nextCloud是一个开源文件同步和共享软件。
它是一个OwnCloud的叉子，在个人和企业级别找到它的使用。
它最近由Frank Karlitschek开始，谁在早些时候创建了OwnCloud项目。
NextCloud不仅拥有OWNCLOUD的所有功能，还计划提供新的和创新的。

在本文中，我们将学习如何使用nginx(发音为Enginex)，MariaDB和PHP7在Debian 8上安装最新版本的NextCloud。

1)安装NextCloud

NextCloud文件可用于从NextCloud服务器下载。
我们可以下载zip文件并解压缩以完成安装。

# wget https://download.nextcloud.com/server/releases/nextcloud-10.0.1.zip

# unzip nextcloud-10.0.1.zip

让我们将NextCloud目录移动到/var/www，并将所有权更改为www-data

# mkdir /var/www/
# mv nextcloud /var/www/
# rm -f nextcloud-10.0.1.zip
# chown -R www-data: /var/www/nextcloud

2)安装nginx

nginx是开放的，也是最常用的Web服务器之一。
它有效地工作，使用最小硬件秤均匀，即使在负载下也提供良好的响应。
安装它只是执行APT-Get install命令的简单任务。

# apt-get update
# apt-get install nginx -y

我们可以查看已安装的nginx版本，以及查看服务是否已启动的状态。

# nginx -v
#service nginx status

或者，我们还可以将浏览器指向服务器的IP并查看nginx欢迎页面：

3)安装MariaDB

安装MariaDB服务器和客户端软件

# apt-get install mariadb-server-10.0 mariadb-client-10.0 -y

在配置DB时，将要求我们设置"管理"root用户的密码。
提供密码并退出。

验证已安装的版本

# mysql --version
mysql Ver 15.1 Distrib 10.0.27-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2

我们可以通过运行MySQL Secure安装，进一步安全地保护安装。
建议为生产服务器推荐这一点。

# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
You already have a root password set, so you can safely answer 'n'.
Change the root password? [Y/n] n
... skipping.
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!

4)为NextCloud创建数据库和用户

使用前面设置的密码登录MariaDB，同时配置DB。

# mysql -u root -p
Enter password:

现在，创建用户并为同一用户设置密码。

MariaDB [(none)]> create database nextcloud;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> create user nxtcloudadmin@localhost identified by 'admin123';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all privileges on nextcloud.* to nxtcloudadmin@localhost identified by 'admin123'
-> ;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> exit;

5)为MariaDB启用二进制日志记录

二进制日志包含数据更改和对DB的结构更改。
此日志可用于复制和数据恢复。
要启用此功能，请编辑文件/etc/mysql/my。
CNF并添加以下行

log-bin = /var/log/mysql/mariadb-bin
log-bin-index = /var/log/mysql/mariadb-bin.index
binlog_format = mixed

此后，重新加载MySQL Server

# service mysql reload

6)安装PHP7

首先，检查系统上是否已安装PHP。
为此，请执行以下命令

# dpkg --list |grep php

如果没有，请找出我们拥有的Debian版本并获取相应的包。

# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 8.6 (jessie)
Release: 8.6
Codename: jessie

在上面的示例中，释放名称是'jessie'。
因此，让我们将Jessie包详细信息添加到源列表中，添加键，然后安装所需的PHP包。

# echo 'deb http://packages.dotdeb.org jessie all' >> /etc/apt/sources.list
# echo 'deb-src http://packages.dotdeb.org jessie all' >> /etc/apt/sources.list
# cd /tmp
# wget https://www.dotdeb.org/dotdeb.gpg
# apt-key add dotdeb.gpg
apt-get update
root@debian-theitroad:~# apt install php7.0-common php7.0-fpm php7.0-cli php7.0-json php7.0-mysql php7.0-curl php7.0-intl php7.0-mcrypt php-pear php7.0-gd php7.0-zip php7.0-xml php7.0-mbstring

7)为NextCloud域获得免费的SSL证书

为了在任何上启用HTTPS，我们需要从证书颁发机构(CA)中获取证书。
"Let’s Encrypt "是为域提供免费SSL证书的CA。

为此，我们需要首先安装"Git"包，然后克隆Github存储库下载letsencrypt

# apt-get install git bc -y
# git clone https://github.com/letsencrypt/letsencrypt

现在，我们可以通过更改为"letsencrypt"目录并发出单个命令来获取SSL证书：

# /letsencrypt-auto certonly --standalone --email <your-email-address> --agree-tos -d <your-node-name>

8)为域设置虚拟主机

要创建虚拟主机，请使用"域名"创建文件。
Conf'扩展(例如，Nodenixbox。
在这种情况下)在路径/etc/nginx /站点中，启用并添加下面给出的内容。

注意：我们需要使用自己的域名替换节点名称(以红色)，并将SSL证书路径(以蓝色)更改为SSL证书所在的位置。

upstream php-handler {
server unix:/run/php/php7.0-fpm.sock;
}
server {
listen 80;
server_name nodenixbox.com;
}
server {
listen 443 ssl;
server_name nodenixbox.com;
ssl_certificate /etc/letsencrypt/live/nodenixbox.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/nodenixbox.com/privkey.pem;
# Path to the root of your installation
root /var/www/nextcloud/;
# set max upload size
client_max_body_size 10G;
fastcgi_buffers 64 4K;
# Disable gzip to avoid the removal of the ETag header
gzip off;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
rewrite ^/.well-known/carddav /remote.php/dav/permanent;
rewrite ^/.well-known/caldav /remote.php/dav/permanent;
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/{
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location/{
rewrite ^/remote/(.*) /remote.php last;
rewrite ^(/core/doc/[^\/]+/)$/index.html;
try_files $uri $uri/=404;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
}
# Adding the cache control header for js and css files
# Make sure it is BELOW the location ~ \.php(?:$|/) { block
location ~* \.(?:css|js)${
add_header Cache-Control "public, max-age=7200";
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Optional: Don't log access to assets
access_log off;
}
# Optional: Don't log access to other assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)${
access_log off;
}
}

9)访问NextCloud Web界面

要创建和管理NextCloud管理帐户，请将浏览器指向域名。
在此示例中，它是'https：//nodenixbox。
COM'。
这将打开一个如下所示的窗口，要求创建管理员帐户。
在同一页面的底部，我们会注意到另一个框询问数据库用户，密码和数据库名称。
在此处输入安装MariaDB时创建的帐户的详细信息，然后按"完成设置"按钮。