Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- pkg install nano
- -------
- pkg install nginx
- echo 'nginx_enable="YES"' >> /etc/rc.conf
- service nginx start
- mkdir -p /var/nginx/{client_body_temp,proxy_temp} && chown -R www:www /var/nginx/
- mkdir /usr/local/etc/nginx/conf.d
- nano /usr/local/etc/nginx/nginx.conf
- load_module /usr/local/libexec/nginx/ngx_mail_module.so;
- load_module /usr/local/libexec/nginx/ngx_stream_module.so;
- user www;
- worker_processes auto;
- pid /var/run/nginx.pid;
- events {
- use kqueue;
- worker_connections 1024;
- multi_accept on;
- }
- http {
- # Basic settings
- # ----------
- sendfile on;
- tcp_nopush on;
- tcp_nodelay on;
- reset_timedout_connection on;
- keepalive_timeout 65;
- keepalive_requests 1000;
- types_hash_max_size 2048;
- server_tokens off;
- send_timeout 30;
- server_names_hash_max_size 4096;
- # Common limits
- # ----------
- client_max_body_size 100m; # upload size
- client_body_buffer_size 1m;
- client_header_timeout 3m;
- client_body_timeout 3m;
- client_body_temp_path /var/nginx/client_body_temp;
- proxy_connect_timeout 5;
- proxy_send_timeout 10;
- proxy_read_timeout 10;
- proxy_buffer_size 4k;
- proxy_buffers 8 16k;
- proxy_busy_buffers_size 64k;
- proxy_temp_file_write_size 64k;
- proxy_temp_path /var/nginx/proxy_temp;
- include mime.types;
- default_type application/octet-stream;
- # Logs format
- # ----------
- log_format main '$remote_addr - $host [$time_local] "$request" '
- '$status $body_bytes_sent "$http_referer" '
- '"$http_user_agent" "$http_x_forwarded_for"'
- 'rt=$request_time ut=$upstream_response_time '
- 'cs=$upstream_cache_status';
- log_format cache '$remote_addr - $host [$time_local] "$request" $status '
- '$body_bytes_sent "$http_referer" '
- 'rt=$request_time ut=$upstream_response_time '
- 'cs=$upstream_cache_status';
- access_log /var/log/nginx/access.log main;
- error_log /var/log/nginx/error.log warn;
- # GZip config
- # ----------
- gzip on;
- gzip_static on;
- gzip_types text/plain text/css text/javascript text/xml application/x-javascript application/javascript application/xml application/json image/x-icon;
- gzip_comp_level 9;
- gzip_buffers 16 8k;
- gzip_proxied expired no-cache no-store private auth;
- gzip_min_length 1000;
- gzip_disable "msie6"
- gzip_vary on;
- # Cache config
- # ----------
- proxy_cache_valid 1m;
- # Virtual host config
- # ----------
- include /usr/local/etc/nginx/conf.d/*.conf;
- }
- -------
- nano /usr/local/etc/nginx/conf.d/nextcloud.conf
- server {
- listen 80;
- charset utf-8;
- server_name _;
- access_log /var/log/nginx/nextcloud.access.log;
- error_log /var/log/nginx/nextcloud.error.log;
- # add_header Strict-Transport-Security 'max-age=631138519; includeSubDomains; preload' always;
- # add_header X-Content-Type-Options nosniff;
- # add_header X-Frame-Options SAMEORIGIN;
- # add_header X-XSS-Protection '1; mode=block';
- # add_header X-Robots-Tag none;
- # add_header X-Download-Options noopen;
- # add_header X-Permitted-Cross-Domain-Policies none;
- # add_header X-Content-Security-Policy "allow 'self';";
