj
环境搭建
编译安装php(enable-fpm) ./configure --prefix=/root/programs/php5.6 --with-libxml-dir=/usr --with-pdo-pgsql=/usr --with-pgsql=/usr --enable-mbstring=all --enable-zip --with-zlib --enable-xml --enable-sockets --with-mcrypt --with-bz2 --with-openssl --with-gd --with-curl -enable-maintainer-zts --with-config-file-path=/root/programs/php5.6/etc --with-freetype-dir --with-jpeg-dir --with-png-dir --enable-ftp --enable-fpm --disable-cgi --with-iconv --enable-bcmath --enable-calendar --enable-exif --enable-libxml --with-xmlrpc --with-gettext --enable-pcntl --enable-sysvsem --enable-inline-optimization --enable-soap make make install ln -s /root/programs/php5.6/bin/php /usr/bin/php cp /root/sources/php-5.6.7/php.ini-production /root/programs/php5.6/etc/php.ini #下载证书 wget https://curl.haxx.se/ca/cacert.pem mv cacert.pem /root/programs/php5.6/cacert.pem vi /root/programs/php5.6/etc/php.ini date.timezone = Asia/Shanghai openssl.cafile=/root/programs/php5.6/cacert.pem max_execution_time = 600 max_input_time = 600 upload_max_filesize=2048M post_max_size=2048 memory_limit=512M 修改fpm配置文件 hen you are using php-fpm, system environment variables like PATH, TMP or others are not automatically populated in the same way as when using php-cli. A PHP call like getenv('PATH'); can therefore return an empty result. So you may need to manually configure environment variables in the appropropriate php-fpm ini/config file. cp /root/programs/php5.6/etc/php-fpm.conf.default /root/programs/php5.6/etc/php-fpm.conf vi /root/programs/php5.6/etc/php-fpm.conf ----- listen = 127.0.0.1:9100 user = daemon group = daemon pm = ondemand pm.max_children = 50 #System environment variables env[HOSTNAME] = $HOSTNAME env[PATH] = $PATH env[TMP] = /tmp env[TMPDIR] = /tmp env[TEMP] = /tmp #path INI options can be relative and will be expanded with the prefix php_admin_value[upload_max_filesize]=2048M php_admin_value[post_max_size]=2048M php_admin_value[memory_limit]=512M php_admin_value[max_execution_time]=600 php_admin_value[max_input_time]=600 测试启动fpm /root/programs/php5.6/sbin/php-fpm -t /root/programs/php5.6/sbin/php-fpm 修改nginx配置 user daemon; worker_processes 5; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; upstream php-handler { server 127.0.0.1:9100; } server { listen 8888; server_name cloud.louyj.top; #charset koi8-r; access_log logs/cloud.access.log; add_header X-Content-Type-Options nosniff; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; root /root/sites/owncloud; location = /robots.txt { allow all; log_not_found off; access_log off; } rewrite ^/.well-known/host-meta /owncloud/public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /owncloud/public.php?service=host-meta-json last; rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; location /.well-known/acme-challenge { } client_max_body_size 10G; fastcgi_buffers 64 4K; gzip off; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location / { rewrite ^ /index.php$uri; } location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { return 404; } location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; } location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) { fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; # fastcgi_param HTTPS on; fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice fastcgi_param front_controller_active true; fastcgi_pass php-handler; fastcgi_intercept_errors on; fastcgi_request_buffering off; } location ~ ^/(?:updater|ocs-provider)(?:$|/) { try_files $uri $uri/ =404; index index.php; } location ~* \.(?:css|js)$ { try_files $uri /index.php$uri$is_args$args; add_header Cache-Control "public, max-age=7200"; # Add headers to serve security related headers (It is intended to have those duplicated to the ones above) # Before enabling Strict-Transport-Security headers please read into this topic first. #add_header Strict-Transport-Security "max-age=15552000; includeSubDomains"; add_header X-Content-Type-Options nosniff; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; # Optional: Don't log access to assets access_log off; } location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ { try_files $uri /index.php$uri$is_args$args; # Optional: Don't log access to other assets access_log off; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } } Nginx with ssl user daemon; worker_processes 5; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; upstream php-handler { server 127.0.0.1:9100; } server { listen 80; server_name cloud.louyj.top; # enforce https return 301 https://$server_name$request_uri; } server { listen 443 ssl; server_name cloud.louyj.top; ssl_certificate /root/programs/nginx/ssl/server.crt; ssl_certificate_key /root/programs/nginx/ssl/server.key; ssl_password_file /root/programs/nginx/ssl/pass.txt; #charset koi8-r; access_log logs/cloud.access.log; add_header X-Content-Type-Options nosniff; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; root /root/sites/owncloud; location = /robots.txt { allow all; log_not_found off; access_log off; } rewrite ^/.well-known/host-meta /owncloud/public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /owncloud/public.php?service=host-meta-json last; #rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; #rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; location = /.well-known/carddav { return 301 $scheme://$host/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host/remote.php/dav; } location /.well-known/acme-challenge { } client_max_body_size 10G; fastcgi_buffers 64 4K; gzip off; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location / { rewrite ^ /index.php$uri; } location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { return 404; } location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; } location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) { fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param HTTPS on; fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice fastcgi_param front_controller_active true; fastcgi_pass php-handler; fastcgi_intercept_errors on; fastcgi_request_buffering off; } location ~ ^/(?:updater|ocs-provider)(?:$|/) { try_files $uri $uri/ =404; index index.php; } location ~* \.(?:css|js)$ { try_files $uri /index.php$uri$is_args$args; add_header Cache-Control "public, max-age=7200"; # Add headers to serve security related headers (It is intended to have those duplicated to the ones above) # Before enabling Strict-Transport-Security headers please read into this topic first. #add_header Strict-Transport-Security "max-age=15552000; includeSubDomains"; add_header X-Content-Type-Options nosniff; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; # Optional: Don't log access to assets access_log off; } location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ { try_files $uri /index.php$uri$is_args$args; # Optional: Don't log access to other assets access_log off; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } }
Pre:
OwnCloud with Memory Cache
Next:
Leanote安装
0
likes
44
Weibo
Wechat
Tencent Weibo
QQ Zone
RenRen
Submit
Sign in
to leave a comment.
No Leanote account?
Sign up now.
0
comments
More...
Table of content
louyj
No Leanote account? Sign up now.