今天自行架設了一台 NextCloud，使用的是 docker 方式來搭建，過程很快大概一個小時就建立好了，將架設的過程記錄一下，大家可以參考看看。

NextCloud 主機環境

• OS：CentOS
• CPU：雙核
• RAM：8G
• HDD：800G

NextCloud 介紹

NextCloud – 自有私有雲介紹

一、CentOS主機安裝

使用 Docker 快速安裝

• 先進行 yum -y update 進行套件更新
• 安裝常用工具 yum -y install git vim

[root@localhost ~]$ yum -y update
Loaded plugins: fastestmirror
Determining fastest mirrors
 * base: mirror01.idc.hinet.net
 * extras: mirror01.idc.hinet.net
 * updates: mirror01.idc.hinet.net
base                                                   | 3.6 kB  00:00:00
extras                                                 | 2.9 kB  00:00:00
updates                                                | 2.9 kB  00:00:00
(1/4): base/7/x86_64/group_gz                          | 153 kB  00:00:00
(2/4): extras/7/x86_64/primary_db                      | 243 kB  00:00:00
(3/4): base/7/x86_64/primary_db                        | 6.1 MB  00:00:01
(4/4): updates/7/x86_64/primary_db                     |  11 MB  00:00:01
Resolving Dependencies
//-------------(略)-------------//
  util-linux.x86_64 0:2.23.2-65.el7_9.1                                                       
  vim-minimal.x86_64 2:7.4.629-8.el7_9                                                        
  virt-what.x86_64 0:1.18-4.el7_9.1                                                           
  wpa_supplicant.x86_64 1:2.6-12.el7_9.2                                                      
  zlib.x86_64 0:1.2.7-19.el7_9                                                                

Complete!

[root@localhost ~]$yum -y install git vim
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror01.idc.hinet.net
 * extras: mirror01.idc.hinet.net
 * updates: mirror01.idc.hinet.net
Resolving Dependencies
--> Running transaction check
//-------------(略)-------------//
  perl-TermReadKey.x86_64 0:2.30-20.el7                                          
  perl-Text-ParseWords.noarch 0:3.29-4.el7                                       
  perl-Time-HiRes.x86_64 4:1.9725-3.el7                                          
  perl-Time-Local.noarch 0:1.2300-2.el7                                          
  perl-constant.noarch 0:1.27-2.el7                                              
  perl-libs.x86_64 4:5.16.3-299.el7_9                                            
  perl-macros.x86_64 4:5.16.3-299.el7_9                                          
  perl-parent.noarch 1:0.225-244.el7                                             
  perl-podlators.noarch 0:2.5.1-3.el7                                            
  perl-threads.x86_64 0:1.87-4.el7                                               
  perl-threads-shared.x86_64 0:1.43-6.el7                                        
  rsync.x86_64 0:3.1.2-10.el7                                                    
  vim-common.x86_64 2:7.4.629-8.el7_9                                            
  vim-filesystem.x86_64 2:7.4.629-8.el7_9                                        

Complete!

安裝 docker & docker-compose

• 安裝 curl -fsSL https://get.docker.com/ | sh
  
• 安裝 sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
  
• 加入執行權限：chmod +x /usr/local/bin/docker-compose

[root@localhost ~]$ curl -fsSL https://get.docker.com/ | sh
# Executing docker install script, commit: 93d2499759296ac1f9c510605fef85052a2c32be
+ sh -c 'yum install -y -q yum-utils'
+ sh -c 'yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo'
Loaded plugins: fastestmirror
adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
+ '[' stable '!=' stable ']'
+ sh -c 'yum makecache'
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror01.idc.hinet.net
 * extras: mirror01.idc.hinet.net
 * updates: mirror01.idc.hinet.net
base                                                      | 3.6 kB  00:00:00     
docker-ce-stable                                          | 3.5 kB  00:00:00     
extras                                                    | 2.9 kB  00:00:00     
updates                                                   | 2.9 kB  00:00:00     
(1/10): docker-ce-stable/7/x86_64/filelists_db            |  27 kB  00:00:00     
(2/10): docker-ce-stable/7/x86_64/primary_db              |  63 kB  00:00:00     
(3/10): docker-ce-stable/7/x86_64/other_db                | 120 kB  00:00:00     
(4/10): extras/7/x86_64/filelists_db                      | 259 kB  00:00:00     
(5/10): extras/7/x86_64/other_db                          | 145 kB  00:00:00     
(6/10): updates/7/x86_64/other_db                         | 765 kB  00:00:00     
(7/10): docker-ce-stable/7/x86_64/updateinfo              |   55 B  00:00:00     
(8/10): base/7/x86_64/other_db                            | 2.6 MB  00:00:00     
(9/10): updates/7/x86_64/filelists_db                     | 6.1 MB  00:00:01     
(10/10): base/7/x86_64/filelists_db                       | 7.2 MB  00:00:01     
Metadata Cache Created
+ '[' -n '' ']'
+ sh -c 'yum install -y -q docker-ce'
warning: /var/cache/yum/x86_64/7/docker-ce-stable/packages/docker-ce-20.10.8-3.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Public key for docker-ce-20.10.8-3.el7.x86_64.rpm is not installed
Importing GPG key 0x621E9F35:
 Userid     : "Docker Release (CE rpm) <docker@docker.com>"
 Fingerprint: 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35
 From       : https://download.docker.com/linux/centos/gpg
+ version_gte 20.10
+ '[' -z '' ']'
+ return 0
+ sh -c 'yum install -y -q docker-ce-rootless-extras'
Package docker-ce-rootless-extras-20.10.8-3.el7.x86_64 already installed and latest version