- # add_header X-WebKit-CSP "allow 'self';";
- root /usr/local/www/;
- location = /robots.txt {
- deny all;
- }
- location / {
- deny all;
- return 404;
- }
- location ^~ /cloud {
- client_max_body_size 10G;
- fastcgi_buffers 64 4K;
- gzip off;
- error_page 403 /cloud/core/templates/403.php;
- error_page 404 /cloud/core/templates/404.php;
- location ~ ^/cloud/(data|config|.ht|db_structure.xml|README) {
- deny all;
- }
- location ~* /cloud/remote/(?:.*)$ {
- rewrite ^ /cloud/remote.php last;
- }
- # logo
- location ~* /cloud/core/(?:js/oc.js|preview.png).*$ {
- rewrite ^ /cloud/index.php last;
- }
- # WEB download files
- location ~* /cloud/apps/(?:files/ajax/upload.php).*$ {
- rewrite ^ /cloud/index.php last;
- }
- # Theme Nextcloud
- location ~* /cloud/apps/(?:theming/styles.css).*$ {
- rewrite ^ /cloud/index.php last;
- }
- location /cloud {
- rewrite ^/cloud/caldav(.*)$ /cloud/remote.php/caldav$1 redirect;
- rewrite ^/cloud/carddav(.*)$ /cloud/remote.php/carddav$1 redirect;
- rewrite ^/cloud/webdav(.*)$ /cloud/remote.php/webdav$1 redirect;
- rewrite ^(/cloud/core/doc/[^/]+/)$ $1/index.html;
- if ($uri !~* (?:.(?:css|js|svg|gif|png|html|ttf|woff)$|^/cloud/(?:remote|public|cron|status|ocs/v1|ocs/v2).php)){
- rewrite ^ /cloud/index.php last;
- }
- }
- location ~* ^(?!/cloud/remote.php)(?:.*).(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf|html|svg|ttf|woff)$ {
- expires 30d;
- access_log off;
- }
- location ~ .php(?:$|/) {
- include fastcgi_params;
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- fastcgi_param PATH_INFO $fastcgi_path_info;
- fastcgi_pass unix:/var/run/php-fpm.sock;
- fastcgi_param HTTPS off;
- fastcgi_param modHeadersAvailable true;
- fastcgi_param front_controller_active true;
- fastcgi_intercept_errors on;
- fastcgi_request_buffering off;
- }
- }
- }
- -------
- pkg install mariadb101-{server,client}
- echo 'mysql_enable="YES"' >> /etc/rc.conf
- ls -l /usr/local/share/mysql/my*.cnf
- cp /usr/local/share/mysql/my-small.cnf /usr/local/etc/my.cnf
- sed -i "" "s/max_allowed_packet = .*/max_allowed_packet = 32M/" /usr/local/etc/my.cnf
- service mysql-server start && /usr/local/bin/mysql_secure_installation // all yes
- mysql -u root -p // 12345678
- CREATE DATABASE nextcloud CHARACTER SET utf8;
- CREATE USER cloud@localhost IDENTIFIED BY '12345678';
- GRANT ALL PRIVILEGES ON nextcloud.* TO cloud@localhost;
- FLUSH PRIVILEGES;
- QUIT;
- service mysql-server restart
- -------
- cd /usr/local/www
- pkg install ca_root_nss && fetch https://download.nextcloud.com/server/releases/nextcloud-10.0.1.zip
- unzip nextcloud-10.0.1.zip
- mv /usr/local/www/nextcloud/ /usr/local/www/cloud/
- rm -f nextcloud-10.0.1.zip
- mkdir /usr/local/www/cloud/data && chown -R www:www /usr/local/www/
- -------
- pkg install redis
- echo 'redis_enable="YES"' >> /etc/rc.conf
- sed -i "" "s/port 6379/port 0/" /usr/local/etc/redis.conf
- sed -i "" "s/# unixsocket /tmp/redis.sock/unixsocket /tmp/redis.sock/" /usr/local/etc/redis.conf
- sed -i "" "s/# unixsocketperm 700/unixsocketperm 777/" /usr/local/etc/redis.conf
