使用owncloud搭建私有云

闲来无事,将闲置VPS搭建一个私有云。

所需配置

  • vps主机一台
  • oneinstack 安装包
  • owncloud 安装包

步骤

  • 安装oneinstack(略)
    1. 安装mysql
    2. 安装PHP
    3. 安装Nginx/Apache (owncloud 默认使用Apache做web服务器、如果使用Nginx需要修改NGINX配置、见下文)
    4. 安装Redis/Memcache(解决内存太小问题、提升访问速度)
  • 安装owncloud

    当前最新地址 https://download.owncloud.org/community/owncloud-10.0.9.tar.bz2

    1
    2
    3
    4
    5
    6
    7
    #下载owncloud安装包
    $ wget https://download.owncloud.org/community/owncloud-10.0.9.tar.bz2
    #解压文件
    $ tar -jxf owncloud-10.0.9.tar.bz2
    #拷贝文件至/data/wwwroot/
    $ mkdir /data/wwwroot/owncloud && cp -r owncloud/* /data/wwwroot/owncloud/
    #以上有一处坑点!cp命令复制的时候回忽略.开头的文件 .htaccess .usr.ini 这两个文件需要手动移动至目标文件夹
  • 接下来创建对应的数据库和用户(略)

  • 使用./vhost.sh创建虚拟主机(oneinstack)

  • 依据文档修改nginx配置

附上简略nginx配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
server {
listen 80;
listen 443 ssl http2;
ssl_certificate /usr/local/nginx/conf/ssl/fuck.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/fuck.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_timeout 10m;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_buffer_size 1400;
# add_header Strict-Transport-Security max-age=15768000;
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this topic first.
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;

# set max upload size
# client_max_body_size 512M;
# fastcgi_buffers 8 4K; # Please see note 1
# fastcgi_ignore_headers X-Accel-Buffering; # Please see note 2
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
ssl_stapling on;
ssl_stapling_verify on;
server_name fuck.happyhack.cn;
access_log /data/wwwlogs/fuck.happyhack.cn_nginx.log combined;
index index.html index.htm index.php;
root /data/wwwroot/owncloud;
if ($ssl_protocol = "") { return 301 https://$host$request_uri; }

include /usr/local/nginx/conf/rewrite/none.conf;
#error_page 404 /404.html;
#error_page 502 /502.html;
location / {
rewrite ^ /index.php$uri;
}

location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
return 404;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
return 404;
}


location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name; # necessary for owncloud to detect the contextroot https://github.com/owncloud/core/blob/v10.0.0/lib/private/AppFramework/Http/Request.php#L603
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
fastcgi_param front_controller_active true;
fastcgi_read_timeout 180; # increase default timeout e.g. for long running carddav/ caldav syncs with 1000+ entries
fastcgi_pass unix:/dev/shm/php-cgi.sock;
fastcgi_intercept_errors on;
fastcgi_request_buffering off; #Available since NGINX 1.7.11
}

location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri $uri/ =404;
index index.php;
}
#location ~ [^/]\.php(/|$) {
# #fastcgi_pass remote_php_ip:9000;
# fastcgi_pass unix:/dev/shm/php-cgi.sock;
# fastcgi_index index.php;
# include fastcgi.conf;
#}

location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri $uri/ =404;
index index.php;
}
location ~ \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg|map)$ {
add_header Cache-Control "public, max-age=7200";
try_files $uri /index.php$uri$is_args$args;
# Optional: Don't log access to other assets
access_log off;
}
location ~ \.(?:css|js)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "max-age=15778463";
# Add headers to serve security related headers (It is intended to have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read into this topic first.
#add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
expires 7d;
# Optional: Don't log access to assets
access_log off;
}
location ~ /\.ht {
deny all;
}
}
  • 重启nginx

访问web安装界面

创建管理员用户、选择使用mysql为数据库。大功告成!

优化

使用crontab定时命令来代替Ajax执行脚本

1
2
3
4
5
6
7
#查看php所在路径
$ which php
/usr/local/php/bin/php
# 使用www用户添加定时任务 (可能会让你选择使用什么编辑器、当然是vim啦!)
$ sudo crontab -u www -e
# 添加以下代码 30分钟执行一次任务
30 * * * * /usr/local/php/bin/php -f /data/wwwroot/owncloud/cron.php

客户端安装