ブログ
これまでに経験してきたプロジェクトで気になる技術の情報を紹介していきます。
CentOS7にNextCloudを導入する
Ryuichirou
5 years
NextCloudはDropBoxやOneDriveのようなクラウド上のファイル共有のオープンソース版になります。 このような分野にはowncloudが使われてきたのですが、徐々に終息しており代りにNextCloudが使われるようになってきました。 ここでは、CentOS7にNextCloudを導入する手順を公開します。 クライアントはWindowsやAndroid、ubuntuでも使えますので一度導入されることをお勧めします。 日本語版(Qiita) https://qiita.com/S_Katz/items/bc0e368cc13d854ba9c7 ほぼほぼNextcloud公式ドキュメントにのっている内容です。これに基づいて進めていきます。(英語の公式版インストールマニュアル) https://docs.nextcloud.com/server/15/admin_manual/installation/source_installation.html#example-installation-on-centos-7-server ①インストール作業に必要なパッケージをインストールします。 yum install -y epel-release yum-utils unzip curl wget bash-completion ②システムを最新状態にアップデートします。 yum -y update ③Webサーバ(Apache)をインストールします。 yum install -y httpd ④Apacheの追加設定ファイルを作成します。 vi /etc/httpd/conf.d/nextcloud.conf (内容)DocumentRoot /var/www/html/ ServerName 192.168.xxx.yyy ⑤Apacheを自動起動するように設定し、Apacheを起動します。 systemctl enable httpd.service systemctl start httpd.service systemctl status httpd.service ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled) Active: active (running) since 土 2019-02-09 10:55:11 UTC; 9s ago Docs: man:httpd(8) man:apachectl(8) Main PID: 14165 (httpd) Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec" CGroup: /system.slice/httpd.service ├─14165 /usr/sbin/httpd -DFOREGROUND ├─14166 /usr/sbin/httpd -DFOREGROUND ├─14167 /usr/sbin/httpd -DFOREGROUND ├─14168 /usr/sbin/httpd -DFOREGROUND ├─14169 /usr/sbin/httpd -DFOREGROUND └─14170 /usr/sbin/httpd -DFOREGROUND ⑥Nextcloudの動作に必要なPHPモジュールをインストールします。 rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm yum install -y php72w php72w-cli php72w-common php72w-curl php72w-gd php72w-mbstring \ php72w-mysqlnd php72w-process php72w-xml \ php72w-zip php72w-opcache php72w-pecl-apcu php72w-intl php72w-pecl-redis yum -y install bzip2 ⑦Nextcloudパッケージ本体とチェックサムファイル(Nextcloudパッケージ本体が正しくダウンロードされて いるかをチェックするためのファイル)をダウンロードします。 wget https://download.nextcloud.com/server/releases/nextcloud-15.0.4.tar.bz2 wget https://download.nextcloud.com/server/releases/nextcloud-15.0.4.tar.bz2.md5 ⑧チェックサムファイルを利用してNextcloudパッケージが正しくダウンロードされているか確認します。 md5sum -c nextcloud-15.0.4.tar.bz2.md5 < nextcloud-15.0.4.tar.bz2 (結果) nextcloud-15.0.4.tar.bz2: 完了 ⑨ダウンロードしたNextcloudパッケージを展開します。 tar xf nextcloud-15.0.4.tar.bz2 ⑩展開したNextcloudをWebサーバのドキュメントルートにコピーします。 cp -R nextcloud/ /var/www/html/ ⑪Nextcloudのデータディレクトリを作成します。 mkdir /var/www/html/nextcloud/data ⑫Nextcloudのディレクトリ全体で読み書きができるように所有者情報を変更します。 chown -R apache:apache /var/www/html/nextcloud ⑬Apacheを再起動します。 systemctl restart httpd.service systemctl status httpd.service ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled) Active: active (running) since 土 2019-02-09 11:03:50 UTC; 10s ago Docs: man:httpd(8) man:apachectl(8) Process: 14288 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS) Main PID: 14292 (httpd) Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec" CGroup: /system.slice/httpd.service ├─14292 /usr/sbin/httpd -DFOREGROUND ├─14293 /usr/sbin/httpd -DFOREGROUND ├─14294 /usr/sbin/httpd -DFOREGROUND ├─14295 /usr/sbin/httpd -DFOREGROUND ├─14296 /usr/sbin/httpd -DFOREGROUND └─14297 /usr/sbin/httpd -DFOREGROUND ⑭データベース(MariaDB)をインストールします。 yum install -y mariadb mariadb-server ⑮MariaDBを自動起動するように設定し、MariaDBを起動します。 systemctl enable mariadb.service systemctl start mariadb.service systemctl status mariadb.service ● mariadb.service - MariaDB database server Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled) Active: active (running) since 土 2019-02-09 11:11:53 UTC; 11s ago Process: 14483 ExecStartPost=/usr/libexec/mariadb-wait-ready $MAINPID (code=exited, status=0/SUCCESS) Process: 14404 ExecStartPre=/usr/libexec/mariadb-prepare-db-dir %n (code=exited, status=0/SUCCESS) Main PID: 14482 (mysqld_safe) CGroup: /system.slice/mariadb.service ├─14482 /bin/sh /usr/bin/mysqld_safe --basedir=/usr └─14645 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mys... ⑯MariaDBの基本セットアップを行います。 いくつか質問されますが New password:、Re-enter new password:で rootユーザのパスワードを設定する以外は全て[Enter]キーを押しておきます。 mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password ensures that nobody can log into the MariaDB root user without the proper authorisation. Set root password? [Y/n] New password:Require all granted AllowOverride All Options FollowSymLinks MultiViews Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] ... Success! By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB! ⑰MariaDBで扱う文字コードの設定をするため、MariaDB設定ファイルを編集します。 cp -pi /etc/my.cnf.d/server.cnf{,.yyyymmdd} vi /etc/my.cnf.d/server.cnf [mariadb] セキュションに以下の1行を追加 character-set-server = utf8mb4 また [client] と [client-mariadb] を以下のようにまるごと追加 [client] # This group is not read by mysql client library, # If you use the same .cnf file for MySQL and MariaDB, # use it for MariaDB-only client options [client-mariadb] default-character-set = utf8mb4 ⑱設定を反映させるためにMariaDBを再起動します。 systemctl restart mariadb systemctl status mariadb ● mariadb.service - MariaDB database server Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled) Active: active (running) since 土 2019-02-09 11:37:54 UTC; 16s ago Process: 24927 ExecStartPost=/usr/libexec/mariadb-wait-ready $MAINPID (code=exited, status=0/SUCCESS) Process: 24894 ExecStartPre=/usr/libexec/mariadb-prepare-db-dir %n (code=exited, status=0/SUCCESS) Main PID: 24926 (mysqld_safe) CGroup: /system.slice/mariadb.service ├─24926 /bin/sh /usr/bin/mysqld_safe --basedir=/usr └─25101 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mys... ⑲MariaDBコンソールに接続し、文字コードの設定がutf8mb4になっていることを確認します。 mysql -u root -p******** Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 2 Server version: 5.5.60-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. キャラクターセットの確認 MariaDB [(none)]> show variables like "chara%"; +--------------------------+----------------------------+ | Variable_name | Value | +--------------------------+----------------------------+ | character_set_client | utf8mb4 | | character_set_connection | utf8mb4 | | character_set_database | utf8mb4 | | character_set_filesystem | binary | | character_set_results | utf8mb4 | | character_set_server | utf8mb4 | | character_set_system | utf8 | | character_sets_dir | /usr/share/mysql/charsets/ | +--------------------------+----------------------------+ 8 rows in set (0.00 sec) ⑳MariaDBコンソールを使い、引き続きNextcloudで使用するユーザ、データベース、権限の追加をします。 ここではそれぞれ以下のとおり設定します。 - ユーザ: nextcloud - データベース名: nextcloud MariaDB [(none)]> CREATE DATABASE nextcloud DEFAULT CHARACTER SET utf8mb4; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> CREATE USER 'nextcloud'@'localhost' IDENTIFIED BY '********'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> GRANT ALL ON nextcloud.* TO nextcloud; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> SHOW GRANTS FOR 'nextcloud'@'%'; +----------------------------------------------------------+ | Grants for nextcloud@% | +----------------------------------------------------------+ | GRANT USAGE ON *.* TO 'nextcloud'@'%' | | GRANT ALL PRIVILEGES ON `nextcloud`.* TO 'nextcloud'@'%' | +----------------------------------------------------------+ 2 rows in set (0.00 sec) MariaDB [(none)]> quit; Bye これで、NextCloudをインストールする環境は出来上がりました。 ここからは実際にNextCloudをWebからインストールする手順を説明します。 ①ブラウザで http://(サイト名)/nextcloud にアクセスします。下のような画面が出ればOKです。この画面で「ストレージとデータベース」をクリックします。 Nextcloudの管理者向けのユーザー名、パスワードを決めて入力します。 さらに、「データベースを設定してください」で「MySQL/MariaDB」をクリックするとデータベース関連の 設定入力フォームが現れるので、以下のとおり設定値を入力します。 admin Nextcloudpwd1! データベースのユーザ名: nextcloud データベースのパスワード: ******** データベース名: nextcloud データベースのホスト名: localhost ②ssl化するためにssl関連モジュールをインストール yum install -y --enablerepo=epel certbot certbot-apache mod_ssl ③自己証明書の作成 [root@cloudsrv ~]# certbot run --apache -d cloudsrv.aska-ltd.jp Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator apache, Installer apache Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): munetika@aska-ltd.jp Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: a - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: y Starting new HTTPS connection (1): supporters.eff.org Obtaining a new certificate Performing the following challenges: http-01 challenge for cloudsrv.aska-ltd.jp Waiting for verification... Cleaning up challenges Failed authorization procedure. cloudsrv.aska-ltd.jp (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: dns :: DNS problem: NXDOMAIN looking up A for cloudsrv.aska-ltd.jp IMPORTANT NOTES: - The following errors were reported by the server: Domain: cloudsrv.aska-ltd.jp Type: connection Detail: dns :: DNS problem: NXDOMAIN looking up A for cloudsrv.aska-ltd.jp To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. ③.htaccessの修正 vi /var/www/html/nextcloud/.htaccess RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] を追加と に追加
CentOS7にNextCloudを導入する
CentOS7にNextCloudを導入する
2019-06-17 03:46:25
2021-08-24 12:31:47
コメントはありません。