================================================================================

To run Docker as a non-privileged user, consider setting up the
Docker daemon in rootless mode for your user:

    dockerd-rootless-setuptool.sh install

Visit https://docs.docker.com/go/rootless/ to learn about rootless mode.


To run the Docker daemon as a fully privileged service, but granting non-root
users access, refer to https://docs.docker.com/go/daemon-access/

WARNING: Access to the remote API on a privileged Docker daemon is equivalent
         to root access on the host. Refer to the 'Docker daemon attack surface'
         documentation for details: https://docs.docker.com/go/attack-surface/

================================================================================

[root@localhost ~]$ sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   633  100   633    0     0   1368      0 --:--:-- --:--:-- --:--:--  1370
100 12.1M  100 12.1M    0     0  5721k      0  0:00:02  0:00:02 --:--:--  9.8M

[root@localhost ~]$ chmod +x /usr/local/bin/docker-compose

[root@localhost ~]$ docker-compose -v
docker-compose version 1.29.2, build 5becea4c

啟動 Docker 服務及設定

• 啟動 Docker： service docker start
• 將 Docker 加入至開機服務： chkconfig docker on

[root@localhost ~]$ service docker start
Redirecting to /bin/systemctl start docker.service

[root@localhost ~]$ service docker status
Redirecting to /bin/systemctl status docker.service
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   Active: active (running) since 六 2021-09-11 12:25:36 CST; 13s ago
     Docs: https://docs.docker.com
 Main PID: 56863 (dockerd)
    Tasks: 8
   Memory: 31.9M
   CGroup: /system.slice/docker.service
           └─56863 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/cont...

 9月 11 12:25:36 82-nextcloud dockerd[56863]: time="2021-09-11T12:25:36.3401...c
 9月 11 12:25:36 82-nextcloud dockerd[56863]: time="2021-09-11T12:25:36.3401...c
 9月 11 12:25:36 82-nextcloud dockerd[56863]: time="2021-09-11T12:25:36.3639..."
 9月 11 12:25:36 82-nextcloud dockerd[56863]: time="2021-09-11T12:25:36.6230..."
 9月 11 12:25:36 82-nextcloud dockerd[56863]: time="2021-09-11T12:25:36.7032..."
 9月 11 12:25:36 82-nextcloud dockerd[56863]: time="2021-09-11T12:25:36.7500..."
 9月 11 12:25:36 82-nextcloud dockerd[56863]: time="2021-09-11T12:25:36.7643...8
 9月 11 12:25:36 82-nextcloud dockerd[56863]: time="2021-09-11T12:25:36.7644..."
 9月 11 12:25:36 82-nextcloud systemd[1]: Started Docker Application Contain....
 9月 11 12:25:36 82-nextcloud dockerd[56863]: time="2021-09-11T12:25:36.7765..."
Hint: Some lines were ellipsized, use -l to show in full.

[root@localhost ~]$ chkconfig docker on
注意：正在轉送請求至「systemctl enable docker.service」。
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.

[root@localhost ~]$ docker -v
Docker version 20.10.8, build 3967b7d

關閉 selinux

• 手動執行關閉 selinux：setenforce 0
• 修改 selinux config 檔：vim /etc/selinux/config

[root@localhost ~]$ setenforce 0
[root@localhost ~]$ vim /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled

:wq

使用 docker pull 下載 mysql & nextcloud

• 進行 images 下載
• 執行 docker pull mysql:latest
• 執行 docker pull nextcloud

[root@localhost ~]$ docker pull mysql:latest
latest: Pulling from library/mysql
a330b6cecb98: Pull complete 
9c8f656c32b8: Pull complete 
88e473c3f553: Pull complete 
062463ea5d2f: Pull complete 
daf7e3bdf4b6: Pull complete 
1839c0b7aac9: Pull complete 
cf0a0cfee6d0: Pull complete 
1b42041bb11e: Pull complete 
10459d86c7e6: Pull complete 
b7199599d5f9: Pull complete 
1d6f51e17d45: Pull complete 
50e0789bacad: Pull complete 
Digest: sha256:99e0989e7e3797cfbdb8d51a19d32c8d286dd8862794d01a547651a896bcf00c
Status: Downloaded newer image for mysql:latest
docker.io/library/mysql:latest

[root@localhost ~]$ docker pull nextcloud
Using default tag: latest
latest: Pulling from library/nextcloud
99046ad9247f: Pull complete 
3875fa64ab1e: Pull complete 
e9329a8f553a: Pull complete 
9bb327f9b0a4: Pull complete 
051b56f0e6a3: Pull complete 
da02d3111b48: Pull complete 
98ca514d99e4: Pull complete 
a4ff74d025cd: Pull complete 
d094ddd610df: Pull complete 
8adafae068ec: Pull complete 
70fd73853886: Pull complete 
23a25cfceae7: Pull complete 
df2efaa2c941: Pull complete 
a3057a184756: Pull complete 
3d71491f2ea2: Pull complete 
6164fe9a1ff1: Pull complete 
5025772d3c9a: Pull complete 
4e5ba9e839cf: Pull complete 
d6cfd3085738: Pull complete 
4689d3b9389b: Pull complete 
Digest: sha256:99d94124b2024c9f7f38dc12144a92bc0d68d110bcfd374169ebb7e8df0adf8e
Status: Downloaded newer image for nextcloud:latest
docker.io/library/nextcloud:latest

使用 docker run 啟用 mysql

• 安裝 MySQL：
  docker run -p 3306:3306 --name mysql --restart="always" -v /usr/local/mysql/conf:/etc/mysql/conf.d -v /usr/local/mysql/logs:/logs -v /usr/local/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=password -d mysql
  
• 建立 root 權限：
  grant all PRIVILEGES on . to root@'%' WITH GRANT OPTION;
ALTER USER 'root'@'%' IDENTIFIED BY 'password' PASSWORD EXPIRE NEVER;
ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY 'password';
FLUSH PRIVILEGES;
  
• 建立 nextcloud 資料庫：Create database nextcloud;

自行定議密碼：password

[root@localhost ~]$ docker run -p 3306:3306 --name mysql --restart="always" -v /usr/local/mysql/conf:/etc/mysql/conf.d -v /usr/local/mysql/logs:/logs -v /usr/local/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=password -d mysql

[root@localhost ~]$ docker exec -it mysql bash
root@c7dac2091985:/# mysql -uroot -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 8
Server version: 8.0.26 MySQL Community Server - GPL

Copyright (c) 2000, 2021, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> grant all PRIVILEGES on *.* to root@'%' WITH GRANT OPTION;
Query OK, 0 rows affected (0.00 sec)

mysql> ALTER USER 'root'@'%' IDENTIFIED BY 'password' PASSWORD EXPIRE NEVER;
Query OK, 0 rows affected (0.01 sec)

mysql> ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY 'password';
Query OK, 0 rows affected (0.00 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

mysql> Create database nextcloud;
Query OK, 1 row affected (0.01 sec)

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| nextcloud          |
| performance_schema |
| sys                |
+--------------------+
5 rows in set (0.00 sec)

mysql> exit
Bye
root@c7dac2091985:/# exit
exit

使用 docker run 啟用 nextcloud

• 安裝 NextCloud：
  docker run -d -v /root/nextcloud/html:/var/www/html -v /root/nextcloud/apps:/var/www/html/custom_apps -v /root/nextcloud/config:/var/www/html/config -v /root/nextcloud/nextcloud/data:/var/www/html/data -v /root/nextcloud/themes:/var/www/html/themes -p 80:80 --name nextcloud --restart="always" nextcloud

[root@localhost ~]$ docker run -d -v /root/nextcloud/html:/var/www/html -v /root/nextcloud/apps:/var/www/html/custom_apps -v /root/nextcloud/config:/var/www/html/config -v /root/nextcloud/nextcloud/data:/var/www/html/data -v /root/nextcloud/themes:/var/www/html/themes  -p 80:80   --name nextcloud --restart="always" nextcloud
9b08026c104a2529001bc33e6d5dbd6a82c186ddf8fed465beb47215bc8c2cba

[root@localhost ~]$ docker ps -a
CONTAINER ID   IMAGE       COMMAND                  CREATED          STATUS          PORTS                                                  NAMES
9b08026c104a   nextcloud   "/entrypoint.sh apac…"   21 seconds ago   Up 21 seconds   0.0.0.0:80->80/tcp, :::80->80/tcp                      nextcloud
c7dac2091985   mysql       "docker-entrypoint.s…"   3 minutes ago    Up 3 minutes    0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp   mysql

二、進行頁面 NextCloud install 流程

透過瀏覽器進入至安裝頁面：http://192.168.50.82 (你主機的 IP 或 Domain Name)

首次起用安裝頁面

進行管理者資料輸入，建立管理者帳號

輸入完成後，點擊「完成設定」

系統進行工具安裝

完成畫面

三、Domain Name 設定

在 /root/nextcloud/config/config.php 裡有個設定，需要將你的域名加入，不然會跳出不可接受的請求來源

[root@localhost ~]$ vim /root/nextcloud/config/config.php
'trusted_domains' =>
  array (
    0 => '192.168.50.80',
    1 => 'nextcloud.demo.cc',
  ),