如果自己有多余的云主机,可以尝试自己搭建一套网络云盘,方便文件的存储和共享。这里推荐一个开源的产品——Nextcloud。
Nextcloud是一款开源免费的私有云存储网盘项目,可以让你快速便捷地搭建一套属于自己或团队的云同步网盘,从而实现跨平台跨设备文件同步、共享、版本控制、团队协作等功能。它的客户端覆盖了Windows、Mac、Android、iOS、Linux 等各种平台,也提供了网页端以及 WebDAV接口,所以你几乎可以在各种设备上方便地访问你的云盘。
当然,我最喜欢的一点还是官方提供了docker镜像,可以一键式部署。
在开始部署之前,确保以下环境已具备:
- 一台Linux云主机,配置不需要太高,但是硬盘空间最好大一点,毕竟是用来做网络云盘的
- 云主机安装好docker
- 公网IP、公网域名以及SSL证书
这套环境主要由一下三个组件构成:
- MariaDB(MySQL)
- Nextcloud
- Nginx
其中MariaDB为后台数据库,Nextcloud为应用程序,Nginx用于实现https中证书的卸载。三个组件均以容器的方式运行,使用docker-compose编排容器的运行。
以下是docker-compose.yaml的配置:
version: '2'
services:
db:
image: mariadb
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
restart: always
volumes:
- /nextcloud/db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=XXXXXXXXX
- MYSQL_PASSWORD=XXXXXXXXX
- MYSQL_DATABASE=XXXXXXXXX
- MYSQL_USER=XXXXXXXXX
app:
image: nextcloud
links:
- db
volumes:
- /nextcloud/app:/var/www/html
restart: always
nginx:
image: nginx:alpine
ports:
- 80:80
- 443:443
links:
- app
volumes:
- /nextcloud/nginx:/etc/nginx
restart: alwaysNginx中实现HTTPS证书卸载的配置如下:
stream {
upstream stream_backend {
server app:80;
}
server {
listen 443 ssl;
proxy_pass stream_backend;
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/cert.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 4h;
ssl_handshake_timeout 30s;
}
server {
listen 80;
proxy_pass stream_backend;
}
}HTTP到HTTPS的跳转我没有使用Nginx,而是在应用程序端也就是Nextcloud实现的,修改/nextcloud/app/config/config.php配置文件的,修改项如下:
array (
0 => 'xx.xx.xx.xx',
'www.gaohui.xyz',
),
'overwrite.cli.url' => 'https://www.gaohui.xyz',
'overwritehost' => 'www.gaohui.xyz',
'overwriteprotocol' => 'https',config.php配置文件中各配置的说明可参考通目录下config.sample.php文件。
配置完成后,浏览器输入域名就可以进到Nextcloud开始基础配置啦。同时你也可以下载iOS或者Android的客户端,手机上查看网盘内容或者使用手机上传下载文件了。
Nextcloud还提供了一个命令行管理工具occ,有时候需要用它来管理用户,例如重置密码什么的,详细可以去研究下Nextcloud的官方文档:
root@nextcloud:~# docker exec --user www-data 381 php occ
Nextcloud 18.0.3
Usage:
command [options] [arguments]
Options:
-h, --help Display this help message
-q, --quiet Do not output any message
-V, --version Display this application version
--ansi Force ANSI output
--no-ansi Disable ANSI output
-n, --no-interaction Do not ask any interactive question
--no-warnings Skip global warnings, show command output only
-v|vv|vvv, --verbose Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug
Available commands:
check check dependencies of the server environment
help Displays help for a command
list Lists commands
status show some status information
upgrade run upgrade routines after installation of a new release. The release has to be installed before.
