差分

この文書の現在のバージョンと選択したバージョンの差分を表示します。

この比較画面にリンクする

次のリビジョン
前のリビジョン
vps:040-110nextcloud [2017/09/25 13:31]
admin 作成
vps:040-110nextcloud [2017/09/25 13:47] (現在)
admin
ライン 1: ライン 1:
 ======NextCloud(Docker)====== ======NextCloud(Docker)======
 +
 +=====DockerでNextCloudを準備=====
 +参考
 +http://​denor.daa.jp/​docker-for-windows%E3%81%A7nextcloud%E3%82%B5%E3%83%BC%E3%83%90%E6%A7%8B%E7%AF%89
 +
 +=====作業フォルダ準備=====
 +# cd /​var/​nextcloud
 +
 +=====証明書の作成=====
 +<​file>​
 +# mkdir certs
 +# cd certs
 +# openssl req -new -x509 -nodes -out server.crt -keyout server.key
 +</​file>​
 +
 +=====docker-compose.yml=====
 +# vi docker-compose.yml
 +<​file>​
 +version: '​2'​
 +networks:
 +  lb_web:
 +    external: true
 +  back:
 +    driver: bridge
 +services:
 +  web:
 +    image: nginx
 +    volumes:
 +      - ./​nginx.conf:/​etc/​nginx/​nginx.conf:​ro
 +      # add certs
 +      - ./​certs:/​etc/​nginx/​certs:​ro
 +    links:
 +      - app
 +    volumes_from:​
 +      - app
 +    environment:​
 +      - VIRTUAL_HOST
 +    networks:
 +      - back
 +      - lb_web
 +    # add ports
 +    ports:
 +      - 80:80
 +      - 443:443
 +  app:
 +    image: nextcloud:​12-fpm
 +    links:
 +      - db
 +    volumes:
 +      - ./​data/​apps:/​var/​www/​html/​apps
 +      - ./​data/​config:/​var/​www/​html/​config
 +      - ./​data/​data:/​var/​www/​html/​data
 +    networks:
 +    - back
 +  db:
 +    image: mysql
 +    volumes:
 +      - ./​mysql/​runtime:/​var/​lib/​mysql
 +    environment:​
 +      # - MYSQL_ROOT_PASSWORD
 +      MYSQL_ROOT_PASSWORD:​ XXXXXXXX
 +    networks:
 +    - back
 +  cron:
 +    image: nextcloud:​12-fpm
 +    links:
 +      - db
 +    volumes_from:​
 +      - app
 +    user: www-data
 +    entrypoint: |
 +      bash -c 'bash -s <<EOF
 +      trap "​break;​exit"​ SIGHUP SIGINT SIGTERM
 +      while /bin/true; do
 +        /​usr/​local/​bin/​php /​var/​www/​html/​cron.php
 +        sleep 900
 +      done
 +      EOF'
 +    networks:
 +    - back
 +</​file>​
 +
 +=====nginx.conf=====
 +# vi nginx.conf
 +<​file>​
 +user www-data;
 +
 +events {
 +  worker_connections 768;
 +}
 +
 +http {
 +  upstream backend {
 +      server app:9000;
 +  }
 +  include /​etc/​nginx/​mime.types;​
 +  default_type application/​octet-stream;​
 +
 +  server {
 +    listen 80;
 +    listen 443 ssl;
 +    ssl_certificate /​etc/​nginx/​certs/​server.crt;​
 +    ssl_certificate_key /​etc/​nginx/​certs/​server.key;​
 +
 +    # Add headers to serve security related headers
 +    add_header X-Content-Type-Options nosniff;
 +    add_header X-Frame-Options "​SAMEORIGIN";​
 +    add_header X-XSS-Protection "1; mode=block";​
 +    add_header X-Robots-Tag none;
 +    add_header X-Download-Options noopen;
 +    add_header X-Permitted-Cross-Domain-Policies none;
 +
 +    root /​var/​www/​html;​
 +
 +    location = /robots.txt {
 +      allow all;
 +      log_not_found off;
 +      access_log off;
 +    }
 +
 +    location = /​.well-known/​carddav {
 +      return 301 $scheme://​$host/​remote.php/​dav;​
 +    }
 +    location = /​.well-known/​caldav {
 +      return 301 $scheme://​$host/​remote.php/​dav;​
 +    }
 +
 +    client_max_body_size 1G;
 +    fastcgi_buffers 64 4K;
 +
 +    gzip off;
 +
 +    index index.php;
 +    error_page 403 /​core/​templates/​403.php;​
 +    error_page 404 /​core/​templates/​404.php;​
 +
 +    location / {
 +        rewrite ^ /​index.php$uri;​
 +    }
 +
 +    location ~ ^/​(?:​build|tests|config|lib|3rdparty|templates|data)/​ {
 +        deny all;
 +    }
 +    location ~ ^/​(?:​\.|autotest|occ|issue|indie|db_|console) {
 +        deny all;
 +    }
 +
 +    location ~ ^/​(?:​index|remote|public|cron|core/​ajax/​update|status|ocs/​v[12]|updater/​.+|ocs-provider/​.+|core/​templates/​40[34])\.php(?:​$|/​) {
 +        include fastcgi_params;​
 +        fastcgi_split_path_info ^(.+\.php)(/​.*)$;​
 +        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;​
 +        fastcgi_param PATH_INFO $fastcgi_path_info;​
 +        fastcgi_param HTTPS on;
 +        #Avoid sending the security headers twice
 +        fastcgi_param modHeadersAvailable true;
 +        fastcgi_param front_controller_active true;
 +        fastcgi_pass backend;
 +        fastcgi_intercept_errors on;
 +        fastcgi_request_buffering off;
 +    }
 +
 +    location ~ ^/​(?:​updater|ocs-provider)(?:​$|/​) {
 +        try_files $uri/ =404;
 +        index index.php;
 +    }
 +
 +    # Adding the cache control header for js and css files
 +    # Make sure it is BELOW the PHP block
 +    location ~* \.(?:​css|js)$ {
 +        try_files $uri /​index.php$uri$is_args$args;​
 +        add_header Cache-Control "​public,​ max-age=7200";​
 +                # Add headers to serve security related headers (It is intended to
 +        # have those duplicated to the ones above)
 +        # Before enabling Strict-Transport-Security headers please read into
 +        # this topic first.
 +        # add_header Strict-Transport-Security "​max-age=15768000;​
 +        #  includeSubDomains;​ preload;";​
 +        add_header X-Content-Type-Options nosniff;
 +        add_header X-Frame-Options "​SAMEORIGIN";​
 +        add_header X-XSS-Protection "1; mode=block";​
 +        add_header X-Robots-Tag none;
 +        add_header X-Download-Options noopen;
 +        add_header X-Permitted-Cross-Domain-Policies none;
 +        # Optional: Don't log access to assets
 +        access_log off;
 +    }
 +
 +    location ~* \.(?:​svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
 +        try_files $uri /​index.php$uri$is_args$args;​
 +        # Optional: Don't log access to other assets
 +        access_log off;
 +    }
 +  }
 +}
 +</​file>​
 +
 +=====Dockerでネットワークの作成=====
 +<​file>​
 +# docker network create lb_web
 +</​file>​
 +
 +=====起動=====
 +<​file>​
 +# docker-compose up -d
 +</​file>​
 +
 +=====起動確認=====
 +<​file>​
 +# docker-compose ps
 +</​file>​
vps/040-110nextcloud.1506346265.txt.gz · 最終更新: 2017/09/25 13:31 by admin
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0