Untitled

pkg install nano

-------

pkg install nginx
echo 'nginx_enable="YES"' >> /etc/rc.conf
service nginx start

mkdir -p /var/nginx/{client_body_temp,proxy_temp} && chown -R www:www /var/nginx/
mkdir /usr/local/etc/nginx/conf.d

nano /usr/local/etc/nginx/nginx.conf
load_module /usr/local/libexec/nginx/ngx_mail_module.so;
load_module /usr/local/libexec/nginx/ngx_stream_module.so;

user www;
worker_processes auto;

pid /var/run/nginx.pid;

events {
  use kqueue;
  worker_connections 1024;
  multi_accept on;
}
http {

  # Basic settings
  # ----------

  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;
  reset_timedout_connection on;
  keepalive_timeout 65;
  keepalive_requests 1000;
  types_hash_max_size 2048;
  server_tokens off;
  send_timeout 30;
  server_names_hash_max_size 4096;

  # Common limits
  # ----------

  client_max_body_size 100m; # upload size
  client_body_buffer_size 1m;
  client_header_timeout 3m;
  client_body_timeout 3m;

  client_body_temp_path /var/nginx/client_body_temp;

  proxy_connect_timeout 5;
  proxy_send_timeout 10;
  proxy_read_timeout 10;

  proxy_buffer_size 4k;
  proxy_buffers 8 16k;
  proxy_busy_buffers_size 64k;
  proxy_temp_file_write_size 64k;

  proxy_temp_path /var/nginx/proxy_temp;

  include mime.types;
  default_type application/octet-stream;

  # Logs format
  # ----------

  log_format main '$remote_addr - $host [$time_local] "$request" '
                  '$status $body_bytes_sent "$http_referer" '
                  '"$http_user_agent" "$http_x_forwarded_for"'
                  'rt=$request_time ut=$upstream_response_time '
                  'cs=$upstream_cache_status';

  log_format cache '$remote_addr - $host [$time_local] "$request" $status '
                   '$body_bytes_sent "$http_referer" '
                   'rt=$request_time ut=$upstream_response_time '
                   'cs=$upstream_cache_status';

  access_log /var/log/nginx/access.log main;
  error_log /var/log/nginx/error.log warn;

  # GZip config
  # ----------

  gzip on;
  gzip_static on;
  gzip_types text/plain text/css text/javascript text/xml application/x-javascript application/javascript application/xml application/json image/x-icon;
  gzip_comp_level 9;
  gzip_buffers 16 8k;
  gzip_proxied expired no-cache no-store private auth;
  gzip_min_length 1000;
  gzip_disable "msie6"
  gzip_vary on;

  # Cache config
  # ----------

  proxy_cache_valid 1m;

  # Virtual host config
  # ----------

  include /usr/local/etc/nginx/conf.d/*.conf;
}

-------

nano /usr/local/etc/nginx/conf.d/nextcloud.conf
server {
  listen 80;
  charset utf-8;

  server_name _;

  access_log /var/log/nginx/nextcloud.access.log;
  error_log /var/log/nginx/nextcloud.error.log;

#  add_header Strict-Transport-Security 'max-age=631138519; includeSubDomains; preload' always;
#  add_header X-Content-Type-Options nosniff;
#  add_header X-Frame-Options SAMEORIGIN;
#  add_header X-XSS-Protection '1; mode=block';
#  add_header X-Robots-Tag none;
#  add_header X-Download-Options noopen;
#  add_header X-Permitted-Cross-Domain-Policies none;
#  add_header X-Content-Security-Policy "allow 'self';";
#  add_header X-WebKit-CSP "allow 'self';";

  root /usr/local/www/;

  location = /robots.txt {
    deny all;
  }

  location / {
    deny all;
    return 404;
  }

  location ^~ /cloud {

    client_max_body_size 10G;
    fastcgi_buffers 64 4K;

    gzip off;

    error_page 403 /cloud/core/templates/403.php;
    error_page 404 /cloud/core/templates/404.php;

    location ~ ^/cloud/(data|config|.ht|db_structure.xml|README) {
      deny all;
    }

    location ~* /cloud/remote/(?:.*)$ {
      rewrite ^ /cloud/remote.php last;
    }

    # logo
    location ~* /cloud/core/(?:js/oc.js|preview.png).*$ {
      rewrite ^ /cloud/index.php last;
    }

    # WEB download files
    location ~* /cloud/apps/(?:files/ajax/upload.php).*$ {
      rewrite ^ /cloud/index.php last;
    }

    # Theme Nextcloud
    location ~* /cloud/apps/(?:theming/styles.css).*$ {
      rewrite ^ /cloud/index.php last;
    }

    location /cloud {
      rewrite ^/cloud/caldav(.*)$ /cloud/remote.php/caldav$1 redirect;
      rewrite ^/cloud/carddav(.*)$ /cloud/remote.php/carddav$1 redirect;
      rewrite ^/cloud/webdav(.*)$ /cloud/remote.php/webdav$1 redirect;

      rewrite ^(/cloud/core/doc/[^/]+/)$ $1/index.html;

      if ($uri !~* (?:.(?:css|js|svg|gif|png|html|ttf|woff)$|^/cloud/(?:remote|public|cron|status|ocs/v1|ocs/v2).php)){
        rewrite ^ /cloud/index.php last;
      }
    }

    location ~* ^(?!/cloud/remote.php)(?:.*).(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf|html|svg|ttf|woff)$ {
      expires 30d;
      access_log off;
    }

    location ~ .php(?:$|/) {
      include fastcgi_params;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      fastcgi_param PATH_INFO $fastcgi_path_info;
      fastcgi_pass unix:/var/run/php-fpm.sock;
      fastcgi_param HTTPS off;
      fastcgi_param modHeadersAvailable true;
      fastcgi_param front_controller_active true;
      fastcgi_intercept_errors on;
      fastcgi_request_buffering off;
    }
  }
}

-------

pkg install mariadb101-{server,client}
echo 'mysql_enable="YES"' >> /etc/rc.conf

ls -l /usr/local/share/mysql/my*.cnf
cp /usr/local/share/mysql/my-small.cnf /usr/local/etc/my.cnf

sed -i "" "s/max_allowed_packet = .*/max_allowed_packet = 32M/" /usr/local/etc/my.cnf

service mysql-server start && /usr/local/bin/mysql_secure_installation   // all yes

mysql -u root -p   // 12345678
CREATE DATABASE nextcloud CHARACTER SET utf8;
CREATE USER cloud@localhost IDENTIFIED BY '12345678';
GRANT ALL PRIVILEGES ON nextcloud.* TO cloud@localhost;
FLUSH PRIVILEGES;
QUIT;

service mysql-server restart

-------

cd /usr/local/www
pkg install ca_root_nss && fetch https://download.nextcloud.com/server/releases/nextcloud-10.0.1.zip
unzip nextcloud-10.0.1.zip
mv /usr/local/www/nextcloud/ /usr/local/www/cloud/
rm -f nextcloud-10.0.1.zip

mkdir /usr/local/www/cloud/data && chown -R www:www /usr/local/www/

-------

pkg install redis
echo 'redis_enable="YES"' >> /etc/rc.conf

sed -i "" "s/port 6379/port 0/" /usr/local/etc/redis.conf
sed -i "" "s/# unixsocket /tmp/redis.sock/unixsocket /tmp/redis.sock/" /usr/local/etc/redis.conf
sed -i "" "s/# unixsocketperm 700/unixsocketperm 777/" /usr/local/etc/redis.conf

service redis start
redis-cli -s /tmp/redis.sock   // проверка работы сокета

-------

pkg search php70
pkg install php70 mod_php70 php70-pdo_mysql php70-mysqli php70-redis php70-gd php70-curl php70-json php70-zip php70-dom php70-xmlwriter php70-xmlreader php70-xml php70-mbstring php70-ctype php70-zlib php70-simplexml php70-hash php70-fileinfo php70-posix php70-iconv php70-filter php70-openssl
echo 'php_fpm_enable="YES"' >> /etc/rc.conf

cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini && rehash

sed -i "" "s/memory_limit = .*/memory_limit = 512M/" /usr/local/etc/php.ini
sed -i "" "s/;date.timezone.*/date.timezone = UTC/" /usr/local/etc/php.ini
sed -i "" "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/" /usr/local/etc/php.ini
sed -i "" "s/upload_max_filesize = .*/upload_max_filesize = 10240M/" /usr/local/etc/php.ini
sed -i "" "s/post_max_size = .*/post_max_size = 10240M/" /usr/local/etc/php.ini

sed -i "" "s/listen = .*/listen = /var/run/php-fpm.sock/" /usr/local/etc/php-fpm.d/www.conf
sed -i "" "s/;listen.owner = www/listen.owner = www/" /usr/local/etc/php-fpm.d/www.conf
sed -i "" "s/;listen.group = www/listen.group = www/" /usr/local/etc/php-fpm.d/www.conf
sed -i "" "s/;listen.mode = 0660/listen.mode = 0660/" /usr/local/etc/php-fpm.d/www.conf

nano /usr/local/etc/php-fpm.d/www.conf   // uncomment
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp

php-fpm -t
service php-fpm start

-------

nano /usr/local/www/cloud/config/config.php
<?php
$CONFIG = array(
  'trusted_domains' => array (
    0 => '192.168.1.*',
  ),
  'datadirectory' => '/usr/local/www/cloud/data',
  'dbtype' => 'mysql',
  'defaultapp' => 'files',
  'knowledgebaseenabled' => false,
  'enable_avatars' => false,
  'allow_user_to_change_display_name' => true,
  'remember_login_cookie_lifetime' => 60*60*24*15,
  'session_lifetime' => 60 * 60 * 24,
  'session_keepalive' => true,
  'token_auth_enforced' => false,
  'auth.bruteforce.protection.enabled' => true,
  'trashbin_retention_obligation' => 'auto, 30',
  'versions_retention_obligation' => 'auto',
  'updatechecker' => false,
  'check_for_working_webdav' => true,
  'check_for_working_htaccess' => false,
  'config_is_read_only' => false,
  'memcache.local' => 'OCMemcacheRedis',
  'memcache.locking' => 'OCMemcacheRedis',
  'memcache.distributed' => 'OCMemcacheRedis',
  'redis' => array(
    'host' => '/tmp/redis.sock',
    'port' => 0,
    'timeout' => 0.0,
  ),
);

nano /usr/local/etc/php/ext-30-pdo_mysql.ini
[mysql]
mysql.allow_local_infile=On
mysql.allow_persistent=On
mysql.cache_size=2000
mysql.max_persistent=-1
mysql.max_links=-1
mysql.default_port=
mysql.default_socket=/tmp/mysql.sock
mysql.default_host=
mysql.default_user=
mysql.default_password=
mysql.connect_timeout=60
mysql.trace_mode=Off

-------

service nginx restart && service php-fpm restart

http://192.168.1.*/cloud