activity
activity:send-mails Sends the activity notification mails
app
app:check-code check code to be compliant
app:disable disable an app
app:enable enable an app
app:getpath Get an absolute path to the app directory
app:install install an app
app:list List all available apps
app:remove remove an app
app:update update an app or all apps
background
background:ajax Use ajax to run background jobs
background:cron Use cron to run background jobs
background:webcron Use webcron to run background jobs
broadcast
broadcast:test test the SSE broadcaster
config
config:app:delete Delete an app config value
config:app:get Get an app config value
config:app:set Set an app config value
config:import Import a list of configs
config:list List all configs
config:system:delete Delete a system config value
config:system:get Get a system config value
config:system:set Set a system config value
dav
dav:create-addressbook Create a dav addressbook
dav:create-calendar Create a dav calendar
dav:list-calendars List all calendars of a user
dav:move-calendar Move a calendar from an user to another
dav:remove-invalid-shares Remove invalid dav shares
dav:send-event-reminders Sends event reminders
dav:sync-birthday-calendar Synchronizes the birthday calendar
dav:sync-system-addressbook Synchronizes users to the system addressbook
db
db:add-missing-indices Add missing indices to the database tables
db:convert-filecache-bigint Convert the ID columns of the filecache to BigInt
db:convert-mysql-charset Convert charset of MySQL/MariaDB to use utf8mb4
db:convert-type Convert the Nextcloud database to the newly configured one
encryption
encryption:change-key-storage-root Change key storage root
encryption:decrypt-all Disable server-side encryption and decrypt all files
encryption:disable Disable encryption
encryption:enable Enable encryption
encryption:encrypt-all Encrypt all files for all users
encryption:list-modules List all available encryption modules
encryption:set-default-module Set the encryption default module
encryption:show-key-storage-root Show current key storage root
encryption:status Lists the current status of encryption
federation
federation:sync-addressbooks Synchronizes addressbooks of all federated clouds
files
files:cleanup cleanup filecache
files:recommendations:recommend
files:scan rescan filesystem
files:scan-app-data rescan the AppData folder
files:transfer-ownership All files and folders are moved to another user - shares are moved as well.
group
group:add Add a group
group:adduser add a user to a group
group:delete Remove a group
group:list list configured groups
group:removeuser remove a user from a group
integrity
integrity:check-app Check integrity of an app using a signature.
integrity:check-core Check integrity of core code using a signature.
integrity:sign-app Signs an app using a private key.
integrity:sign-core Sign core using a private key.
l10n
l10n:createjs Create javascript translation files for a given app
log
log:file manipulate logging backend
log:manage manage logging configuration
log:tail Tail the nextcloud logfile
log:watch Watch the nextcloud logfile
maintenance
maintenance:data-fingerprint update the systems data-fingerprint after a backup is restored
maintenance:mimetype:update-db Update database mimetypes and update filecache
maintenance:mimetype:update-js Update mimetypelist.js
maintenance:mode set maintenance mode
maintenance:repair repair this installation
maintenance:theme:update Apply custom theme changes
maintenance:update:htaccess Updates the .htaccess file
migrations
migrations:execute Execute a single migration version manually.
migrations:generate
migrations:generate-from-schema
migrations:migrate Execute a migration to a specified version or the latest available version.
migrations:status View the status of a set of migrations.
notification
notification:generate Generate a notification for the given user
security
security:certificates list trusted certificates
security:certificates:import import trusted certificate
security:certificates:remove remove trusted certificate
sharing
sharing:cleanup-remote-storages Cleanup shared storage entries that have no matching entry in the shares_external table
sharing:expiration-notification Notify share initiators when a share will expire the next day.
text
text:reset Reset a text document
trashbin
trashbin:cleanup Remove deleted files
trashbin:expire Expires the users trashbin
twofactorauth
twofactorauth:cleanup Clean up the two-factor user-provider association of an uninstalled/removed provider
twofactorauth:disable Disable two-factor authentication for a user
twofactorauth:enable Enable two-factor authentication for a user
twofactorauth:enforce Enabled/disable enforced two-factor authentication
twofactorauth:state Get the two-factor authentication (2FA) state of a user
update
update:check Check for server and app updates
user
user:add adds a user
user:delete deletes the specified user
user:disable disables the specified user
user:enable enables the specified user
user:info show user info
user:lastseen shows when the user was logged in last time
user:list list configured users
user:report shows how many users have access
user:resetpassword Resets the password of the named user
user:setting Read and modify user settings
versions
versions:cleanup Delete versions
versions:expire Expires the users file versions
workflows
workflows:list Lists configured workflows
最终效果图如下:
