Ubuntu + Apache + PHP + Mariadb + Redis
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 |
# 初期セットアップ sudo apt update sudo apt upgrade -y sudo apt install build-essential pkg-config tcl unzip -y # Apacheインストール sudo apt install apache2 -y sudo systemctl restart apache2 ### mod rewrite有効化 cd /etc/apache2/mods-available sudo a2enmod rewrite ### Apache設定 sudo vim /etc/apache2/sites-available/nextcloud.conf <VirtualHost *:80> DocumentRoot /var/www/html/nextcloud/ ServerName 11.22.33.44 <Directory "/var/www/html/nextcloud/"> Require all granted AllowOverride All Options FollowSymLinks MultiViews </Directory> </VirtualHost> ## 追加設定ファイルの有効化 cd /etc/apache2/sites-available/ sudo a2ensite nextcloud sudo a2dissite 000-default sudo systemctl reload apache2 ## Apache自動起動設定 sudo systemctl enable apache2.service sudo systemctl start apache2.service # PHP ## リポジトリセット sudo add-apt-repository ppa:ondrej/php sudo add-apt-repository ppa:ondrej/apache2 ## インストール sudo apt install php7.4 php7.4-curl php7.4-dom php7.4-gd php7.4-mbstring php7.4-zip php7.4-mysql php7.4-bz2 php7.4-intl php7.4-apcu php7.4-redis php7.4-imagick php7.4-bcmath php7.4-gmp -y ## PHP設定変更 sudo sed -i "s/^max_execution_time = 30/max_execution_time = 60/" /etc/php/7.4/apache2/php.ini sudo sed -i "s/^memory_limit = 128M/memory_limit = 512M/" /etc/php/7.4/apache2/php.ini sudo sed -i "s/^session.save_handler = files/session.save_handler = redis/" /etc/php/7.4/apache2/php.ini sudo sed -i "s@^;session.save_path = \"/var/lib/php/sessions\"@session.save_path = \"tcp://localhost:6379\"@" /etc/php/7.4/apache2/php.ini # mariadbインストール sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc' sudo add-apt-repository 'deb [arch=amd64] http://mariadb.mirror.globo.tech/repo/10.5/ubuntu focal main' sudo apt install mariadb-server mariadb-client -y ## インストール sudo mysql_secure_installation ## セットアップ sudo mysql -uroot CREATE DATABASE nextcloud DEFAULT CHARACTER SET utf8mb4; CREATE USER 'nextcloud'@'localhost' IDENTIFIED BY 'nextcloud'; GRANT ALL ON nextcloud.* TO "nextcloud"@"localhost"; SHOW GRANTS FOR 'nextcloud'@'localhost'; quit; MariaDB [(none)]> SHOW GRANTS FOR 'nextcloud'@'localhost'; +------------------------------------------------------------------------------------------------------------------+ | Grants for nextcloud@localhost | +------------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO `nextcloud`@`localhost` IDENTIFIED BY PASSWORD '*622C4A896C7A2B1DEE6B6713116AFF0182BED69F' | | GRANT ALL PRIVILEGES ON `nextcloud`.* TO `nextcloud`@`localhost` | +------------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.000 sec) # redis sudo apt install -y redis-server sudo systemctl restart redis.service sudo systemctl status redis # Nextcloud本体 cd /tmp wget https://download.nextcloud.com/server/releases/nextcloud-21.0.1.tar.bz2 wget https://download.nextcloud.com/server/releases/nextcloud-21.0.1.tar.bz2.md5 md5sum -c nextcloud-21.0.1.tar.bz2.md5 < nextcloud-21.0.1.tar.bz2 tar xf nextcloud-21.0.1.tar.bz2 sudo mkdir /var/www/html/nextcloud/data sudo chown -R www-data:www-data /var/www/html/nextcloud sudo systemctl restart apache2.service |
インストール情報を入力
}]
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
# redisを使うように sudo vim /var/www/html/nextcloud/config/config.php ## 以下を追記 'default_phone_region' => 'JP', 'memcache.distributed' => '\\OC\\Memcache\\Redis', 'memcache.locking' => '\\OC\\Memcache\\Redis', 'memcache.local' => '\\OC\\Memcache\\APCu', 'redis' => array ( 'host' => 'localhost', 'port' => 6379, ), 'htaccess.RewriteBase' => '/', ## 設定更新 sudo -u www-data php /var/www/html/nextcloud/occ maintenance:update:htaccess ## 警告が出るプラグインインストール sudo apt install libmagickcore-6.q16-6-extra -y ## Apahce再起動 sudo systemctl restart apache2 |
https化させる場合
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 |
# 証明書 sudo apt install certbot python3-certbot-apache ## ServerNameを割り当てるFQDNへ変更 sudo vim /etc/apache2/sites-available/nextcloud.conf <VirtualHost *:80> DocumentRoot /var/www/html/nextcloud/ ServerName nextcloud.vamdemic.net <Directory "/var/www/html/nextcloud/"> Require all granted AllowOverride All Options FollowSymLinks MultiViews </Directory> </VirtualHost> ## コンフィグに問題ないかチェック sudo apache2ctl configtest ## 設定をリロード sudo systemctl reload apache2 ## ファイアウォールの状態を確認(443空いてなかったら開ける) sudo ufw status ## 証明書インストール sudo certbot --apache Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator apache, Installer apache Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): nextcloud.miraie-taf.net Invalid email address: nextcloud.miraie-taf.net. There seem to be problems with that address. Enter email address (used for urgent renewal and security notices) If you really want to skip this, you can run the client with --register-unsafely-without-email but make sure you then backup your account key from /etc/letsencrypt/accounts (Enter 'c' to cancel): Invalid email address: . Enter email address (used for urgent renewal and security notices) If you really want to skip this, you can run the client with --register-unsafely-without-email but make sure you then backup your account key from /etc/letsencrypt/accounts (Enter 'c' to cancel): Invalid email address: . Enter email address (used for urgent renewal and security notices) If you really want to skip this, you can run the client with --register-unsafely-without-email but make sure you then backup your account key from /etc/letsencrypt/accounts (Enter 'c' to cancel): yuta@vamdemicsystem.black - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Which names would you like to activate HTTPS for? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: nextcloud.vamdemic.net - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): 1 Obtaining a new certificate Performing the following challenges: http-01 challenge for nextcloud.miraie-taf.net Waiting for verification... Cleaning up challenges Created an SSL vhost at /etc/apache2/sites-available/nextcloud-le-ssl.conf Enabled Apache socache_shmcb module Enabled Apache ssl module Deploying Certificate to VirtualHost /etc/apache2/sites-available/nextcloud-le-ssl.conf Enabling available site: /etc/apache2/sites-available/nextcloud-le-ssl.conf Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2 Redirecting vhost in /etc/apache2/sites-enabled/nextcloud.conf to ssl vhost in /etc/apache2/sites-available/nextcloud-le-ssl.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://nextcloud.miraie-taf.net You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=nextcloud.miraie-taf.net - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/nextcloud.miraie-taf.net/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/nextcloud.miraie-taf.net/privkey.pem Your cert will expire on 2021-10-13. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le ## 自動更新デーモンの起動を確認 sudo systemctl status certbot.timer ## テスト sudo certbot renew --dry-run |