基于Docker安装Nextcloud且配置HTTPS

8月 13, 2018

Linux

1. 配置

本次在Ubuntu18.04上使用Docker安装Nextcloud并配置HTTPS

配置

这东西让我从半夜两点折腾到早上6点半！

遇到问题一定要看容器日志

通篇都不要忘记修改cloud.example.com为自己的域名

安装Docker

1	curl -sSL https://get.daocloud.io/docker \| sh

安装 docker-compose

1	sudo apt install docker-compose

配置Docker Hub镜像[可选步骤]

去这里来 https://www.daocloud.io/mirror 搞一个账号权限回来，然后复制Linux的命令

1	curl -sSL https://get.daocloud.io/daotools/set_mirror.sh \| sh -s http://xxxxx.m.daocloud.io

执行后重启Docker服务

1	sudo systemctl restart docker.service

Docker 常用命令[可选看]

# 查看运行中的容器
docker ps
# 查看本地镜像
docker images
# 打开容器的shell
sudo docker exec -i -t 容器名称 shell名称[sh/bash]

创建必要的目录

1	mkdir -p nextcloud/data nextcloud/config nextcloud/apps nextcloud/themes nextcloud/redis nextcloud/docker/nginx/conf.d

编写 docker-compose.yml

version: '2'

networks:
  default:
    driver: bridge

services:
  C-nginx:
    image: nginx
    container_name: C-nginx
    expose:
      - "443"  #暴露nextcloud的443端口，以用作映射
      - "80"  #暴露nginx的80端口，以用作映射
    ports:
      - "80:80"  #映射80端口到本机80端口
      - "443:443"  #映射443端口到本机443端口
    depends_on:
      - C-nextcloud
    volumes:
      - 刚才创建的目录的路径/nextcloud/docker/nginx/conf.d:/etc/nginx/conf.d  # Place your vhost here
      - 本地证书目录:/etc/nginx/crt  # SSL
    restart: always
  C-nextcloud:
    image: wonderfall/nextcloud
    container_name: C-nextcloud
    expose:
      - "8888"
    depends_on:
      - C-redis                  # If using Redis
    environment:
      - UID=1000
      - GID=1000
      - UPLOAD_MAX_SIZE=10G
      - MEMORY_LIMIT=1024M
      - APC_SHM_SIZE=256M
      - OPCACHE_MEM_SIZE=256
      - CRON_PERIOD=10m
      - TZ=Asia/Shanghai
      - ADMIN_USER=adminuser            # Don't set to configure through browser
      - ADMIN_PASSWORD=adminpassword        # Don't set to configure through browser
      - DOMAIN=cloud.example.com
      - DB_TYPE=mysql # Or sqlite3
      - DB_NAME=nextcloud
      - DB_USER=user
      - DB_PASSWORD=password
      - DB_HOST=172.10.0.1 # 你的Mysql的服务器的IP，或者宿主机的IP
    volumes:
      - 刚才创建的目录的路径/nextcloud/data:/data
      - 刚才创建的目录的路径/nextcloud/config:/config
      - 刚才创建的目录的路径/nextcloud/apps:/apps2
      - 刚才创建的目录的路径/nextcloud/themes:/nextcloud/themes
    restart: always

  # If using Redis
  C-redis:
    image: redis:alpine
    container_name: C-redis
    volumes:
      - 刚才创建的目录的路径/redis:/data
    restart: always
    expose:
      - "6379"

创建 nextcloud.conf

记得修改域名、证书

文件保存在刚才创建的目录的路径/nextcloud/docker/nginx/conf.d

server {
    listen 80 http2;
    server_name cloud.example.com;

    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    server_name cloud.example.com;

    ssl_certificate /etc/nginx/crt/example.com.cert.pem;
    ssl_certificate_key /etc/nginx/crt/example.com.key.pem;

    error_page  497 https://$host:443$request_uri;

    client_max_body_size 10G;
    location / {
        proxy_redirect off;
        proxy_pass http://C-nextcloud:8888;
        proxy_buffering off;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header X-Forwarded-Proto https;
        proxy_read_timeout 300s;
    }
    location = /.htaccess {
        return 404;
    }
}

开始部署

1 2	cd 刚才创建的目录的路径/nextcloud/docker sudo docker-compose up -d

部署完毕后他会自动启动，并且开机启动，自动重启

在Config.php中配置Redis

# Redis
'memcache.distributed' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' => 
array (
    'host' => 'C-redis',
    'port' => 6379,
    'openssl' => 
    array (
        'config' => '/absolute/location/of/openssl.cnf',
    ),
),

在Config.php中配置数据库

'dbtype' => 'mysql',
'dbname' => 'nextcloud',
'dbhost' => '数据库主机:端口',
'dbport' => '数据库主机的端口',
'dbtableprefix' => 'oc_', # 数据库表前缀
'mysql.utf8mb4' => true,
'dbuser' => 'oc_baixl', # 自动生成
'dbpassword' => '5/YmXC7/OP15T9Ge73D7Y9R2tzODDK', #自动生成

在Config.php配置重定向地址

1 2	'overwritehost' => 'cloud.example.com', 'overwriteprotocol' => 'https',

在Config.php中配置允许的域名

'trusted_domains' => array(
    0 => 'cloud.example.com',
    1 => '域名'
),

排查错误

刚才创建的3个容器的名字分别是C-nginx、C-redis、C-nextcloud

想要查看某个容器的日志就直接使用下面的命令

1	sudo docker logs -f -t --tail 10 容器名称

停止、删除容器

当你不想玩了，就先停止然后再删除容器

# 停止容器
sudo docker stop C-nginx C-nextcloud C-redis
# 删除容器
sudo docker rm C-nginx C-nextcloud C-redis

删除Docker

清理Docker

1	sudo docker system prune

删除刚才安装的一切东西

1	sudo apt remove docker docker-engine docker.io docker-compose && sudo apt purge docker-ce && sudo apt autoremove -y

prev：推荐MySQL客户端 next：使用Snap安装nextcloud网盘并配置HTTPS