- service redis start
- redis-cli -s /tmp/redis.sock // проверка работы сокета
- -------
- pkg search php70
- pkg install php70 mod_php70 php70-pdo_mysql php70-mysqli php70-redis php70-gd php70-curl php70-json php70-zip php70-dom php70-xmlwriter php70-xmlreader php70-xml php70-mbstring php70-ctype php70-zlib php70-simplexml php70-hash php70-fileinfo php70-posix php70-iconv php70-filter php70-openssl
- echo 'php_fpm_enable="YES"' >> /etc/rc.conf
- cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini && rehash
- sed -i "" "s/memory_limit = .*/memory_limit = 512M/" /usr/local/etc/php.ini
- sed -i "" "s/;date.timezone.*/date.timezone = UTC/" /usr/local/etc/php.ini
- sed -i "" "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/" /usr/local/etc/php.ini
- sed -i "" "s/upload_max_filesize = .*/upload_max_filesize = 10240M/" /usr/local/etc/php.ini
- sed -i "" "s/post_max_size = .*/post_max_size = 10240M/" /usr/local/etc/php.ini
- sed -i "" "s/listen = .*/listen = /var/run/php-fpm.sock/" /usr/local/etc/php-fpm.d/www.conf
- sed -i "" "s/;listen.owner = www/listen.owner = www/" /usr/local/etc/php-fpm.d/www.conf
- sed -i "" "s/;listen.group = www/listen.group = www/" /usr/local/etc/php-fpm.d/www.conf
- sed -i "" "s/;listen.mode = 0660/listen.mode = 0660/" /usr/local/etc/php-fpm.d/www.conf
- nano /usr/local/etc/php-fpm.d/www.conf // uncomment
- env[HOSTNAME] = $HOSTNAME
- env[PATH] = /usr/local/bin:/usr/bin:/bin
- env[TMP] = /tmp
- env[TMPDIR] = /tmp
- env[TEMP] = /tmp
- php-fpm -t
- service php-fpm start
- -------
- nano /usr/local/www/cloud/config/config.php
- <?php
- $CONFIG = array(
- 'trusted_domains' => array (
- 0 => '192.168.1.*',
- ),
- 'datadirectory' => '/usr/local/www/cloud/data',
- 'dbtype' => 'mysql',
- 'defaultapp' => 'files',
- 'knowledgebaseenabled' => false,
- 'enable_avatars' => false,
- 'allow_user_to_change_display_name' => true,
- 'remember_login_cookie_lifetime' => 60*60*24*15,
- 'session_lifetime' => 60 * 60 * 24,
- 'session_keepalive' => true,
- 'token_auth_enforced' => false,
- 'auth.bruteforce.protection.enabled' => true,
- 'trashbin_retention_obligation' => 'auto, 30',
- 'versions_retention_obligation' => 'auto',
- 'updatechecker' => false,
- 'check_for_working_webdav' => true,
- 'check_for_working_htaccess' => false,
- 'config_is_read_only' => false,
- 'memcache.local' => 'OCMemcacheRedis',
- 'memcache.locking' => 'OCMemcacheRedis',
- 'memcache.distributed' => 'OCMemcacheRedis',
- 'redis' => array(
- 'host' => '/tmp/redis.sock',
- 'port' => 0,
- 'timeout' => 0.0,
- ),
- );
- nano /usr/local/etc/php/ext-30-pdo_mysql.ini
- [mysql]
- mysql.allow_local_infile=On
- mysql.allow_persistent=On
- mysql.cache_size=2000
- mysql.max_persistent=-1
- mysql.max_links=-1
- mysql.default_port=
- mysql.default_socket=/tmp/mysql.sock
- mysql.default_host=
- mysql.default_user=
- mysql.default_password=
- mysql.connect_timeout=60
- mysql.trace_mode=Off
- -------
- service nginx restart && service php-fpm restart
- http://192.168.1.*/cloud
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement